2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1796.086822] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.096287] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.104413] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.112597] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.120759] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.128908] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.137068] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.151875] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.160061] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.168237] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.176352] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.176434] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1796.183524]         reason=80000021 qualification=0000000000000000
[ 1796.189596] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.204081] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.212283] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.220438] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1796.228174] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.230247] IDTVectoring: info=00000000 errcode=00000000
03:48:34 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1796.236549] Interruptibility = 00000000  ActivityState = 00000000
[ 1796.248295] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1796.254924] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1796.262639] *** Host State ***
[ 1796.266056] RIP = 0xffffffff811fa113  RSP = 0xffff880180bb7390
[ 1796.272242] Interruptibility = 00000000  ActivityState = 00000000
[ 1796.279471] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1796.286190] *** Host State ***
[ 1796.289603] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1796.299182] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.301773] RIP = 0xffffffff811fa113  RSP = 0xffff880183ce7390
[ 1796.308413] TSC Offset = 0xfffffc3c66d03e78
[ 1796.320402] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1796.327077] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1796.333170] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1796.336552] TPR Threshold = 0x00
[ 1796.344547] CR0=0000000080050033 CR3=00000001c46a1000 CR4=00000000001426e0
[ 1796.351898] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.352331] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1796.360280] EPT pointer = 0x000000017daa001e
[ 1796.366814] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1796.366824] CR0=0000000080050033 CR3=00000001d590a000 CR4=00000000001426e0
[ 1796.366834] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1796.366841] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1796.366843] *** Control State ***
[ 1796.366848] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1796.366851] EntryControls=0000d1ff ExitControls=002fefff
[ 1796.366859] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1796.366863] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.366868] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.366872]         reason=80000021 qualification=0000000000000000
03:48:34 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1796.366876] IDTVectoring: info=00000000 errcode=00000000
[ 1796.366879] TSC Offset = 0xfffffc3c39bad333
[ 1796.366882] TPR Threshold = 0x00
[ 1796.366886] EPT pointer = 0x00000001d114a01e
[ 1796.367103] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1796.367106] *** Control State ***
[ 1796.367111] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1796.367114] EntryControls=0000d1ff ExitControls=002fefff
[ 1796.367122] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1796.367126] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.367131] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.367140]         reason=80000021 qualification=0000000000000000
[ 1796.367144] IDTVectoring: info=00000000 errcode=00000000
[ 1796.367147] TSC Offset = 0xfffffc3c3c865c55
[ 1796.367149] TPR Threshold = 0x00
[ 1796.367154] EPT pointer = 0x000000017c3a001e
[ 1796.367436] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.415639] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.467229] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.480294] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.493112] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.552015] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1796.569214] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1796.571061] *** Guest State ***
[ 1796.577699] Interruptibility = 00000000  ActivityState = 00000000
[ 1796.587524] *** Host State ***
[ 1796.590849] RIP = 0xffffffff811fa113  RSP = 0xffff880184b77390
[ 1796.602370] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1796.607395] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:48:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x0, 0x800})

03:48:34 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xb)

[ 1796.639815] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1796.647862] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1796.664722] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1796.672598] CR3 = 0x0000000000000000
[ 1796.679790] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1796.688100] CR0=0000000080050033 CR3=00000001bae0b000 CR4=00000000001426e0
[ 1796.697634] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1796.710021] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1796.717652] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1796.727376] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.735518] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1796.741648] *** Control State ***
[ 1796.745285] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.753358] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1796.761403] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.769949] EntryControls=0000d1ff ExitControls=002fefff
[ 1796.777328] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1796.784396] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.792515] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.799227] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.799246] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.799261] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.807375] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1796.829933]         reason=80000021 qualification=0000000000000000
[ 1796.836419] IDTVectoring: info=00000000 errcode=00000000
[ 1796.841980] TSC Offset = 0xfffffc3c32338b32
[ 1796.846774] TPR Threshold = 0x00
[ 1796.850275] EPT pointer = 0x00000001d745501e
[ 1796.855097] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.864734] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1796.872902] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1796.888529] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1796.905976] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1796.917853] Interruptibility = 00000000  ActivityState = 00000000
[ 1796.924158] *** Host State ***
[ 1796.927496] RIP = 0xffffffff811fa113  RSP = 0xffff880185ec7390
[ 1796.942068] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1796.950647] FSBase=00007fe0750e3700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1796.958514] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1796.964398] CR0=0000000080050033 CR3=00000001c46a1000 CR4=00000000001426f0
[ 1796.971451] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1796.978176] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1796.984211] *** Control State ***
[ 1796.987701] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1796.994377] EntryControls=0000d1ff ExitControls=002fefff
[ 1796.999854] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1797.006895] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1797.013553] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1797.020184]         reason=80000021 qualification=0000000000000000
[ 1797.026591] IDTVectoring: info=00000000 errcode=00000000
[ 1797.032024] TSC Offset = 0xfffffc3c3c865c55
[ 1797.036371] TPR Threshold = 0x00
03:48:35 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

03:48:35 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x4)

03:48:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, [0x0, 0xffff8000]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0x800})

[ 1797.039752] EPT pointer = 0x000000017c3a001e
[ 1797.098539] *** Guest State ***
[ 1797.102518] *** Guest State ***
[ 1797.113707] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1797.119253] *** Guest State ***
[ 1797.125458] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1797.137837] *** Guest State ***
[ 1797.141205] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1797.150625] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1797.156312] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1797.159945] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1797.177330] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1797.186402] CR3 = 0x0000000000000000
[ 1797.190571] CR3 = 0x0000000000000000
03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1797.194516] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1797.200602] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1797.206686] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1797.213853] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1797.220604] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1797.228212] CR3 = 0x0000000000000000
[ 1797.231934] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1797.246170] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1797.253251] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.253836] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1797.267318] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1797.277405] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.285688] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.293792] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.302093] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.311712] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1797.318635] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.327040] CR3 = 0x0000000000000000
[ 1797.327242] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.338853] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.339120] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1797.346954] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.346972] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.361548] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1797.375194] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.383721] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1797.400275] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.408445] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.416552] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.418294] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1797.424637] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.439370] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xf0ffffff00000000)

[ 1797.449067] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.450247] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.464912] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.475461] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.480235] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.495043] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.496683] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.508373] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.512434] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.527223] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.527666] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1797.543785] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.545110] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1797.552280] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.558586] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.567104] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.584096] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.589496] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.600270] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1797.604492] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1797.608227] Interruptibility = 00000000  ActivityState = 00000000
[ 1797.618814] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1797.632955] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.634932] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.646751] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.658256] Interruptibility = 00000000  ActivityState = 00000000
[ 1797.660346] *** Host State ***
[ 1797.667875] RIP = 0xffffffff811fa113  RSP = 0xffff880185e4f390
[ 1797.668096] *** Host State ***
[ 1797.673963] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.677919] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1797.693293] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1797.693679] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1797.700040] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1797.715740] RIP = 0xffffffff811fa113  RSP = 0xffff880184b77390
[ 1797.715783] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1797.721814] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1797.734886] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1797.743592] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1797.751213] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1797.764707] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1797.765756] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1797.780194] Interruptibility = 00000000  ActivityState = 00000000
[ 1797.786671] Interruptibility = 00000000  ActivityState = 00000000
[ 1797.793064] CR0=0000000080050033 CR3=00000001c1279000 CR4=00000000001426e0
[ 1797.802090] *** Host State ***
[ 1797.805494] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1797.812238] *** Host State ***
[ 1797.815576] RIP = 0xffffffff811fa113  RSP = 0xffff88017e3c7390
[ 1797.821661] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1797.827727] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1797.833883] *** Control State ***
[ 1797.837609] RIP = 0xffffffff811fa113  RSP = 0xffff880186e1f390
[ 1797.843619] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1797.850248] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1797.856760] CR0=0000000080050033 CR3=00000001b99a2000 CR4=00000000001426e0
[ 1797.863889] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1797.870733] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1797.880492] EntryControls=0000d1ff ExitControls=002fefff
[ 1797.888491] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:48:35 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1797.897566] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1797.906601] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1797.914994] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1797.924993] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1797.932805] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1797.932820] CR0=0000000080050033 CR3=00000001bc10f000 CR4=00000000001426f0
[ 1797.945920] CR0=0000000080050033 CR3=00000001c80ac000 CR4=00000000001426e0
[ 1797.952941] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1797.952954] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1797.952964] *** Control State ***
[ 1797.970064] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1797.977391]         reason=80000021 qualification=0000000000000000
[ 1797.983819] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1798.000793] *** Control State ***
[ 1798.008825] IDTVectoring: info=00000000 errcode=00000000
[ 1798.014459] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1798.022936] TSC Offset = 0xfffffc3b809f605b
[ 1798.028433] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1798.035212] EntryControls=0000d1ff ExitControls=002fefff
[ 1798.040829] TPR Threshold = 0x00
[ 1798.044278] EPT pointer = 0x00000001874e101e
[ 1798.052389] EntryControls=0000d1ff ExitControls=002fefff
[ 1798.058162] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1798.065317] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.083696] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1798.091785] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:36 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x16)

[ 1798.102449]         reason=80000021 qualification=0000000000000000
[ 1798.102458] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1798.102467] *** Control State ***
[ 1798.109308] IDTVectoring: info=00000000 errcode=00000000
[ 1798.123885] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1798.125489] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1798.140249] EntryControls=0000d1ff ExitControls=002fefff
[ 1798.140441] TSC Offset = 0xfffffc3b86055607
[ 1798.155095] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.157511] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1798.164001] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.176580] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.184037] TPR Threshold = 0x00
[ 1798.187606] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.194347]         reason=80000021 qualification=0000000000000000
[ 1798.194531] EPT pointer = 0x000000017c2f701e
[ 1798.201278] IDTVectoring: info=00000000 errcode=00000000
[ 1798.215574] *** Guest State ***
[ 1798.216318]         reason=80000021 qualification=0000000000000000
[ 1798.219034] TSC Offset = 0xfffffc3b83eb21ea
[ 1798.230220] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1798.239586] TPR Threshold = 0x00
[ 1798.243663] EPT pointer = 0x00000001be3ec01e
[ 1798.244066] IDTVectoring: info=00000000 errcode=00000000
[ 1798.251745] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1798.258655] TSC Offset = 0xfffffc3b86e998bc
[ 1798.272493] TPR Threshold = 0x00
[ 1798.276505] EPT pointer = 0x00000001c012501e
03:48:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:36 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

03:48:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, [0x0, 0x80ffff00000000]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x0, 0x800})

[ 1798.296476] CR3 = 0x0000000000000000
[ 1798.347937] *** Guest State ***
[ 1798.362544] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1798.364623] *** Guest State ***
[ 1798.372564] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1798.380243] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1798.382461] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xc)

[ 1798.397024] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1798.397548] *** Guest State ***
[ 1798.406391] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1798.416234] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1798.423412] CR3 = 0x0000000000000000
[ 1798.434467] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:36 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1798.444969] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.452964] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.462565] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1798.472265] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1798.482389] CR3 = 0x0000000000000000
[ 1798.486309] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1798.492394] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1798.501341] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.501630] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1798.510124] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.524310] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1798.529502] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.530571] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1798.538948] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.545186] CR3 = 0x0000000000000000
[ 1798.553320] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.564924] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.576514] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.578887] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.584638] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:36 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1798.598789] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.607125] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.617172] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.625404] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.633496] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1798.640506] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.648789] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.657001] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1798.663818] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.672025] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.680262] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.688449] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.696670] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1798.703233] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.711451] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.719688] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1798.727350] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.735580] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:36 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1798.743702] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.751907] Interruptibility = 00000000  ActivityState = 00000000
[ 1798.751911] *** Host State ***
[ 1798.751923] RIP = 0xffffffff811fa113  RSP = 0xffff88016b80f390
[ 1798.751945] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1798.751957] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1798.751968] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1798.751983] CR0=0000000080050033 CR3=000000018b73f000 CR4=00000000001426f0
[ 1798.751997] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1798.752009] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1798.752013] *** Control State ***
[ 1798.752021] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1798.752028] EntryControls=0000d1ff ExitControls=002fefff
[ 1798.752041] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1798.752050] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.752058] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1798.752066]         reason=80000021 qualification=0000000000000000
[ 1798.752072] IDTVectoring: info=00000000 errcode=00000000
[ 1798.752078] TSC Offset = 0xfffffc3aecff0205
[ 1798.752083] TPR Threshold = 0x00
[ 1798.752091] EPT pointer = 0x00000001bf81001e
[ 1798.752386] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.811553] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.837478] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.891968] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.900205] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.908455] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.916644] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.924738] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.933017] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1798.939673] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:48:36 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1798.947496] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1798.955753] Interruptibility = 00000000  ActivityState = 00000000
[ 1798.963517] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.971860] *** Host State ***
[ 1798.976023] RIP = 0xffffffff811fa113  RSP = 0xffff88018f8f7390
[ 1798.982255] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1798.990521] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1798.999592] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1799.007982] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1799.016200] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1799.024654] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.033568] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1799.040350] CR0=0000000080050033 CR3=0000000186327000 CR4=00000000001426e0
03:48:37 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1799.047720] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.060865] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1799.069806] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1799.078874] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1799.087039] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1799.093613] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
03:48:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1a000000)

[ 1799.100056] *** Control State ***
[ 1799.105559] Interruptibility = 00000000  ActivityState = 00000000
[ 1799.111948] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1799.112659] *** Host State ***
[ 1799.119694] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1799.139129] RIP = 0xffffffff811fa113  RSP = 0xffff880184b77390
[ 1799.139622] Interruptibility = 00000000  ActivityState = 00000000
03:48:37 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1799.155587] *** Guest State ***
[ 1799.167376] *** Host State ***
[ 1799.173803] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1799.180608] EntryControls=0000d1ff ExitControls=002fefff
[ 1799.188955] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1799.202340] RIP = 0xffffffff811fa113  RSP = 0xffff88017f667390
[ 1799.208953] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1799.216877] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1799.221898] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1799.234570] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.241673] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1799.248724] CR3 = 0x0000000000000000
[ 1799.252517] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1799.260035] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.266910] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1799.270539] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1799.283412] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1799.287250] CR0=0000000080050033 CR3=00000001d91f1000 CR4=00000000001426f0
[ 1799.296973] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1799.307384] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1799.313314]         reason=80000021 qualification=0000000000000000
[ 1799.313322] IDTVectoring: info=00000000 errcode=00000000
[ 1799.313334] TSC Offset = 0xfffffc3ad87310c6
[ 1799.320211] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.339904] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1799.346065] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.356755] CR0=0000000080050033 CR3=00000001c9fc2000 CR4=00000000001426e0
[ 1799.357525] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1799.369558] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.378856] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1799.386463] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.394939] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.403076] *** Control State ***
[ 1799.403085] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1799.403094] *** Control State ***
[ 1799.406745] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1799.413989] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.416295] TPR Threshold = 0x00
[ 1799.423025] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1799.442998] EntryControls=0000d1ff ExitControls=002fefff
[ 1799.443279] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1799.449260] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1799.455925] EntryControls=0000d1ff ExitControls=002fefff
[ 1799.462206] EPT pointer = 0x00000001c5fc101e
[ 1799.468120] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.472282] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.480614] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1799.494982] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.495405] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1799.508962]         reason=80000021 qualification=0000000000000000
[ 1799.509052] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.523369] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.523783] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1799.530150] IDTVectoring: info=00000000 errcode=00000000
[ 1799.536950] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1799.545672] TSC Offset = 0xfffffc3ad6d642f7
[ 1799.549874] Interruptibility = 00000000  ActivityState = 00000000
[ 1799.561418] *** Host State ***
[ 1799.564748] RIP = 0xffffffff811fa113  RSP = 0xffff8801d11bf390
[ 1799.565095] TPR Threshold = 0x00
[ 1799.571682] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1799.574186] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.580964] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1799.587823] EPT pointer = 0x00000001bf52d01e
[ 1799.595500] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1799.610119] CR0=0000000080050033 CR3=00000001ce481000 CR4=00000000001426e0
[ 1799.617624] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1799.625214]         reason=80000021 qualification=0000000000000000
[ 1799.625509] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1799.631578] IDTVectoring: info=00000000 errcode=00000000
[ 1799.631585] TSC Offset = 0xfffffc3adc591349
[ 1799.631595] TPR Threshold = 0x00
[ 1799.638048] *** Control State ***
03:48:37 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:37 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1799.654913] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1799.663272] EntryControls=0000d1ff ExitControls=002fefff
[ 1799.677197] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1799.685198] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.700473] *** Guest State ***
[ 1799.703772] EPT pointer = 0x00000001bf49201e
03:48:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, [0x0, 0x0, 0xffff8000]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xa)

03:48:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x800})

03:48:37 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1799.716646] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1799.724942] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1799.728309]         reason=80000021 qualification=0000000000000000
[ 1799.735949] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1799.750029] CR3 = 0x0000000000000000
[ 1799.772555] IDTVectoring: info=00000000 errcode=00000000
[ 1799.787301] *** Guest State ***
[ 1799.790043] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1799.791455] TSC Offset = 0xfffffc3a6c07e1cc
[ 1799.801408] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1799.802217] *** Guest State ***
[ 1799.811360] TPR Threshold = 0x00
[ 1799.817385] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1799.826164] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1799.827608] EPT pointer = 0x00000001cb7c901e
[ 1799.837638] CR3 = 0x0000000000000000
[ 1799.837971] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1799.841986] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1799.852067] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1799.862274] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1799.877276] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.878244] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1799.892154] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1799.898888] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.901957] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:37 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

03:48:37 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1799.929943] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.932660] CR3 = 0x0000000000000000
[ 1799.951166] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1799.965415] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1799.971569] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2e)

[ 1799.989105] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.003280] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1800.009023] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.029332] *** Guest State ***
[ 1800.036082] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.036521] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1800.047651] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1800.058916] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.062936] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.070198] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.084705] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.093168] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.093334] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1800.110249] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.118312] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.128819] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:38 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1800.134564] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.137342] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.148442] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.166420] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.171655] CR3 = 0x0000000000000000
[ 1800.193801] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.198285] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.209923] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1800.210205] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1800.216514] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.231022] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1800.231094] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1800.250980] Interruptibility = 00000000  ActivityState = 00000000
[ 1800.255437] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1800.265380] Interruptibility = 00000000  ActivityState = 00000000
[ 1800.267406] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.271786] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1800.279805] *** Host State ***
[ 1800.286175] *** Host State ***
03:48:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x4)

03:48:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000)

[ 1800.292254] RIP = 0xffffffff811fa113  RSP = 0xffff88018d347390
[ 1800.313421] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1800.325905] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1800.332713] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1800.342050] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.345676] RIP = 0xffffffff811fa113  RSP = 0xffff880183ce7390
[ 1800.355791] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1800.358404] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1800.371341] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.379773] CR0=0000000080050033 CR3=00000001c3d54000 CR4=00000000001426e0
[ 1800.387222] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1800.388668] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1800.398896] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.409887] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.410300] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1800.424247] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1800.430888] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.439069] CR0=0000000080050033 CR3=00000001cc12b000 CR4=00000000001426e0
[ 1800.446524] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.449918] *** Control State ***
[ 1800.458700] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.467086] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1800.474084] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1800.481281] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.489462] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1800.495981] EntryControls=0000d1ff ExitControls=002fefff
[ 1800.501545] *** Control State ***
[ 1800.503788] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.505704] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1800.521095] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.523856] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.541382] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1800.549280] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.559725] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.567745] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.576265] EntryControls=0000d1ff ExitControls=002fefff
[ 1800.581881] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.589779] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1800.589797] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1800.609683] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1800.618917] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1800.624915]         reason=80000021 qualification=0000000000000000
[ 1800.636536] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.640080] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1800.645861] IDTVectoring: info=00000000 errcode=00000000
[ 1800.656762] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1800.663302] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.666033] Interruptibility = 00000000  ActivityState = 00000000
[ 1800.673271] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1800.683977] Interruptibility = 00000000  ActivityState = 00000000
[ 1800.693456]         reason=80000021 qualification=0000000000000000
[ 1800.700247] TSC Offset = 0xfffffc3a157159db
[ 1800.703316] *** Host State ***
[ 1800.705185] *** Host State ***
[ 1800.709208] RIP = 0xffffffff811fa113  RSP = 0xffff8801c56df390
[ 1800.711489] RIP = 0xffffffff811fa113  RSP = 0xffff88017cff7390
[ 1800.718936] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1800.724324] IDTVectoring: info=00000000 errcode=00000000
[ 1800.730194] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1800.743378] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1800.744580] TPR Threshold = 0x00
[ 1800.752782] CR0=0000000080050033 CR3=00000001c8e63000 CR4=00000000001426f0
[ 1800.753780] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1800.766339] TSC Offset = 0xfffffc3a2154af60
[ 1800.766679] EPT pointer = 0x00000001826e901e
[ 1800.770742] TPR Threshold = 0x00
[ 1800.778771] EPT pointer = 0x00000001bca3601e
[ 1800.783312] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:48:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x80ffff, 0x0, 0x0, 0x0, 0x800})

03:48:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, [0x0, 0x0, 0x80ffff00000000]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000)

[ 1800.788462] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1800.797918] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1800.814409] *** Control State ***
[ 1800.816992] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1800.822838] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1800.828033] CR0=0000000080050033 CR3=0000000185bca000 CR4=00000000001426f0
[ 1800.862332] EntryControls=0000d1ff ExitControls=002fefff
[ 1800.875462] *** Guest State ***
[ 1800.877414] *** Guest State ***
[ 1800.882061] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1800.896905] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1800.899892] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1800.906952] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1800.914947] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1800.922705] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1800.935079] *** Control State ***
[ 1800.938559] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1800.955075] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1800.966490] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.967935] CR3 = 0x0000000000000000
[ 1800.983059] EntryControls=0000d1ff ExitControls=002fefff
[ 1800.985476] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1800.995532] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1801.002467] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1801.002475] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1801.002483]         reason=80000021 qualification=0000000000000000
[ 1801.002489] IDTVectoring: info=00000000 errcode=00000000
[ 1801.002495] TSC Offset = 0xfffffc39f462f5d5
[ 1801.002500] TPR Threshold = 0x00
[ 1801.002520] EPT pointer = 0x00000001cc65601e
[ 1801.009527]         reason=80000021 qualification=0000000000000000
[ 1801.022863] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1801.035770] IDTVectoring: info=00000000 errcode=00000000
[ 1801.040534] CR3 = 0x0000000000000000
03:48:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x800})

[ 1801.049282] TSC Offset = 0xfffffc3a13ad3cca
[ 1801.066066] TPR Threshold = 0x00
[ 1801.069326] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1801.069578] EPT pointer = 0x000000018728101e
[ 1801.080256] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1801.098811] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:48:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, [0x0, 0x0, 0x80ffff]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1801.121944] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1801.135221] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.143480] *** Guest State ***
[ 1801.147435] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1801.156814] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1801.163598] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000)

[ 1801.164630] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1801.181279] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.194124] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.197516] *** Guest State ***
[ 1801.203588] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1801.218158] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.227744] CR3 = 0x0000000000000000
[ 1801.235861] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.244148] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.255502] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.257709] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1801.272517] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.273698] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1801.283699] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.289956] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.295734] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.307667] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1801.317511] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.324043] *** Guest State ***
[ 1801.326072] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1801.329225] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1801.345054] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.353136] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.361732] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1801.362575] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.371388] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1801.388007] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.396450] CR3 = 0x0000000000000000
[ 1801.396533] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.400291] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1801.414549] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1801.421343] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1801.423054] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.427675] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1801.443188] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1801.454074] Interruptibility = 00000000  ActivityState = 00000000
[ 1801.460729] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.469116] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.469158] CR3 = 0x0000000000000000
[ 1801.481246] *** Host State ***
[ 1801.485778] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.488159] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.493902] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.502161] RIP = 0xffffffff811fa113  RSP = 0xffff88018b56f390
[ 1801.516181] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x26000000)

[ 1801.522312] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.523739] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.538507] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.550968] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1801.560200] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1801.565660] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1801.568354] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.573281] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1801.581738] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1801.596705] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.596999] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.605192] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.613103] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1801.621249] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1801.633500] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.633864] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.641673] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.657703] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426f0
[ 1801.665239] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.673717] Interruptibility = 00000000  ActivityState = 00000000
[ 1801.680157] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.688307] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.696408] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1801.696707] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.703153] *** Host State ***
[ 1801.717484] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.719692] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.726493] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.734691] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.749643] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1801.756192] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1801.763847] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.766228] RIP = 0xffffffff811fa113  RSP = 0xffff8801c146f390
[ 1801.772450] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1801.778015] Interruptibility = 00000000  ActivityState = 00000000
[ 1801.789659] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1801.790277] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.797197] *** Control State ***
[ 1801.804654] *** Host State ***
[ 1801.812866] RIP = 0xffffffff811fa113  RSP = 0xffff88018046f390
[ 1801.815662] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1801.824446] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.826872] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1801.834948] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1801.842054] Interruptibility = 00000000  ActivityState = 00000000
[ 1801.847559] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1801.854119] *** Host State ***
[ 1801.860274] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.860293] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.860307] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1801.864302] EntryControls=0000d1ff ExitControls=002fefff
[ 1801.873833] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1801.880205] RIP = 0xffffffff811fa113  RSP = 0xffff88018f8f7390
[ 1801.901469] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1801.907268] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1801.914869] FSBase=00007fa709206700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1801.922188] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1801.929656] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1801.936752] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1801.945405] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1801.949760] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1801.962727] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1801.965655]         reason=80000021 qualification=0000000000000000
[ 1801.976596] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1801.976611] CR0=0000000080050033 CR3=00000001cc12b000 CR4=00000000001426e0
[ 1801.976625] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1801.989718] Interruptibility = 00000000  ActivityState = 00000000
[ 1801.996769] IDTVectoring: info=00000000 errcode=00000000
[ 1802.009337] *** Host State ***
[ 1802.012950] CR0=0000000080050033 CR3=00000001c81ae000 CR4=00000000001426f0
[ 1802.020090] RIP = 0xffffffff811fa113  RSP = 0xffff8801c56df390
[ 1802.020717] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1802.034879] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1802.038025] TSC Offset = 0xfffffc39803cf085
[ 1802.040940] *** Control State ***
[ 1802.040950] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1802.040958] EntryControls=0000d1ff ExitControls=002fefff
[ 1802.040971] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1802.040986] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x5000000)

[ 1802.049328] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1802.055583] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1802.061433] TPR Threshold = 0x00
[ 1802.068439] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1802.093406] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1802.109025] EPT pointer = 0x00000001814a301e
[ 1802.114177] CR0=0000000080050033 CR3=00000001d8b21000 CR4=00000000001426f0
[ 1802.115225] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1802.128173] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1802.135136]         reason=80000021 qualification=0000000000000000
[ 1802.141047] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1802.141477] IDTVectoring: info=00000000 errcode=00000000
[ 1802.159992] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1802.171308] *** Control State ***
03:48:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1802.174788] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1802.184133] CR0=0000000080050033 CR3=00000001cb87d000 CR4=00000000001426e0
[ 1802.200526] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1802.201591] *** Control State ***
[ 1802.218955] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1802.224883] TSC Offset = 0xfffffc39805d32c0
[ 1802.228303] EntryControls=0000d1ff ExitControls=002fefff
[ 1802.230488] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1802.236734] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1802.250915] TPR Threshold = 0x00
[ 1802.254317] EPT pointer = 0x00000001c4ac701e
[ 1802.258010] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1802.258989] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1802.265820] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1802.281621] *** Control State ***
[ 1802.283356]         reason=80000021 qualification=0000000000000000
[ 1802.298838] IDTVectoring: info=00000000 errcode=00000000
[ 1802.306190] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1802.310265] TSC Offset = 0xfffffc395412cecf
[ 1802.313738] EntryControls=0000d1ff ExitControls=002fefff
03:48:40 executing program 4:

[ 1802.330824] EntryControls=0000d1ff ExitControls=002fefff
[ 1802.337399] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1802.349382] TPR Threshold = 0x00
[ 1802.353563] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1802.356584] EPT pointer = 0x00000001d74b901e
[ 1802.361101] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1802.373063] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1e00)

[ 1802.382303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1802.417508] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:40 executing program 4:

03:48:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1802.427100]         reason=80000021 qualification=0000000000000000
[ 1802.443264]         reason=80000021 qualification=0000000000000000
[ 1802.452476] IDTVectoring: info=00000000 errcode=00000000
[ 1802.461464] IDTVectoring: info=00000000 errcode=00000000
[ 1802.467060] TSC Offset = 0xfffffc3942bbe5fa
[ 1802.477470] TPR Threshold = 0x00
[ 1802.483335] TSC Offset = 0xfffffc395b889d8e
[ 1802.492541] EPT pointer = 0x00000001c7bbc01e
[ 1802.502449] TPR Threshold = 0x00
[ 1802.506293] EPT pointer = 0x00000001c30c501e
[ 1802.526848] *** Guest State ***
03:48:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x800})

03:48:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:40 executing program 4:

[ 1802.550215] *** Guest State ***
[ 1802.557079] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1802.575779] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:40 executing program 4:

[ 1802.627288] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1802.629420] *** Guest State ***
[ 1802.647441] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1802.657527] CR3 = 0x0000000000000000
[ 1802.667758] *** Guest State ***
[ 1802.668095] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:40 executing program 4:

03:48:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x6)

[ 1802.671051] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1802.671067] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1802.671073] CR3 = 0x0000000000000000
[ 1802.671088] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1802.687190] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1802.705311] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1802.726218] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1802.732926] CR3 = 0x0000000000000000
[ 1802.737265] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1802.745946] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1802.752624] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.752642] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.752665] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:40 executing program 4:

[ 1802.763263] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1802.770041] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1802.785928] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1802.791934] CR3 = 0x0000000000000000
[ 1802.798939] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1802.809665] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.817957] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1802.826448] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.834900] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.840055] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.851281] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.859770] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.868474] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.876842] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.878482] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1802.885741] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.899232] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.899512] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.907539] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:40 executing program 4:

[ 1802.923499] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1802.923699] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1802.938320] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.938638] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.954511] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.962582] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.967601] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.980957] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.990091] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1802.994943] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.007345] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.017249] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:41 executing program 4:

[ 1803.025384] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.030956] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.040118] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.048487] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.057511] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.065695] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.070766] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1803.080219] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.080595] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.096286] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.096305] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.096314] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1803.096325] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:48:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1e00)

[ 1803.096334] Interruptibility = 00000000  ActivityState = 00000000
[ 1803.096337] *** Host State ***
[ 1803.096348] RIP = 0xffffffff811fa113  RSP = 0xffff880180c4f390
[ 1803.096379] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1803.121180] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1803.159318] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1803.163048] Interruptibility = 00000000  ActivityState = 00000000
[ 1803.173926] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.182218] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1803.185219] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1803.188803] *** Host State ***
[ 1803.198510] CR0=0000000080050033 CR3=00000001cb87d000 CR4=00000000001426f0
[ 1803.199613] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1803.205758] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1803.213390] RIP = 0xffffffff811fa113  RSP = 0xffff88018f8f7390
[ 1803.220011] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1803.226090] Interruptibility = 00000000  ActivityState = 00000000
[ 1803.232315] *** Control State ***
[ 1803.242076] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1803.244948] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.249239] EntryControls=0000d1ff ExitControls=002fefff
[ 1803.257088] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1803.262374] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1803.268993] *** Host State ***
[ 1803.276149] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.282490] RIP = 0xffffffff811fa113  RSP = 0xffff880181e67390
[ 1803.292134] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1803.298705] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.301306] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1803.313442] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1803.320884]         reason=80000021 qualification=0000000000000000
[ 1803.321885] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1803.333991] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.342154] IDTVectoring: info=00000000 errcode=00000000
[ 1803.348984] CR0=0000000080050033 CR3=00000001cc12b000 CR4=00000000001426e0
[ 1803.354705] TSC Offset = 0xfffffc388a84aea1
[ 1803.358311] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1803.367736] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.376116] CR0=0000000080050033 CR3=00000001c0771000 CR4=00000000001426e0
[ 1803.379039] TPR Threshold = 0x00
[ 1803.383300] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1803.383308] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1803.383314] Interruptibility = 00000000  ActivityState = 00000000
[ 1803.383316] *** Host State ***
[ 1803.383323] RIP = 0xffffffff811fa113  RSP = 0xffff8801d11bf390
[ 1803.383337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1803.383343] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1803.383350] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1803.383359] CR0=0000000080050033 CR3=00000001d115f000 CR4=00000000001426f0
[ 1803.383381] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1803.383393] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1803.383397] *** Control State ***
[ 1803.383406] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1803.383412] EntryControls=0000d1ff ExitControls=002fefff
[ 1803.383427] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1803.393348] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1803.408683] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1803.416911] EPT pointer = 0x00000001c025801e
[ 1803.424571] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1803.459829] *** Control State ***
[ 1803.466699] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1803.502910] *** Control State ***
[ 1803.512625] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1803.517745] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.527989] EntryControls=0000d1ff ExitControls=002fefff
[ 1803.538510] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1803.539796] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1803.546149] EntryControls=0000d1ff ExitControls=002fefff
[ 1803.557958] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.558110] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.571515] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1803.572564] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1803.582432]         reason=80000021 qualification=0000000000000000
[ 1803.594902]         reason=80000021 qualification=0000000000000000
[ 1803.601357] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1803.601893] IDTVectoring: info=00000000 errcode=00000000
[ 1803.614293] *** Guest State ***
[ 1803.615031] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1803.617675] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1803.627930]         reason=80000021 qualification=0000000000000000
[ 1803.633291] IDTVectoring: info=00000000 errcode=00000000
[ 1803.639802] IDTVectoring: info=00000000 errcode=00000000
[ 1803.644927] TSC Offset = 0xfffffc389dffe503
[ 1803.650688] TSC Offset = 0xfffffc389aa5627f
[ 1803.654687] TPR Threshold = 0x00
[ 1803.662460] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1803.665315] TPR Threshold = 0x00
[ 1803.671775] EPT pointer = 0x00000001bc69a01e
[ 1803.676979] EPT pointer = 0x00000001d7d3e01e
03:48:41 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:41 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1803.679313] TSC Offset = 0xfffffc388fc83411
[ 1803.696129] TPR Threshold = 0x00
[ 1803.703457] CR3 = 0x0000000000000000
[ 1803.707314] EPT pointer = 0x000000018728101e
[ 1803.712476] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1803.721415] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1803.749918] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1803.759693] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.770057] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.783324] *** Guest State ***
[ 1803.786060] *** Guest State ***
[ 1803.786905] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1803.789901] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1803.789915] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1803.789921] CR3 = 0x0000000000000000
[ 1803.789938] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1803.799305] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1803.808791] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.817338] CR3 = 0x0000000000000000
[ 1803.827664] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.843373] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1803.850086] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.855350] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1803.861474] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.869896] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.883915] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1803.892376] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.897968] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.906282] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.913925] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.922826] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.930167] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.938884] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.946074] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1803.954403] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.960112] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.968388] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1803.976089] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1803.984589] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1803.990582] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1803.998895] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1804.005233] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1804.013555] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.020679] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.029042] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1804.036720] Interruptibility = 00000000  ActivityState = 00000000
[ 1804.043422] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1804.049443] *** Host State ***
[ 1804.057215] Interruptibility = 00000000  ActivityState = 00000000
[ 1804.060189] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.067071] *** Host State ***
[ 1804.074462] RIP = 0xffffffff811fa113  RSP = 0xffff880180c4f390
[ 1804.078093] RIP = 0xffffffff811fa113  RSP = 0xffff8801c86ef390
[ 1804.083657] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1804.089939] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1804.096121] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.102753] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1804.110551] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1804.118613] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1804.126338] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.132454] CR0=0000000080050033 CR3=00000001cc12b000 CR4=00000000001426e0
[ 1804.140228] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1804.147501] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1804.153192] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.160110] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1804.167895] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.181927] CR0=0000000080050033 CR3=00000001cb87d000 CR4=00000000001426f0
[ 1804.182007] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1804.189428] *** Control State ***
[ 1804.197062] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.201187] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1804.208543] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1804.215603] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1804.223246] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.230322] EntryControls=0000d1ff ExitControls=002fefff
[ 1804.238084] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1804.243762] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1804.250054] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1804.257203] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1804.271135] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1804.271152] *** Control State ***
[ 1804.277534] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1804.280722] Interruptibility = 00000000  ActivityState = 00000000
[ 1804.287591]         reason=80000021 qualification=0000000000000000
[ 1804.293629] *** Host State ***
[ 1804.300378] IDTVectoring: info=00000000 errcode=00000000
[ 1804.303182] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1804.308877] TSC Offset = 0xfffffc37f33f9d15
[ 1804.315374] RIP = 0xffffffff811fa113  RSP = 0xffff8801d11bf390
[ 1804.319865] TPR Threshold = 0x00
[ 1804.325729] EntryControls=0000d1ff ExitControls=002fefff
[ 1804.329828] EPT pointer = 0x00000001c62d901e
[ 1804.334560] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1804.346044] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1804.347651] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1804.352700] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1804.367525] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1804.375131] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1804.378160]         reason=80000021 qualification=0000000000000000
[ 1804.381305] CR0=0000000080050033 CR3=0000000187539000 CR4=00000000001426f0
[ 1804.394921] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1804.397733] IDTVectoring: info=00000000 errcode=00000000
[ 1804.401693] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1804.408086] TSC Offset = 0xfffffc388a84aea1
[ 1804.414183] *** Control State ***
[ 1804.417922] *** Guest State ***
[ 1804.421339] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1804.424294] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1804.424309] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1804.424316] CR3 = 0x0000000000000000
[ 1804.424330] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1804.431344] EntryControls=0000d1ff ExitControls=002fefff
[ 1804.440058] TPR Threshold = 0x00
[ 1804.449358] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1804.452615] EPT pointer = 0x00000001c025801e
[ 1804.458914] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1804.468232] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1804.479294]         reason=80000021 qualification=0000000000000000
03:48:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x800})

03:48:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x7f30ef44a700)

03:48:42 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

03:48:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1804.486132] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1804.492629] IDTVectoring: info=00000000 errcode=00000000
[ 1804.511165] TSC Offset = 0xfffffc37f19b0c28
[ 1804.515829] TPR Threshold = 0x00
[ 1804.516182] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1804.519300] EPT pointer = 0x00000001ce0f101e
[ 1804.553257] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.569212] *** Guest State ***
[ 1804.572728] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.584150] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1804.589968] *** Guest State ***
[ 1804.593604] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.606018] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.607186] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1804.614545] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1804.632168] *** Guest State ***
[ 1804.637171] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.643519] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:48:42 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1804.646191] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1804.663492] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.694648] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1804.698965] CR3 = 0x0000000000000000
[ 1804.711287] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1804.720531] CR3 = 0x0000000000000000
[ 1804.729851] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1804.732016] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.744929] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1804.749657] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1804.751027] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1804.766009] CR3 = 0x0000000000000000
[ 1804.769806] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1804.775168] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1804.781892] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:42 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10)

[ 1804.789901] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1804.789916] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1804.805068] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1804.807850] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1804.816428] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1804.831584] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1e00000000000000)

[ 1804.839344] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1804.839926] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.855279] Interruptibility = 00000000  ActivityState = 00000000
[ 1804.856434] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.875401] *** Host State ***
[ 1804.877272] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.886551] RIP = 0xffffffff811fa113  RSP = 0xffff88018ba57390
[ 1804.886796] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.900746] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.909583] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.923556] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.924721] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1804.931860] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:43 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000077000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10)

[ 1804.950645] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.958801] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.967113] FSBase=00007faf77322700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1804.972276] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.983153] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1804.994881] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.002880] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.002900] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.015860] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.026954] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1805.026969] CR0=0000000080050033 CR3=00000001cc12b000 CR4=00000000001426e0
[ 1805.026984] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1805.026997] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1805.027000] *** Control State ***
[ 1805.027009] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1805.027016] EntryControls=0000d1ff ExitControls=002fefff
[ 1805.027028] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1805.027042] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.041964] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.090207] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1805.090511] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.104924]         reason=80000021 qualification=0000000000000000
[ 1805.105258] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.119951] IDTVectoring: info=00000000 errcode=00000000
[ 1805.124600] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.133607] TSC Offset = 0xfffffc37f33f9d15
[ 1805.133710] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.138336] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.146156] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.154318] TPR Threshold = 0x00
[ 1805.162223] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.173881] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.182505] EPT pointer = 0x00000001c62d901e
[ 1805.188094] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:48:43 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:43 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1805.199430] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.200184] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1805.218819] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.227380] Interruptibility = 00000000  ActivityState = 00000000
[ 1805.237948] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.255093] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.275716] *** Host State ***
[ 1805.286830] RIP = 0xffffffff811fa113  RSP = 0xffff8801cd4bf390
[ 1805.289411] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:48:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xf2ffffff00000000)

[ 1805.305673] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1805.309160] *** Guest State ***
[ 1805.312309] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1805.322210] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1805.334017] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1805.335927] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1805.344433] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1805.366888] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1805.372896] Interruptibility = 00000000  ActivityState = 00000000
[ 1805.384720] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1805.394928] Interruptibility = 00000000  ActivityState = 00000000
[ 1805.401263] *** Host State ***
[ 1805.415154] CR0=0000000080050033 CR3=00000001c3492000 CR4=00000000001426f0
[ 1805.415351] *** Host State ***
[ 1805.427053] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1805.427215] RIP = 0xffffffff811fa113  RSP = 0xffff880181e67390
[ 1805.439815] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1805.447592] CR3 = 0x0000000000000000
[ 1805.455296] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1805.457381] *** Control State ***
[ 1805.465286] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1805.465324] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1805.471792] RIP = 0xffffffff811fa113  RSP = 0xffff8801c0f4f390
[ 1805.478469] EntryControls=0000d1ff ExitControls=002fefff
[ 1805.484615] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1805.490054] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1805.503576] FSBase=00007f1e5f216700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1805.511427] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1805.511439] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.511465] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.518628] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1805.526234] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1805.534609] CR0=0000000080050033 CR3=0000000187539000 CR4=00000000001426f0
[ 1805.542145] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.558766] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1805.568672] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1805.572589] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1805.576241] *** Control State ***
[ 1805.586688] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1805.594180] EntryControls=0000d1ff ExitControls=002fefff
[ 1805.594440] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.606451] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1805.612463] CR0=0000000080050033 CR3=00000001d7ffa000 CR4=00000000001426e0
[ 1805.618473]         reason=80000021 qualification=0000000000000000
[ 1805.620028] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1805.626263] IDTVectoring: info=00000000 errcode=00000000
[ 1805.632853] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.638786] TSC Offset = 0xfffffc3785dfcbf3
[ 1805.646322] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.657449] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.657683] TPR Threshold = 0x00
[ 1805.664184] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.667765] EPT pointer = 0x00000001cd22501e
[ 1805.680006] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1805.687146]         reason=80000021 qualification=0000000000000000
[ 1805.693534] IDTVectoring: info=00000000 errcode=00000000
[ 1805.699139] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1805.705340] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.713442] *** Control State ***
[ 1805.716944] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.716958] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.725207] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1805.739821] TSC Offset = 0xfffffc37f19b0c28
[ 1805.744210] TPR Threshold = 0x00
[ 1805.748402] EPT pointer = 0x00000001ce0f101e
[ 1805.754045] EntryControls=0000d1ff ExitControls=002fefff
03:48:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1805.765776] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1805.769259] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.781513] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1805.783596] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1805.791704] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1805.798200] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1805.808291]         reason=80000021 qualification=0000000000000000
[ 1805.813626] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1805.817982] IDTVectoring: info=00000000 errcode=00000000
[ 1805.824081] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1805.837056] TSC Offset = 0xfffffc378301276e
[ 1805.837832] Interruptibility = 00000000  ActivityState = 00000000
[ 1805.847733] TPR Threshold = 0x00
[ 1805.848203] *** Host State ***
[ 1805.851184] EPT pointer = 0x00000001d97cf01e
[ 1805.854350] RIP = 0xffffffff811fa113  RSP = 0xffff880183ce7390
[ 1805.870588] *** Guest State ***
[ 1805.873781] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1805.877827] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1805.880633] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1805.897425] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1805.897682] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1805.903379] CR0=0000000080050033 CR3=00000001be451000 CR4=00000000001426f0
03:48:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0xffff8000]})

03:48:43 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2600000000000000)

03:48:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1805.916631] CR3 = 0x0000000000000000
[ 1805.954712] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1805.959311] *** Guest State ***
[ 1805.964505] *** Guest State ***
[ 1805.967505] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1805.972708] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1805.979041] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1805.989654] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:44 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1806.005024] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1806.010630] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1806.021211] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1806.030822] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.048108] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.056561] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1806.071672] CR3 = 0x0000000000000000
[ 1806.072281] CR3 = 0x0000000000000000
[ 1806.080442] *** Control State ***
[ 1806.084279] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.088181] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1806.093308] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1806.109712] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1806.114949] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.117006] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1806.124563] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.131218] EntryControls=0000d1ff ExitControls=002fefff
[ 1806.138783] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1806.144577] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1806.157000] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.165202] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1806.170356] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1806.178983] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.191676] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.192812] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2000000)

03:48:44 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000300))
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1806.202435] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.208206] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.224003] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.235683] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.242859] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.253390]         reason=80000021 qualification=0000000000000000
[ 1806.255423] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.264949] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.275965] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.284714] IDTVectoring: info=00000000 errcode=00000000
[ 1806.290437] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.298607] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.306834] TSC Offset = 0xfffffc37206a0b6c
[ 1806.311273] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.319394] TPR Threshold = 0x00
[ 1806.322847] EPT pointer = 0x00000001c79fe01e
[ 1806.327518] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.335644] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1806.348175] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:44 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1806.357277] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.374769] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1806.382406] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.414546] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.422759] Interruptibility = 00000000  ActivityState = 00000000
[ 1806.429980] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.432336] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.440889] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.454624] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:48:44 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x88201, 0x100)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1806.463025] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1806.475873] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.477857] *** Guest State ***
[ 1806.487304] *** Host State ***
[ 1806.490911] RIP = 0xffffffff811fa113  RSP = 0xffff880181e67390
[ 1806.497032] Interruptibility = 00000000  ActivityState = 00000000
[ 1806.502974] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.511463] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1806.517913] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1806.517930] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1806.535756] *** Host State ***
[ 1806.535769] RIP = 0xffffffff811fa113  RSP = 0xffff8801d11bf390
[ 1806.535791] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1806.535803] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1806.535813] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1806.535827] CR0=0000000080050033 CR3=00000001d7ffa000 CR4=00000000001426f0
[ 1806.545120] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1806.559391] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.572550] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1806.584427] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.603240] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1806.611047] *** Control State ***
03:48:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2600)

[ 1806.611815] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1806.625453] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1806.632010] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1806.643311] CR3 = 0x0000000000000000
[ 1806.661963] CR0=0000000080050033 CR3=0000000187539000 CR4=00000000001426f0
[ 1806.667286] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1806.675884] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1806.678415] EntryControls=0000d1ff ExitControls=002fefff
[ 1806.687183] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1806.693592] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1806.700806] Interruptibility = 00000000  ActivityState = 00000000
[ 1806.708217] *** Control State ***
[ 1806.711677] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1806.718714] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1806.725812] *** Host State ***
[ 1806.726485] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1806.729123] RIP = 0xffffffff811fa113  RSP = 0xffff88018d347390
[ 1806.741183] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.755270] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1806.779267] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1806.780146] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1806.787446] EntryControls=0000d1ff ExitControls=002fefff
[ 1806.799441] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.806374] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1806.813528] CR0=0000000080050033 CR3=00000001c5bf4000 CR4=00000000001426e0
[ 1806.825844]         reason=80000021 qualification=0000000000000000
[ 1806.832234] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.832750] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1806.847333] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1806.847529] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.854253] IDTVectoring: info=00000000 errcode=00000000
[ 1806.869884] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1806.876671] *** Control State ***
[ 1806.880257] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1806.887080] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.894990] EntryControls=0000d1ff ExitControls=002fefff
[ 1806.900696] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.901463] TSC Offset = 0xfffffc36c691745b
[ 1806.913667] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1806.922808] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.923977] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.932249] TPR Threshold = 0x00
[ 1806.942148] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1806.946534] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.955056] EPT pointer = 0x0000000180e4701e
[ 1806.957297] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.962966]         reason=80000021 qualification=0000000000000000
[ 1806.969875] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1806.984013] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1806.995233] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1806.995840]         reason=80000021 qualification=0000000000000000
[ 1807.003215] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.003235] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.003245] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1807.003259] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1807.020049] IDTVectoring: info=00000000 errcode=00000000
[ 1807.035656] IDTVectoring: info=00000000 errcode=00000000
[ 1807.045323] TSC Offset = 0xfffffc36d376ed15
[ 1807.055802] TPR Threshold = 0x00
[ 1807.060065] TSC Offset = 0xfffffc36c7488960
[ 1807.062696] EPT pointer = 0x00000001d97cf01e
[ 1807.064453] TPR Threshold = 0x00
[ 1807.072890] EPT pointer = 0x00000001b99a201e
03:48:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:45 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x80ffff00000000]})

03:48:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x65)

03:48:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1807.094949] Interruptibility = 00000000  ActivityState = 00000000
[ 1807.102459] *** Host State ***
[ 1807.108123] RIP = 0xffffffff811fa113  RSP = 0xffff880180c4f390
[ 1807.118467] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1807.160388] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1807.180299] *** Guest State ***
[ 1807.184951] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1807.185613] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1807.200281] CR0=0000000080050033 CR3=00000001d97ce000 CR4=00000000001426f0
[ 1807.208625] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1807.213921] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1807.223081] *** Guest State ***
[ 1807.229044] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1807.236106] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1807.246300] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1807.248278] CR3 = 0x0000000000000000
03:48:45 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1807.257665] *** Control State ***
[ 1807.262631] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1807.270084] CR3 = 0x0000000000000000
[ 1807.270284] *** Guest State ***
[ 1807.275528] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1807.285854] EntryControls=0000d1ff ExitControls=002fefff
[ 1807.291446] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1807.300319] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1807.325018] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1807.325295] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1807.331159] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1807.351490] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1807.362839] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1807.370150] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.371809] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1807.385027] CR3 = 0x0000000000000000
[ 1807.389214] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.398232] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1807.404505] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.405347] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.413096] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1807.426730] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.427311] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1807.434924] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.449940] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1807.456781] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.464923] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.465237] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.473040] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.489245] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.497407] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.505577] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.505667] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:45 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1807.513677] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.528307] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.536636] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.536808] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.552750] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.561940] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.570254] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.570391] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1807.584920]         reason=80000021 qualification=0000000000000000
[ 1807.591393] IDTVectoring: info=00000000 errcode=00000000
[ 1807.594921] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.597631] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1807.612439] TSC Offset = 0xfffffc3680325d8a
[ 1807.616930] Interruptibility = 00000000  ActivityState = 00000000
[ 1807.623264] TPR Threshold = 0x00
[ 1807.626792] EPT pointer = 0x00000001bd16e01e
[ 1807.631498] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.631860] *** Host State ***
[ 1807.642763] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.656613] RIP = 0xffffffff811fa113  RSP = 0xffff8801d11bf390
[ 1807.669172] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:48:45 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:45 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1807.675921] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.680374] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.689279] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.700246] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
03:48:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x6700000000000000)

[ 1807.722470] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1807.740784] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.749705] CR0=0000000080050033 CR3=00000001c27bf000 CR4=00000000001426f0
[ 1807.758521] *** Guest State ***
[ 1807.761995] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1807.766004] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1807.768891] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1807.795457] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.803620] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1807.810315] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1807.810936] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:48:45 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1807.824896] *** Control State ***
[ 1807.831917] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1807.831926] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1807.831939] EntryControls=0000d1ff ExitControls=002fefff
[ 1807.838788] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1807.845752] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1807.858617] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1807.870384] Interruptibility = 00000000  ActivityState = 00000000
[ 1807.874853] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1807.888242] CR3 = 0x0000000000000000
[ 1807.893929] Interruptibility = 00000000  ActivityState = 00000000
[ 1807.905077] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1807.911871] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1807.911925] *** Host State ***
[ 1807.921190] *** Host State ***
[ 1807.922988] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1807.924502] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1807.937560] RIP = 0xffffffff811fa113  RSP = 0xffff88017d29f390
[ 1807.938617] RIP = 0xffffffff811fa113  RSP = 0xffff88017f667390
[ 1807.961153]         reason=80000021 qualification=0000000000000000
[ 1807.967627] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:48:46 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1807.968279] IDTVectoring: info=00000000 errcode=00000000
[ 1807.979694] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1807.986530] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1807.994479] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.007768] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1808.023872] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.037046] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1808.043618] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.053062] CR0=0000000080050033 CR3=00000001d2f47000 CR4=00000000001426f0
[ 1808.072396] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.079144] TSC Offset = 0xfffffc361ffad93b
[ 1808.080558] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1808.088240] TPR Threshold = 0x00
[ 1808.095952] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1808.100933] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.112122] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1808.118341] *** Control State ***
[ 1808.121915] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1808.121959] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.136585] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1808.143355] EntryControls=0000d1ff ExitControls=002fefff
[ 1808.148999] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.157166] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1808.157303] EPT pointer = 0x00000001c7c4d01e
[ 1808.168712] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.172622] CR0=0000000080050033 CR3=0000000188bf8000 CR4=00000000001426e0
[ 1808.183833] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.196509] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1808.203337] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.208281] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1808.215407] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1808.224738] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1808.232057]         reason=80000021 qualification=0000000000000000
[ 1808.239139] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1808.246969] IDTVectoring: info=00000000 errcode=00000000
[ 1808.247709] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1808.255030] Interruptibility = 00000000  ActivityState = 00000000
[ 1808.264863] TSC Offset = 0xfffffc36167a5ed5
[ 1808.269271] *** Host State ***
[ 1808.270321] *** Control State ***
[ 1808.275842] TPR Threshold = 0x00
[ 1808.279387] RIP = 0xffffffff811fa113  RSP = 0xffff880180c4f390
[ 1808.285543] EPT pointer = 0x00000001bdcf901e
[ 1808.286194] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1808.290082] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1808.314874] EntryControls=0000d1ff ExitControls=002fefff
[ 1808.315647] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1808.320340] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1808.320350] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1808.320358] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1808.320374]         reason=80000021 qualification=0000000000000000
[ 1808.320387] IDTVectoring: info=00000000 errcode=00000000
[ 1808.335517] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1808.349319] TSC Offset = 0xfffffc361a06a514
[ 1808.361588] TPR Threshold = 0x00
03:48:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000)

03:48:46 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x80ffff]})

03:48:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1808.374242] CR0=0000000080050033 CR3=000000018f56b000 CR4=00000000001426f0
[ 1808.381408] EPT pointer = 0x00000001cb7c901e
[ 1808.382302] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1808.392667] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1808.417144] *** Control State ***
[ 1808.420684] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1808.453322] EntryControls=0000d1ff ExitControls=002fefff
[ 1808.463250] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1808.472346] *** Guest State ***
[ 1808.473652] *** Guest State ***
[ 1808.475853] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1808.488659] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1808.495838] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1808.505077] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1808.505831] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1808.511811]         reason=80000021 qualification=0000000000000000
[ 1808.528523] CR3 = 0x0000000000000000
[ 1808.532426] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1808.539125] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:48:46 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1808.548624] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1808.564172] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1808.575282] IDTVectoring: info=00000000 errcode=00000000
[ 1808.588654] TSC Offset = 0xfffffc35d0a4475c
[ 1808.594231] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000)

[ 1808.598345] CR3 = 0x0000000000000000
[ 1808.619349] TPR Threshold = 0x00
[ 1808.629861] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1808.630932] EPT pointer = 0x00000001c974901e
[ 1808.636921] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1808.648110] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1808.655402] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.657097] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.677792] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.682595] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.692901] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:46 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1808.704218] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.712461] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.738980] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.756178] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.767486] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.771625] *** Guest State ***
[ 1808.783296] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1808.784674] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.798543] *** Guest State ***
03:48:46 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000001c0))
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1808.803575] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1808.813045] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1808.814705] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.855477] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.855804] CR3 = 0x0000000000000000
[ 1808.872956] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.875316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1808.890496] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.898636] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.908722] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.913866] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1808.922930] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1808.924875] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1808.929510] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1808.936117] CR3 = 0x0000000000000000
[ 1808.944565] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1808.951176] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1808.961513] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1808.964882] Interruptibility = 00000000  ActivityState = 00000000
[ 1808.970048] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1808.981941] *** Host State ***
[ 1808.985275] RIP = 0xffffffff811fa113  RSP = 0xffff88018b56f390
[ 1808.986169] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1808.997822] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:48:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x64000000)

[ 1808.999462] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.009220] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1809.029909] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1809.038092] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1809.044088] CR0=0000000080050033 CR3=0000000188bf8000 CR4=00000000001426f0
03:48:47 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1809.044095] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1809.044107] Interruptibility = 00000000  ActivityState = 00000000
[ 1809.058805] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.067408] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1809.073139] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1809.093776] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.101913] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1809.108237] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.117921] *** Host State ***
[ 1809.121238] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.129363] RIP = 0xffffffff811fa113  RSP = 0xffff880181e67390
[ 1809.135601] *** Control State ***
[ 1809.139611] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1809.147498] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:47 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1809.149853] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.156115] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.163701] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1809.178156] EntryControls=0000d1ff ExitControls=002fefff
[ 1809.183783] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.191013] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1809.200976] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1809.215539] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.223658] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1809.231804] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1809.246722] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.259057] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1809.265611] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.265915] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1809.280041] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.288455]         reason=80000021 qualification=0000000000000000
[ 1809.294983] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1e000000)

03:48:47 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1809.305277] IDTVectoring: info=00000000 errcode=00000000
[ 1809.308655] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1809.318936] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.327689] CR0=0000000080050033 CR3=00000001ba1f4000 CR4=00000000001426e0
[ 1809.335430] TSC Offset = 0xfffffc356ef5c841
[ 1809.339879] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1809.352600] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1809.363358] TPR Threshold = 0x00
[ 1809.367447] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.378499] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1809.384948] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.393032] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1809.399748] EPT pointer = 0x0000000180e7e01e
[ 1809.404691] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1809.411709] *** Control State ***
[ 1809.415326] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1809.422885] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1809.429709] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1809.441397] EntryControls=0000d1ff ExitControls=002fefff
[ 1809.447035] Interruptibility = 00000000  ActivityState = 00000000
[ 1809.453414] Interruptibility = 00000000  ActivityState = 00000000
[ 1809.464379] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1809.471488] *** Host State ***
[ 1809.474916] RIP = 0xffffffff811fa113  RSP = 0xffff88017e3c7390
[ 1809.481709] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1809.489803] *** Host State ***
[ 1809.493120] RIP = 0xffffffff811fa113  RSP = 0xffff88017f667390
[ 1809.499287] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1809.505860] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1809.512578] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1809.519148]         reason=80000021 qualification=0000000000000000
[ 1809.525663] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1809.533593] IDTVectoring: info=00000000 errcode=00000000
[ 1809.539758] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1809.547745] TSC Offset = 0xfffffc356fde010e
[ 1809.552233] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1809.558245] TPR Threshold = 0x00
[ 1809.561740] EPT pointer = 0x00000001ce23801e
[ 1809.569513] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1809.576684] CR0=0000000080050033 CR3=000000018f56b000 CR4=00000000001426e0
[ 1809.600315] CR0=0000000080050033 CR3=00000001c0e25000 CR4=00000000001426e0
03:48:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0xffff8000]})

03:48:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:47 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1809.612471] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1809.621537] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1809.635692] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1809.645055] *** Control State ***
[ 1809.661185] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1809.674684] *** Guest State ***
[ 1809.675197] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1809.685287] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1809.692057] *** Control State ***
[ 1809.700533] EntryControls=0000d1ff ExitControls=002fefff
[ 1809.705151] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:48:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x3e00)

[ 1809.707505] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1809.729564] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1809.743511] EntryControls=0000d1ff ExitControls=002fefff
[ 1809.748811] *** Guest State ***
[ 1809.751833] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1809.755112] CR3 = 0x0000000000000000
[ 1809.765569] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1809.770868] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1809.772779] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1809.786191] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1809.794156] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1809.803511] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1809.817955] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1809.820485]         reason=80000021 qualification=0000000000000000
[ 1809.828403] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1809.839692] CR3 = 0x0000000000000000
[ 1809.840856]         reason=80000021 qualification=0000000000000000
[ 1809.845051] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1809.856823] IDTVectoring: info=00000000 errcode=00000000
[ 1809.870579] IDTVectoring: info=00000000 errcode=00000000
[ 1809.870815] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1809.882958] TSC Offset = 0xfffffc3545c61676
[ 1809.887772] TSC Offset = 0xfffffc35420eefa9
[ 1809.893890] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1809.900181] TPR Threshold = 0x00
[ 1809.900391] TPR Threshold = 0x00
[ 1809.907872] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.910666] EPT pointer = 0x00000001c205101e
[ 1809.916229] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1809.927393] EPT pointer = 0x00000001c5bf401e
[ 1809.933605] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.937072] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.949755] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd01}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:48 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0xffff8000, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x7)

[ 1809.971706] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.983723] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.991002] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1809.998347] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.015737] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.043078] *** Guest State ***
[ 1810.055307] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.065878] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1810.077492] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:48 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000340)={{0x2, 0x4e20, @loopback}, {0x1, @dev={[], 0x11}}, 0x10, {0x2, 0x4e20}, 'ifb0\x00'})
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1810.095129] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.103209] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.109034] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1810.115306] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.132163] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x900000000000000)

[ 1810.150310] CR3 = 0x0000000000000000
[ 1810.162017] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1810.180412] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1810.189095] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.200967] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1810.202895] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.222103] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.225202] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:48 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1810.245027] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.253153] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.261472] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.292954] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1810.303036] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1810.323788] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.327187] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1810.339622] *** Guest State ***
[ 1810.341066] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1810.349911] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1810.367948] Interruptibility = 00000000  ActivityState = 00000000
[ 1810.378954] Interruptibility = 00000000  ActivityState = 00000000
[ 1810.381338] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1810.394278] *** Host State ***
[ 1810.397708] *** Host State ***
[ 1810.397766] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.401070] RIP = 0xffffffff811fa113  RSP = 0xffff88017c247390
[ 1810.412087] CR3 = 0x0000000000000000
[ 1810.419473] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1810.426588] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1810.435383] RIP = 0xffffffff811fa113  RSP = 0xffff88018763f390
[ 1810.441494] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1810.450740] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.459080] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1810.459204] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.473659] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1810.473863] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.482918] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1810.495069] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.504067] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1810.506324] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.521570] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.530019] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.538326] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.538581] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1810.554470] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.558763] CR0=0000000080050033 CR3=00000001d2ccb000 CR4=00000000001426e0
[ 1810.563712] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.569663] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1810.577872] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.591921] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.597961] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1810.605100] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.614590] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1810.614688] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1810.621503] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.627271] CR0=0000000080050033 CR3=00000001ba1f4000 CR4=00000000001426e0
[ 1810.635468] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1810.650050] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1810.658343] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1810.663663] *** Control State ***
[ 1810.670436] Interruptibility = 00000000  ActivityState = 00000000
[ 1810.675203] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1810.683491] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1810.683806] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1810.690307] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1810.696893] *** Host State ***
[ 1810.702795] *** Control State ***
[ 1810.709568] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1810.710442] EntryControls=0000d1ff ExitControls=002fefff
[ 1810.717453] RIP = 0xffffffff811fa113  RSP = 0xffff8801bf2a7390
[ 1810.722614] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1810.728785] Interruptibility = 00000000  ActivityState = 00000000
[ 1810.735312] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1810.741535] *** Host State ***
[ 1810.748893] EntryControls=0000d1ff ExitControls=002fefff
[ 1810.752306] RIP = 0xffffffff811fa113  RSP = 0xffff88017f667390
[ 1810.757240] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1810.763285] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1810.770306] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1810.777344] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1810.783389] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1810.790014] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1810.796505] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1810.804281] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1810.811018]         reason=80000021 qualification=0000000000000000
[ 1810.819582] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1810.831459] CR0=0000000080050033 CR3=000000017d342000 CR4=00000000001426e0
[ 1810.834545] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1810.839136] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1810.845682] IDTVectoring: info=00000000 errcode=00000000
[ 1810.851963] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1810.857467]         reason=80000021 qualification=0000000000000000
[ 1810.864092] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1810.870000] TSC Offset = 0xfffffc34c1956dd4
[ 1810.875996] *** Control State ***
[ 1810.880505] IDTVectoring: info=00000000 errcode=00000000
[ 1810.883530] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1810.889057] TPR Threshold = 0x00
[ 1810.896019] CR0=0000000080050033 CR3=00000001be030000 CR4=00000000001426f0
[ 1810.906139] EPT pointer = 0x00000001c5e5e01e
[ 1810.906405] EntryControls=0000d1ff ExitControls=002fefff
[ 1810.910680] TSC Offset = 0xfffffc34c9f4a266
[ 1810.916329] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1810.927158] TPR Threshold = 0x00
[ 1810.927501] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1810.930583] EPT pointer = 0x00000001d169901e
03:48:49 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000)

03:48:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x80ffff00000000]})

03:48:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1810.937746] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1810.948363] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1810.955459] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1810.962095] *** Control State ***
[ 1810.965986]         reason=80000021 qualification=0000000000000000
[ 1810.973052] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1810.980044] IDTVectoring: info=00000000 errcode=00000000
[ 1810.985767] EntryControls=0000d1ff ExitControls=002fefff
[ 1810.991456] TSC Offset = 0xfffffc346f3b40ef
[ 1811.020836] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1811.035593] TPR Threshold = 0x00
[ 1811.040903] EPT pointer = 0x00000001d8b8a01e
[ 1811.052622] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1811.060468] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1811.061450] *** Guest State ***
03:48:49 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1811.084254]         reason=80000021 qualification=0000000000000000
[ 1811.094177] *** Guest State ***
[ 1811.099058] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1811.101282] IDTVectoring: info=00000000 errcode=00000000
[ 1811.114072] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:49 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1811.128928] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1811.152164] TSC Offset = 0xfffffc3498395a0f
[ 1811.157283] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1811.166588] TPR Threshold = 0x00
[ 1811.170076] EPT pointer = 0x000000018a9a501e
[ 1811.176788] CR3 = 0x0000000000000000
[ 1811.180191] CR3 = 0x0000000000000000
[ 1811.184296] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1811.194155] *** Guest State ***
[ 1811.203187] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1811.209161] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1811.214893] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1811.224995] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1811.232188] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.244374] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.252552] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.252784] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1811.261198] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.275348] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xa744ef307f0000)

03:48:49 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1811.290235] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1811.297107] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.320575] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1811.337677] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.339161] CR3 = 0x0000000000000000
[ 1811.349859] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1811.351385] *** Guest State ***
[ 1811.357234] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1811.366024] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1811.373019] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.374644] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.381862] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.390308] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.397778] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.408664] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.421926] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.428549] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:49 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1811.430087] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.453505] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.457003] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.474392] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1811.476942] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1811.495775] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1811.503376] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.507756] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.517885] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.520942] CR3 = 0x0000000000000000
[ 1811.531946] Interruptibility = 00000000  ActivityState = 00000000
03:48:49 executing program 4:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x10)

[ 1811.539926] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1811.554997] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1811.558076] *** Host State ***
[ 1811.567114] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1811.567795] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.574097] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.597947] RIP = 0xffffffff811fa113  RSP = 0xffff880181bcf390
[ 1811.598105] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.615778] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1811.624307] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.632651] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:49 executing program 4:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1811.640972] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1811.641692] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.659872] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.661831] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.672277] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.693377] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.704929] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1811.714331] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.724585] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.727144] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.733118] CR0=0000000080050033 CR3=00000001c280a000 CR4=00000000001426f0
[ 1811.748521] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.757411] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.765563] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.766351] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.783612] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1811.790717] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:49 executing program 4:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1811.795753] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1811.805315] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1811.805396] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1811.815835] Interruptibility = 00000000  ActivityState = 00000000
[ 1811.825397] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1811.837774] *** Control State ***
[ 1811.848961] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1811.852302] *** Host State ***
[ 1811.861225] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1811.868584] RIP = 0xffffffff811fa113  RSP = 0xffff88018049f390
[ 1811.871450] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1811.874728] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1811.889485] EntryControls=0000d1ff ExitControls=002fefff
[ 1811.898893] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1811.906211] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1811.907171] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1811.912685] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1811.928320] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1811.932105] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1811.936470] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1811.950532] Interruptibility = 00000000  ActivityState = 00000000
[ 1811.957894] Interruptibility = 00000000  ActivityState = 00000000
[ 1811.964211] *** Host State ***
[ 1811.964238] *** Host State ***
[ 1811.974535] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1811.982106] RIP = 0xffffffff811fa113  RSP = 0xffff88018763f390
[ 1811.983205] RIP = 0xffffffff811fa113  RSP = 0xffff8801ccf57390
[ 1811.998982] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1812.005549] CR0=0000000080050033 CR3=00000001d2d3b000 CR4=00000000001426e0
[ 1812.012605]         reason=80000021 qualification=0000000000000000
[ 1812.019168] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1812.019443] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1812.033506] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1812.041475] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1812.042284] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1812.054565] CR0=0000000080050033 CR3=00000001bca36000 CR4=00000000001426f0
[ 1812.054841] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1812.062454] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1812.073434] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1812.077431] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1812.083145] *** Control State ***
[ 1812.090105] IDTVectoring: info=00000000 errcode=00000000
[ 1812.096902] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1812.103769] TSC Offset = 0xfffffc340c4fdeea
[ 1812.105094] *** Control State ***
[ 1812.109969] EntryControls=0000d1ff ExitControls=002fefff
[ 1812.112240] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1812.117840] TPR Threshold = 0x00
[ 1812.124040] EntryControls=0000d1ff ExitControls=002fefff
[ 1812.127558] CR0=0000000080050033 CR3=0000000182af4000 CR4=00000000001426e0
[ 1812.132890] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1812.141582] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1812.153938] EPT pointer = 0x00000001cd18401e
[ 1812.159619] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1812.166649] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1812.173576] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1812.180487] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1812.180980] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1812.194915]         reason=80000021 qualification=0000000000000000
[ 1812.197303]         reason=80000021 qualification=0000000000000000
[ 1812.201347] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1812.213706] IDTVectoring: info=00000000 errcode=00000000
[ 1812.213928] *** Control State ***
[ 1812.222836] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1812.229037] IDTVectoring: info=00000000 errcode=00000000
[ 1812.230525] EntryControls=0000d1ff ExitControls=002fefff
[ 1812.240804] TSC Offset = 0xfffffc34075577b8
03:48:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x80ffff]})

[ 1812.244829] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1812.252560] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1812.262907] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1812.269763] TPR Threshold = 0x00
[ 1812.273159] EPT pointer = 0x00000001d288201e
[ 1812.274174]         reason=80000021 qualification=0000000000000000
[ 1812.285311] TSC Offset = 0xfffffc33e43d62e8
[ 1812.291997] IDTVectoring: info=00000000 errcode=00000000
03:48:50 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:50 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1812.303482] *** Guest State ***
[ 1812.307227] TSC Offset = 0xfffffc33f9a2a38a
[ 1812.311656] TPR Threshold = 0x00
[ 1812.315079] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1812.315096] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1812.327829] TPR Threshold = 0x00
[ 1812.337170] EPT pointer = 0x00000001d8b8a01e
[ 1812.341850] EPT pointer = 0x00000001bd7e701e
03:48:50 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1812.376160] *** Guest State ***
[ 1812.394752] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1812.399124] CR3 = 0x0000000000000000
[ 1812.412289] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x80ffff, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2e00000000000000)

03:48:50 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1812.428269] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1812.440271] CR3 = 0x0000000000000000
[ 1812.452873] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1812.465032] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1812.472005] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1812.486580] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1812.490680] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.509796] *** Guest State ***
[ 1812.511576] *** Guest State ***
[ 1812.517094] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1812.517430] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1812.531704] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.542154] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1812.549022] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.563387] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.566085] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:48:50 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1812.581008] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1812.585744] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.595703] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.612378] CR3 = 0x0000000000000000
[ 1812.618554] CR3 = 0x0000000000000000
[ 1812.624622] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x80ffff)

[ 1812.628487] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1812.636049] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1812.640211] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.651445] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1812.660578] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1812.666696] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.668453] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.683758] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1812.690114] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.701554] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1812.712150] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.715462] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.721501] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:50 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1812.736410] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.744964] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.756261] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.765096] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.773252] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.783864] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1812.787079] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.805134] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.815004] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.831952] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1812.836828] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1812.840135] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.858648] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.872634] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.874909] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:50 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1812.883537] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.897692] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1812.904273] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.912474] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1812.920948] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1812.934151] Interruptibility = 00000000  ActivityState = 00000000
[ 1812.934258] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1812.941720] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.957728] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1812.966413] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1812.968219] *** Host State ***
[ 1812.977377] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x4000)

[ 1812.981756] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1812.991203] Interruptibility = 00000000  ActivityState = 00000000
[ 1813.003121] RIP = 0xffffffff811fa113  RSP = 0xffff8801858f7390
[ 1813.009339] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.011596] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.025179] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1813.037721] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1813.042043] *** Host State ***
[ 1813.050239] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1813.057089] RIP = 0xffffffff811fa113  RSP = 0xffff88017cf1f390
[ 1813.060321] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1813.063200] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1813.077812] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1813.079764] CR0=0000000080050033 CR3=00000001c46f8000 CR4=00000000001426f0
[ 1813.084360] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1813.099428] Interruptibility = 00000000  ActivityState = 00000000
[ 1813.102901] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1813.113609] *** Host State ***
[ 1813.114353] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1813.117355] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1813.125019] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.131982] RIP = 0xffffffff811fa113  RSP = 0xffff88018eaff390
[ 1813.138416] CR0=0000000080050033 CR3=00000001d3389000 CR4=00000000001426f0
[ 1813.150677] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1813.152328] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1813.157506] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1813.169890] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1813.180399] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1813.187953] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1813.197663] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1813.201124] *** Control State ***
[ 1813.208006] CR0=0000000080050033 CR3=00000001837cc000 CR4=00000000001426f0
[ 1813.215095] Interruptibility = 00000000  ActivityState = 00000000
[ 1813.221416] *** Host State ***
[ 1813.221432] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1813.233651] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1813.241964] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1813.242018] RIP = 0xffffffff811fa113  RSP = 0xffff880185e4f390
[ 1813.253194] EntryControls=0000d1ff ExitControls=002fefff
[ 1813.260356] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1813.267511] *** Control State ***
[ 1813.271042] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1813.275782] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1813.283759] *** Control State ***
[ 1813.287443] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.294335] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1813.301170] EntryControls=0000d1ff ExitControls=002fefff
[ 1813.306766] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1813.315470] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1813.319100] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.322448] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.322463] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.342465] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1813.349299] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1813.356427]         reason=80000021 qualification=0000000000000000
[ 1813.361927]         reason=80000021 qualification=0000000000000000
[ 1813.364256] IDTVectoring: info=00000000 errcode=00000000
[ 1813.374912] IDTVectoring: info=00000000 errcode=00000000
[ 1813.383859] TSC Offset = 0xfffffc3357f0b60b
[ 1813.385268] TSC Offset = 0xfffffc33618f6f1c
[ 1813.389319] CR0=0000000080050033 CR3=000000017e04d000 CR4=00000000001426e0
[ 1813.400006] EntryControls=0000d1ff ExitControls=002fefff
[ 1813.405611] TPR Threshold = 0x00
[ 1813.405823] TPR Threshold = 0x00
[ 1813.409067] EPT pointer = 0x00000001c14a901e
[ 1813.412336] EPT pointer = 0x000000017d93301e
[ 1813.417879] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1813.428955] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:48:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0xffff8000]})

03:48:51 executing program 4:
socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r0, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x2e00)

[ 1813.452772] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1813.457534] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.464647] *** Control State ***
[ 1813.472664] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1813.485786] EntryControls=0000d1ff ExitControls=002fefff
[ 1813.504252] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1813.522849] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.538275] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1813.543284]         reason=80000021 qualification=0000000000000000
[ 1813.550207] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1813.552741] IDTVectoring: info=00000000 errcode=00000000
[ 1813.573350] TSC Offset = 0xfffffc3345091e41
[ 1813.580054] TPR Threshold = 0x00
[ 1813.584665] EPT pointer = 0x00000001c07be01e
[ 1813.591570] *** Guest State ***
[ 1813.596216]         reason=80000021 qualification=0000000000000000
[ 1813.608046] IDTVectoring: info=00000000 errcode=00000000
[ 1813.613553] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1813.613570] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1813.634279] TSC Offset = 0xfffffc3345bf24c1
[ 1813.639345] TPR Threshold = 0x00
[ 1813.642795] EPT pointer = 0x00000001c975e01e
[ 1813.649129] CR3 = 0x0000000000000000
03:48:51 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1813.652852] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:48:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x600)

[ 1813.687778] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1813.695690] *** Guest State ***
[ 1813.715495] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1813.725875] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:48:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1813.738112] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.741257] *** Guest State ***
[ 1813.748299] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1813.759964] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.765000] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1813.768763] CR3 = 0x0000000000000000
[ 1813.782136] *** Guest State ***
[ 1813.789156] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.796061] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1813.800167] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1813.814930] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1813.823927] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.832090] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1813.839165] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1813.846134] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.854297] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1813.858404] CR3 = 0x0000000000000000
[ 1813.863460] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.875111] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1813.883250] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1813.887222] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1813.891529] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.905420] CR3 = 0x0000000000000000
[ 1813.909263] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1813.919240] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.933469] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.934253] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1813.941726] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1813.953677] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1813.962035] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1813.977429] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.985594] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1813.986015] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1814.002939] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.011202] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.019224] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.019244] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x6700)

03:48:52 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1814.019309] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.030989] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1814.043442] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1814.058127] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.061510] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.070345] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.082704] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.091844] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.095319] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.106683] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.118213] Interruptibility = 00000000  ActivityState = 00000000
[ 1814.124750] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.131048] *** Host State ***
[ 1814.137181] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.145284] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.145730] RIP = 0xffffffff811fa113  RSP = 0xffff880181bcf390
[ 1814.153540] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.159687] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.175524] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.176714] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1814.191260] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.196645] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.200520] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.207678] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1814.216219] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1814.230439] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.233846] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1814.238689] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1814.258654] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1814.266216] Interruptibility = 00000000  ActivityState = 00000000
[ 1814.266220] *** Host State ***
[ 1814.266232] RIP = 0xffffffff811fa113  RSP = 0xffff88017cf1f390
[ 1814.266260] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1814.275273] Interruptibility = 00000000  ActivityState = 00000000
[ 1814.276308] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.281783] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1814.302558] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1814.310612] *** Host State ***
[ 1814.319531] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.322664] RIP = 0xffffffff811fa113  RSP = 0xffff8801c6277390
[ 1814.339202] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1814.345075] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1814.345962] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1814.359479] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1814.367798] CR0=0000000080050033 CR3=00000001d939c000 CR4=00000000001426e0
[ 1814.369417] CR0=0000000080050033 CR3=000000017f72f000 CR4=00000000001426f0
[ 1814.379536] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1814.388705] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.396849] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1814.397300] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1814.402986] *** Control State ***
[ 1814.414443] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1814.416326] CR0=0000000080050033 CR3=00000001cc573000 CR4=00000000001426f0
[ 1814.423695] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1814.434879] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1814.437459] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1814.442517] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1814.455381] Interruptibility = 00000000  ActivityState = 00000000
[ 1814.455433] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1814.461731] *** Control State ***
[ 1814.468045] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1814.471283] *** Host State ***
[ 1814.478531] EntryControls=0000d1ff ExitControls=002fefff
[ 1814.486623] *** Control State ***
[ 1814.486634] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1814.486654] EntryControls=0000d1ff ExitControls=002fefff
[ 1814.502347] RIP = 0xffffffff811fa113  RSP = 0xffff880164557390
[ 1814.502363] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1814.515431] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1814.521918] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1814.533303] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1814.540243] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1814.542967] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.548216] CR0=0000000080050033 CR3=00000001c1a0c000 CR4=00000000001426e0
[ 1814.554401] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1814.569471] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.576778] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.581456] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1814.585096] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1814.594695] EntryControls=0000d1ff ExitControls=002fefff
[ 1814.596969]         reason=80000021 qualification=0000000000000000
[ 1814.602767]         reason=80000021 qualification=0000000000000000
[ 1814.608864] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1814.621636] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1814.622454] IDTVectoring: info=00000000 errcode=00000000
[ 1814.629443] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.634246] *** Control State ***
[ 1814.641194] IDTVectoring: info=00000000 errcode=00000000
[ 1814.650986] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1814.653865] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.664897] TSC Offset = 0xfffffc32a2b7d64a
[ 1814.669600] TPR Threshold = 0x00
[ 1814.673294]         reason=80000021 qualification=0000000000000000
[ 1814.679691] EPT pointer = 0x00000001c17ff01e
[ 1814.684212] TSC Offset = 0xfffffc329cd50a4c
[ 1814.684223] TPR Threshold = 0x00
[ 1814.689122] IDTVectoring: info=00000000 errcode=00000000
[ 1814.699272] EntryControls=0000d1ff ExitControls=002fefff
[ 1814.704927] EPT pointer = 0x00000001c147d01e
[ 1814.705250] TSC Offset = 0xfffffc32b1d317a8
[ 1814.709472] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1814.720931] TPR Threshold = 0x00
[ 1814.721896] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1814.724302] EPT pointer = 0x00000001883ae01e
[ 1814.731150] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
03:48:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x80ffff00000000]})

03:48:52 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x67)

03:48:52 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1814.742657]         reason=80000021 qualification=0000000000000000
[ 1814.749278] IDTVectoring: info=00000000 errcode=00000000
[ 1814.754895] TSC Offset = 0xfffffc3299bb5792
[ 1814.762460] TPR Threshold = 0x00
[ 1814.765947] EPT pointer = 0x00000001cb7c901e
[ 1814.866456] *** Guest State ***
[ 1814.870825] *** Guest State ***
[ 1814.874322] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1814.883973] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1814.893189] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1814.902239] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1814.911827] CR3 = 0x0000000000000000
03:48:52 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1814.916343] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1814.922848] CR3 = 0x0000000000000000
[ 1814.926784] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1814.933895] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1814.940238] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1814.954445] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1814.960643] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.968750] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1814.968763] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.968780] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1814.995701] *** Guest State ***
[ 1815.001439] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.011813] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1815.022814] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.044982] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1815.053978] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:53 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488d")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1815.062121] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.075090] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.083163] CR3 = 0x0000000000000000
[ 1815.087350] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.098783] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1815.104946] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0xa000000)

[ 1815.113043] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.121232] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1815.128062] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.136518] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1815.145111] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.155927] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.164762] *** Guest State ***
[ 1815.169260] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.169527] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.190514] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1815.199556] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.207714] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:53 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488d")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1815.214534] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.215854] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.224066] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.232168] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.248986] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.249622] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1815.257206] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.274156] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.283651] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.296426] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1815.308841] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1815.308973] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1815.317652] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.334897] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1815.336151] Interruptibility = 00000000  ActivityState = 00000000
[ 1815.349075] CR3 = 0x0000000000000000
[ 1815.352855] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1815.354334] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:53 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488d")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1815.367283] Interruptibility = 00000000  ActivityState = 00000000
[ 1815.368418] *** Host State ***
[ 1815.376969] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.385298] RIP = 0xffffffff811fa113  RSP = 0xffff88018ab97390
[ 1815.391462] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1815.395617] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1815.398155] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.404019] *** Host State ***
[ 1815.415821] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1815.416464] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1815.434504] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1815.441220] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1815.441345] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.447294] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1815.456027] RIP = 0xffffffff811fa113  RSP = 0xffff880185e4f390
[ 1815.462882] CR0=0000000080050033 CR3=000000018b553000 CR4=00000000001426e0
[ 1815.477403] Interruptibility = 00000000  ActivityState = 00000000
[ 1815.484830] *** Host State ***
[ 1815.488146] RIP = 0xffffffff811fa113  RSP = 0xffff8801cab2f390
[ 1815.494345] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1815.494455] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.501222] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1815.509434] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1815.515773] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1815.528280] *** Control State ***
[ 1815.531951] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1815.540055] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1815.540852] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1815.555632] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1815.555683] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1815.565773] EntryControls=0000d1ff ExitControls=002fefff
[ 1815.568212] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.575180] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1815.588012] CR0=0000000080050033 CR3=00000001bbeff000 CR4=00000000001426e0
[ 1815.599966] CR0=0000000080050033 CR3=00000001d7d92000 CR4=00000000001426e0
[ 1815.605496] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1815.608296] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.613768] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1815.630177] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1815.632427] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1815.639809] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1815.650580] *** Control State ***
[ 1815.651364] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1815.660309] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1815.667425] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.680868] *** Control State ***
[ 1815.682265]         reason=80000021 qualification=0000000000000000
[ 1815.691923] EntryControls=0000d1ff ExitControls=002fefff
[ 1815.692630] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.697545] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1815.697554] VMEntry: intr_info=800000a0 errcode=00000000 ilen=00000000
[ 1815.697562] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1815.697569]         reason=80000021 qualification=0000000000000000
[ 1815.697576] IDTVectoring: info=00000000 errcode=00000000
[ 1815.697588] TSC Offset = 0xfffffc31f61ac19b
[ 1815.712796] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1815.719408] TPR Threshold = 0x00
[ 1815.727753] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.742170] IDTVectoring: info=00000000 errcode=00000000
[ 1815.749225] EPT pointer = 0x00000001c3ee801e
[ 1815.752781] EntryControls=0000d1ff ExitControls=002fefff
[ 1815.774590] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.783876] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1815.796115] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1815.800205] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1815.803056] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:48:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x80ffff]})

03:48:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x500)

03:48:53 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d76")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1815.803065] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1815.803072]         reason=80000021 qualification=0000000000000000
[ 1815.803084] IDTVectoring: info=00000000 errcode=00000000
[ 1815.811668] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1815.826207] TSC Offset = 0xfffffc3202272d1e
[ 1815.838056] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1815.846894] TPR Threshold = 0x00
[ 1815.864946] Interruptibility = 00000000  ActivityState = 00000000
[ 1815.881561] *** Guest State ***
[ 1815.885085] *** Host State ***
[ 1815.889072] EPT pointer = 0x000000018105c01e
[ 1815.893612] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1815.902604] RIP = 0xffffffff811fa113  RSP = 0xffff88017e3c7390
[ 1815.908922] TSC Offset = 0xfffffc3202655486
03:48:53 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfee00000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1815.915761] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1815.939523] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1815.949052] TPR Threshold = 0x00
[ 1815.952433] EPT pointer = 0x00000001c7bbc01e
[ 1815.958118] CR3 = 0x0000000000000000
[ 1815.962885] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1815.972960] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1815.985483] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1815.993802] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1816.001669] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1816.009265] CR0=0000000080050033 CR3=0000000180b4d000 CR4=00000000001426e0
[ 1816.029771] *** Guest State ***
[ 1816.033331] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1816.043875] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.056152] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:48:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:54 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d76")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x3600)

[ 1816.074450] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.082991] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1816.114717] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1816.121161] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.135312] CR3 = 0x0000000000000000
[ 1816.140468] *** Control State ***
[ 1816.144124] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1816.150227] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1816.150806] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.166007] *** Guest State ***
[ 1816.169480] EntryControls=0000d1ff ExitControls=002fefff
[ 1816.177644] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.186043] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.194214] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.197051] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1816.203459] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.219276] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1816.226714] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1816.234202] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1816.235712] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1816.241304] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.255483]         reason=80000021 qualification=0000000000000000
[ 1816.261919] IDTVectoring: info=00000000 errcode=00000000
[ 1816.267879] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.276740] TSC Offset = 0xfffffc31da70018d
[ 1816.280602] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1816.281307] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1816.294894] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1816.294943] TPR Threshold = 0x00
[ 1816.307535] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1816.315462] EPT pointer = 0x00000001cc9c001e
[ 1816.315759] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.320031] Interruptibility = 00000000  ActivityState = 00000000
03:48:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:54 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d76")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1816.341617] *** Host State ***
[ 1816.349920] RIP = 0xffffffff811fa113  RSP = 0xffff8801be247390
[ 1816.356048] CR3 = 0x0000000000000000
[ 1816.359842] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1816.362508] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1816.365942] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.376575] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1816.391447] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1816.406919] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1816.417076] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.418401] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1816.431099] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:54 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d7660")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1816.439390] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.441524] CR0=0000000080050033 CR3=00000001bd4ca000 CR4=00000000001426e0
[ 1816.455852] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.470099] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.470529] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:48:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000], 0x1f000, 0x2000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1816.484007] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.495909] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.512306] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.524353] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.534081] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.542178] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1816.542760] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.559594] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.576718] *** Control State ***
[ 1816.583454] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1816.597008] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.599102] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.606215] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1816.616857] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.650730] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.656730] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.659597] *** Guest State ***
[ 1816.672701] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1816.682119] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1816.689069] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1816.692745] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1816.696875] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1816.712268] Interruptibility = 00000000  ActivityState = 00000000
[ 1816.717967] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1816.719390] *** Host State ***
[ 1816.730614] CR3 = 0x0000000000000000
[ 1816.734494] RIP = 0xffffffff811fa113  RSP = 0xffff8801cab2f390
[ 1816.736063] EntryControls=0000d1ff ExitControls=002fefff
[ 1816.741051] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1816.752179] Interruptibility = 00000000  ActivityState = 00000000
[ 1816.759101] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1816.766566] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1816.772643] *** Host State ***
[ 1816.776706] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1816.783549] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1816.795412] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.804496] RIP = 0xffffffff811fa113  RSP = 0xffff88018eb57390
[ 1816.807416] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1816.815350] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1816.824138] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.832682] CR0=0000000080050033 CR3=00000001bc712000 CR4=00000000001426f0
[ 1816.840173] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.848644] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1816.855782] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1816.855795] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1816.855807] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1816.855822] CR0=0000000080050033 CR3=000000018b553000 CR4=00000000001426e0
[ 1816.855836] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1816.855848] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1816.855852] *** Control State ***
[ 1816.855860] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1816.855868] EntryControls=0000d1ff ExitControls=002fefff
[ 1816.855880] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1816.855889] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1816.855898] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1816.855913]         reason=80000021 qualification=0000000000000000
[ 1816.876956] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1816.890446] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.900014] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.938426] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1816.946932] *** Control State ***
[ 1816.971417] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1816.980843] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1816.988075] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1816.988501] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1816.996501] EntryControls=0000d1ff ExitControls=002fefff
[ 1817.008344] IDTVectoring: info=00000000 errcode=00000000
[ 1817.008351] TSC Offset = 0xfffffc31631de3c4
[ 1817.008355] TPR Threshold = 0x00
[ 1817.008363] EPT pointer = 0x000000018880e01e
[ 1817.026130] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.026995]         reason=80000021 qualification=0000000000000000
[ 1817.041100] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.055408] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.068760] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1817.069836] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1817.081089] IDTVectoring: info=00000000 errcode=00000000
[ 1817.086666] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1817.095765] Interruptibility = 00000000  ActivityState = 00000000
[ 1817.102133] *** Host State ***
[ 1817.106269] RIP = 0xffffffff811fa113  RSP = 0xffff88016be4f390
[ 1817.108875] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1817.116683] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1817.125893] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1817.135128] TSC Offset = 0xfffffc31770903df
[ 1817.139398] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1817.139483] TPR Threshold = 0x00
[ 1817.150295] CR0=0000000080050033 CR3=00000001ba9cf000 CR4=00000000001426e0
[ 1817.157910] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1817.162305] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1817.171457] EPT pointer = 0x00000001c5e4901e
[ 1817.172129] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1817.183545] *** Control State ***
[ 1817.186004]         reason=80000021 qualification=0000000000000000
[ 1817.187348] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1817.200383] EntryControls=0000d1ff ExitControls=002fefff
03:48:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0xffff8000]})

03:48:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d7660")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x4, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000000180))
r4 = gettid()
prlimit64(r4, 0x0, &(0x7f0000000080)={0x4, 0x5}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1817.200552] IDTVectoring: info=00000000 errcode=00000000
[ 1817.206296] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1817.218102] TSC Offset = 0xfffffc31501a56be
[ 1817.222041] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1817.240648] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1817.243777] TPR Threshold = 0x00
[ 1817.269822] EPT pointer = 0x00000001cd1e901e
[ 1817.273953] *** Guest State ***
[ 1817.278230]         reason=80000021 qualification=0000000000000000
[ 1817.285823] *** Guest State ***
[ 1817.289239] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1817.298761] IDTVectoring: info=00000000 errcode=00000000
[ 1817.304318] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1817.313659] TSC Offset = 0xfffffc310da6f703
[ 1817.318812] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1817.328414] TPR Threshold = 0x00
[ 1817.331898] EPT pointer = 0x00000001bc42301e
[ 1817.336677] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1817.346201] CR3 = 0x0000000000000000
[ 1817.355552] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1817.362614] CR3 = 0x0000000000000000
[ 1817.366852] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1817.373155] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1817.379648] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1817.385857] *** Guest State ***
[ 1817.389188] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1817.398734] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1817.405445] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1817.405460] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:55 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d7660")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1817.405485] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.449968] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.461909] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1817.465112] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.490189] *** Guest State ***
[ 1817.495189] CR3 = 0x0000000000000000
[ 1817.499085] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.503696] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1817.509489] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1817.530392] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.533456] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.547037] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1817.548196] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1817.556047] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
syz_open_dev$audion(&(0x7f0000000380)='/dev/audio#\x00', 0x81, 0x80000)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000080)=<r4=>0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000180)=0x2)
ioctl$UI_SET_PHYS(r3, 0x4008556c, &(0x7f0000000340)='syz1\x00')
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
setsockopt$packet_int(r3, 0x107, 0x1e, &(0x7f00000001c0), 0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1817.562498] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1817.585988] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.587454] CR3 = 0x0000000000000000
[ 1817.601012] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, 0xffffffffffffffff, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1817.622572] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.629902] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.635756] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.643175] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1817.651711] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.656446] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.669331] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.673096] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1817.683643] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.688524] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1817.701825] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.705927] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.724202] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.725925] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.741530] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.745622] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.749939] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.760055] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1817.766402] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.783045] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.798638] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1817.804038] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.805628] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.814683] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.821673] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1817.832999] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.837205] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.847644] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1817.859555] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.864179] Interruptibility = 00000000  ActivityState = 00000000
[ 1817.868439] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.875505] *** Host State ***
[ 1817.882316] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1817.892967] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.893305] Interruptibility = 00000000  ActivityState = 00000000
[ 1817.907665] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.916324] RIP = 0xffffffff811fa113  RSP = 0xffff880182167390
[ 1817.916604] *** Host State ***
[ 1817.922631] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1817.925896] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1817.940169] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1817.940378] RIP = 0xffffffff811fa113  RSP = 0xffff880186caf390
[ 1817.947068] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1817.954052] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1817.962229] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1817.967351] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1817.988389] Interruptibility = 00000000  ActivityState = 00000000
[ 1817.998303] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1818.000782] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1818.008907] *** Host State ***
[ 1818.019435] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
03:48:56 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1818.020722] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1818.039389] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.039581] RIP = 0xffffffff811fa113  RSP = 0xffff88017cf1f390
[ 1818.047837] CR0=0000000080050033 CR3=00000001bbeff000 CR4=00000000001426e0
[ 1818.066682] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1818.067509] CR0=0000000080050033 CR3=00000001b90ba000 CR4=00000000001426e0
[ 1818.084590] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1818.091704] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1818.093695] FSBase=00007f1e5f216700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1818.108339] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1818.120011] Interruptibility = 00000000  ActivityState = 00000000
[ 1818.121472] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1818.133175] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1818.140120] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1818.148818] CR0=0000000080050033 CR3=00000001ba9cf000 CR4=00000000001426e0
[ 1818.155968] *** Host State ***
[ 1818.159272] RIP = 0xffffffff811fa113  RSP = 0xffff880168f17390
[ 1818.165313] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1818.165318] *** Control State ***
[ 1818.165327] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1818.165334] EntryControls=0000d1ff ExitControls=002fefff
[ 1818.165346] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1818.165354] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1818.165362] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1818.165380]         reason=80000021 qualification=0000000000000000
[ 1818.165387] IDTVectoring: info=00000000 errcode=00000000
[ 1818.165393] TSC Offset = 0xfffffc30b825ab74
[ 1818.165398] TPR Threshold = 0x00
[ 1818.165405] EPT pointer = 0x00000001c2f3501e
[ 1818.181773] *** Control State ***
[ 1818.200891] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1818.200903] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1818.200906] *** Control State ***
[ 1818.200914] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1818.200921] EntryControls=0000d1ff ExitControls=002fefff
[ 1818.200941] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1818.213949] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1818.223941] EntryControls=0000d1ff ExitControls=002fefff
[ 1818.227876] *** Guest State ***
[ 1818.231941] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1818.242079] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1818.248073] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1818.251636] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1818.278026] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1818.286260] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1818.294562] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1818.299475] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1818.315774] CR3 = 0x0000000000000000
[ 1818.323223] CR0=0000000080050033 CR3=00000001bdcf9000 CR4=00000000001426f0
[ 1818.331964] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1818.340038] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1818.358136] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1818.362229] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1818.368696]         reason=80000021 qualification=0000000000000000
[ 1818.375040] *** Control State ***
[ 1818.380940] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1818.387479] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1818.396733] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1818.396750] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.410226] IDTVectoring: info=00000000 errcode=00000000
[ 1818.418908] EntryControls=0000d1ff ExitControls=002fefff
[ 1818.423720] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1818.435845] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.438176] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1818.447358]         reason=80000021 qualification=0000000000000000
[ 1818.451203] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1818.457265] TSC Offset = 0xfffffc310da6f703
[ 1818.464184] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1818.468294] IDTVectoring: info=00000000 errcode=00000000
[ 1818.480362] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.480430] TSC Offset = 0xfffffc30b84dc2ba
[ 1818.488805]         reason=80000021 qualification=0000000000000000
[ 1818.492786] TPR Threshold = 0x00
[ 1818.500766] IDTVectoring: info=00000000 errcode=00000000
[ 1818.502687] TPR Threshold = 0x00
[ 1818.508293] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.511466] EPT pointer = 0x00000001bc42301e
[ 1818.519878] TSC Offset = 0xfffffc309abef947
[ 1818.523943] EPT pointer = 0x00000001bc59201e
[ 1818.528584] TPR Threshold = 0x00
[ 1818.536529] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.544629] EPT pointer = 0x00000001cb34f01e
[ 1818.558468] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1818.579692] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1818.591791] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.602160] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1818.610385] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.620247] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1818.626749] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1818.626759] Interruptibility = 00000000  ActivityState = 00000000
[ 1818.626763] *** Host State ***
[ 1818.626774] RIP = 0xffffffff811fa113  RSP = 0xffff8801804b7390
[ 1818.626798] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1818.626810] FSBase=00007ff4ae3eb700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1818.626823] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1818.640661] CR0=0000000080050033 CR3=00000001b90ba000 CR4=00000000001426e0
[ 1818.650631] *** Guest State ***
[ 1818.659552] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1818.664173] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1818.670053] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1818.670065] *** Control State ***
[ 1818.678091] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1818.680496] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1818.687989] CR3 = 0x0000000000000000
[ 1818.696293] EntryControls=0000d1ff ExitControls=002fefff
[ 1818.702670] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1818.705942] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1818.714850] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1818.721522] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1818.725954] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1818.734888] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1818.736704] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0x80ffff00000000]})

03:48:56 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8008000000000007)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpgid(0xffffffffffffffff)
mq_notify(r3, &(0x7f00000001c0)={0x0, 0x20, 0x2, @tid=r4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1], 0x1f000})
connect$netlink(r3, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8800}, 0xc)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f0000000180)=r3)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)={&(0x7f0000000340)='./file0\x00', 0x0, 0x18}, 0x10)

03:48:56 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:56 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd01}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1818.743405]         reason=80000021 qualification=0000000000000000
[ 1818.749650] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.756091] IDTVectoring: info=00000000 errcode=00000000
[ 1818.756097] TSC Offset = 0xfffffc30b825ab74
[ 1818.756102] TPR Threshold = 0x00
[ 1818.756113] EPT pointer = 0x00000001c2f3501e
[ 1818.762938] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.778984] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.792116] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.851185] *** Guest State ***
[ 1818.854501] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:56 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1818.896363] *** Guest State ***
[ 1818.908684] *** Guest State ***
[ 1818.913622] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1818.914909] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1818.942103] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1818.945220] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1818.969350] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1818.985421] CR3 = 0x0000000000000000
[ 1818.989310] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1818.997822] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1819.005130] CR3 = 0x0000000000000000
[ 1819.005554] CR3 = 0x0000000000000000
[ 1819.015231] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.025412] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1819.027178] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1819.036326] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:48:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1819.037532] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1819.043534] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1819.053405] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.069850] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.078038] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1819.084273] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.094565] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1819.095112] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1819.109564] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.111590] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.125773] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.126426] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:48:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1819.134634] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.146125] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.156886] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.167325] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.169137] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.185923] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:48:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = gettid()
r2 = fcntl$getown(r0, 0x9)
rt_tgsigqueueinfo(r1, r2, 0x0, &(0x7f0000000340)={0x29, 0x4, 0x4, 0x9})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r5 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r6=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {r6, 0xb}}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1819.188396] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.202393] Interruptibility = 00000000  ActivityState = 00000000
[ 1819.210014] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.217106] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.225731] *** Host State ***
[ 1819.231287] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.239420] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.247888] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.251229] RIP = 0xffffffff811fa113  RSP = 0xffff880168f17390
[ 1819.256154] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.262455] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.270095] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.286332] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:48:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1819.290353] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.305065] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.318750] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1819.326675] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.332722] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1819.341208] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.341626] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.356075] CR0=0000000080050033 CR3=00000001bdcf9000 CR4=00000000001426f0
[ 1819.365121] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.367074] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.389124] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:48:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1819.390246] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1819.399510] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1819.403120] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.412236] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.418332] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1819.432325] *** Control State ***
[ 1819.438634] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1819.446044] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.446314] Interruptibility = 00000000  ActivityState = 00000000
[ 1819.461507] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.470627] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1819.478162] EntryControls=0000d1ff ExitControls=002fefff
[ 1819.492126] *** Host State ***
[ 1819.497862] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1819.498726] RIP = 0xffffffff811fa113  RSP = 0xffff8801b947f390
[ 1819.507314] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1819.518414] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1819.525563] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1819.532524] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1819.535819] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1819.548347] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1819.552908] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1819.561646] Interruptibility = 00000000  ActivityState = 00000000
[ 1819.565819] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1819.578574] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1819.584918] *** Host State ***
[ 1819.588454] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1819.591584] CR0=0000000080050033 CR3=00000001d264e000 CR4=00000000001426f0
[ 1819.603388] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1819.612544] RIP = 0xffffffff811fa113  RSP = 0xffff880182ecf390
[ 1819.613174]         reason=80000021 qualification=0000000000000000
[ 1819.624965] Interruptibility = 00000000  ActivityState = 00000000
[ 1819.625686] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1819.631316] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1819.637756] IDTVectoring: info=00000000 errcode=00000000
[ 1819.644384] *** Host State ***
[ 1819.652618] *** Control State ***
[ 1819.656266] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1819.664177] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1819.671015] RIP = 0xffffffff811fa113  RSP = 0xffff8801cb3df390
[ 1819.681413] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1819.687510] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1819.695996] CR0=0000000080050033 CR3=000000017e0d8000 CR4=00000000001426f0
[ 1819.697456] TSC Offset = 0xfffffc2ffb6a4f4c
[ 1819.703772] EntryControls=0000d1ff ExitControls=002fefff
[ 1819.713090] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1819.721275] TPR Threshold = 0x00
[ 1819.724726] EPT pointer = 0x00000001d236c01e
[ 1819.729997] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1819.736428] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
03:48:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1819.748269] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1819.751506] CR0=0000000080050033 CR3=00000001c1ad0000 CR4=00000000001426e0
[ 1819.768821] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1819.774923] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1819.777420] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1819.785814] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1819.794944] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1819.795314] *** Control State ***
[ 1819.801233] *** Control State ***
[ 1819.804684] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1819.808968]         reason=80000021 qualification=0000000000000000
[ 1819.814881] EntryControls=0000d1ff ExitControls=002fefff
[ 1819.826974] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1819.827230] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1819.834524] EntryControls=0000d1ff ExitControls=002fefff
[ 1819.851603] IDTVectoring: info=00000000 errcode=00000000
[ 1819.855419] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1819.857532] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1819.867481] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1819.871177] TSC Offset = 0xfffffc2fdc8c1524
[ 1819.885555]         reason=80000021 qualification=0000000000000000
[ 1819.886690] TPR Threshold = 0x00
[ 1819.896313] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1819.899561] IDTVectoring: info=00000000 errcode=00000000
[ 1819.905233] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1819.909129] TSC Offset = 0xfffffc2fd8380c4c
[ 1819.915245]         reason=80000021 qualification=0000000000000000
[ 1819.925873] EPT pointer = 0x00000001d8e8201e
[ 1819.930663] IDTVectoring: info=00000000 errcode=00000000
[ 1819.931243] TPR Threshold = 0x00
[ 1819.939200] TSC Offset = 0xfffffc2fdfecf8ab
[ 1819.939782] EPT pointer = 0x00000001bf71e01e
[ 1819.944430] TPR Threshold = 0x00
03:48:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x2, &(0x7f0000000600), 0x10000000000000b9)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = fcntl$getown(r1, 0x9)
sched_setaffinity(r3, 0x198, &(0x7f0000000140)=0x4000000000000a)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:58 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfee00000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0x80ffff]})

[ 1819.952042] EPT pointer = 0x000000018488001e
03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1820.054587] *** Guest State ***
[ 1820.073299] *** Guest State ***
[ 1820.078698] *** Guest State ***
[ 1820.081995] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1820.093072] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1820.101863] *** Guest State ***
[ 1820.102231] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1820.113328] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1820.116085] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1820.133029] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1820.135914] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1820.142648] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1820.160309] CR3 = 0x0000000000000000
[ 1820.163350] CR3 = 0x0000000000000000
[ 1820.164035] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1820.164046] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1820.164060] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1820.164073] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.164091] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1820.172151] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1820.174420] CR3 = 0x0000000000000000
[ 1820.186981] CR3 = 0x0000000000000000
[ 1820.202818] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1820.210810] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1820.212465] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.222849] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1820.238380] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1820.254958] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.272096] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1820.282584] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1820.289795] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.308396] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1820.318513] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.327331] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.335481] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.338692] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1820.350325] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
r4 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000180)={0x0, <r5=>0x0})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0)=<r6=>0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000840)={<r7=>0x0, r3, 0x0, 0xa, &(0x7f0000000800)='em1\'@ppp0\x00', 0xffffffffffffffff}, 0x30)
lstat(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000013c0)={0x0, 0x0, <r9=>0x0}, &(0x7f0000001400)=0xfffffffffffffdc9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a00)={<r10=>0xffffffffffffffff, r3, 0x0, 0x1, &(0x7f00000009c0)='\x00', 0xffffffffffffffff}, 0x30)
stat(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
getgroups(0x5, &(0x7f0000000b00)=[0xffffffffffffffff, 0x0, <r12=>0x0, 0xee00, 0x0])
fcntl$getownex(r3, 0x10, &(0x7f0000000b40)={0x0, <r13=>0x0})
getresuid(&(0x7f0000000b80), &(0x7f0000000bc0)=<r14=>0x0, &(0x7f0000000c00))
fstat(r1, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
r16 = getpgrp(0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000cc0)={0x0, <r17=>0x0}, &(0x7f0000000d00)=0xc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000d40)={0x0, 0x0, <r18=>0x0}, &(0x7f0000000d80)=0xc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000dc0)={<r19=>0x0}, &(0x7f0000000e00)=0xc)
r20 = geteuid()
getresgid(&(0x7f0000000e40)=<r21=>0x0, &(0x7f0000000e80), &(0x7f0000000ec0))
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000f00)=<r22=>0x0)
getresuid(&(0x7f0000000f40), &(0x7f0000000f80)=<r23=>0x0, &(0x7f0000000fc0))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001000)={0x0, 0x0, <r24=>0x0}, &(0x7f0000001040)=0xc)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000001080)=<r25=>0x0)
r26 = geteuid()
lstat(&(0x7f00000010c0)='./file0\x00', &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, <r27=>0x0})
sendmsg$netlink(r3, &(0x7f00000012c0)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)=[{&(0x7f0000000340)={0xa4, 0x30, 0x0, 0x70bd2d, 0x25dfdbfb, "", [@nested={0x10, 0x61, [@typed={0xc, 0x76, @u64=0x5}]}, @generic="4ae3ac7905fb498e3e7f526a31229b93c166e251d71cb831a61fcf81db78650a568620102c707283d390e41dcfddc87018ab3f2f43d2f5a59202bb39ea781e47b069e7c078fab362c827261047a5fad18cbbbde3e0872947a2cb8c24657d5ce3b4e1d5fb1be4b4450f40e41f67c7bb4bdcc7ad681a0b39802f3f2e82", @typed={0x8, 0x92, @fd=r4}]}, 0xa4}, {&(0x7f00000004c0)={0x1f4, 0x2f, 0x20, 0x70bd27, 0x25dfdbfc, "", [@typed={0x8, 0x51, @pid=r5}, @typed={0x8, 0x83, @fd=r2}, @typed={0x8, 0x32, @ipv4=@dev={0xac, 0x14, 0x14, 0x1e}}, @nested={0x5c, 0x87, [@generic="4cf71ee6dbcded35765e8658151a8adfacfa217bc3e7b96427cfa7a4ca6ce72b9e41c8be9539e0da4c7ffd62a1d685b637bdd0beb0240036773f42ab8859e0f083374813288da6bba831354b5f1059af43350066548fc1"]}, @typed={0x8, 0x58, @pid=r6}, @typed={0x8, 0x2c, @fd=r3}, @nested={0x130, 0x62, [@typed={0x2c, 0x34, @binary="db89ced670b5ef05110e34fda018fe2ccff9a3d654ff2d1d914b7631ab555503795d1eb014"}, @generic="5cc8870dd829a909d3be66f95c248edac9c404dda2356152b3a01be1eaa65cc8", @generic="63b53d00f306df4373fe09e59c3c1ffa95d47f8179f2c0cf8d50e94facc2ce338f0c155a348b018957f8451a935a8f77dc056cb97531b5b8ab94a871cba7f355ebd1a4811160919465a1457ea1cd949c158db07ab9b8aebb5f6bb3726b0ee27928c027176db845db7cbe97011297182f625948166b7ea689e6200276cf47d4a77d415218dc00ca38a8ec820d23317c22e0eb0bad9108bc5819ceaa86058c1927f8a5eea3b2d85cd66999a75d62b9707bf23bb3b9cbe1b0e26382dafdfdf4e823839829e9d5a8af19b3f43f92b7752aba742ce3ebf3d261fb5e103f784b6542b5"]}, @generic="500865418445c15ba30cf1e88345f0b8b1d251758af21dc2a2eabe7da6d9d9bd191697c2", @typed={0xc, 0x46, @u64=0x5}]}, 0x1f4}, {&(0x7f00000006c0)={0x11c, 0x19, 0x0, 0x70bd26, 0x25dfdbff, "", [@nested={0x28, 0x1e, [@generic="baf83d41585834afa49d", @typed={0x18, 0x5f, @binary="4fdcf1c194bcf19d9fe15b30ee9b0c3b43ae"}]}, @typed={0x4, 0x8b}, @generic="f984ab74e3fcdf1dbc0e41794bab77e6a062639d8d65b40d37ec2ece2dbd98cc31c5d62246fb8fa5e635f2d920ed4cd3364bd3d17aed52af85d284897cc8cf2aa4da6fa81b868d9aded5a1fc1c044b1ca33d032ac40af12896a62f2a348394f2d92d0ba8156d42b5f1c8835d94a805d7141b4d7c6139f3124f478fb16d9d065b6f6e5f7c70fb808882522101d35fe30368bb95e6768a78b5ac34882105a3533ce3f59f669951b5f1577f2647da2ca6cafc1833170c747222eed91794784917561d85dffd3f89a779ce2922bbbe96b25a1f054683d47eb73216ac94b6e7"]}, 0x11c}, {&(0x7f0000000400)={0x14, 0x33, 0x500, 0x70bd2a, 0x25dfdbfc, "", [@nested={0x4, 0x8c}]}, 0x14}], 0x4, &(0x7f0000001180)=[@cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @cred={0x20, 0x1, 0x2, r16, r17, r18}, @cred={0x20, 0x1, 0x2, r19, r20, r21}, @cred={0x20, 0x1, 0x2, r22, r23, r24}, @cred={0x20, 0x1, 0x2, r25, r26, r27}, @rights={0x18, 0x1, 0x1, [r1, r2]}, @rights={0x18, 0x1, 0x1, [r4]}, @rights={0x18, 0x1, 0x1, [r3, r2]}], 0x128}, 0x881)

03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1820.360355] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.375607] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.378983] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.394941] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.409702] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.432429] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1820.454390] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.455568] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.465872] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.484131] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.485510] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.515815] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.525314] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.533437] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.546940] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.553806] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.556315] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.569671] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.574532] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.595563] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.603551] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:48:58 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1820.615002] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.628357] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.655378] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.675584] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1820.690107] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1820.698230] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.706653] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.722879] Interruptibility = 00000000  ActivityState = 00000000
[ 1820.732936] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.744938] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.745501] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1820.759558] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1820.765550] *** Host State ***
[ 1820.773922] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.782489] RIP = 0xffffffff811fa113  RSP = 0xffff880180bb7390
[ 1820.786389] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1820.802174] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1820.813448] Interruptibility = 00000000  ActivityState = 00000000
[ 1820.814930] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1820.851282] *** Host State ***
[ 1820.852349] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1820.864675] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1820.875128] RIP = 0xffffffff811fa113  RSP = 0xffff880187d2f390
[ 1820.881262] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1820.888248] Interruptibility = 00000000  ActivityState = 00000000
[ 1820.895862] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1820.898030] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1820.910663] *** Host State ***
[ 1820.914354] RIP = 0xffffffff811fa113  RSP = 0xffff8801be247390
[ 1820.919829] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1820.920983] CR0=0000000080050033 CR3=000000016b805000 CR4=00000000001426f0
[ 1820.940877] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1820.944991] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1820.953511] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1820.955272] CR0=0000000080050033 CR3=00000001ccb0e000 CR4=00000000001426f0
[ 1820.961762] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1820.975984] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1820.981967] CR0=0000000080050033 CR3=000000018135c000 CR4=00000000001426e0
[ 1820.984902] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1820.995862] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1821.011317] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1821.017603] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1821.017827] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1821.024301] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1821.037923] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1821.043977] *** Control State ***
[ 1821.043987] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1821.043994] EntryControls=0000d1ff ExitControls=002fefff
[ 1821.044009] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1821.052927] Interruptibility = 00000000  ActivityState = 00000000
[ 1821.064410] *** Control State ***
[ 1821.084902] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1821.091913] *** Host State ***
[ 1821.101805] EntryControls=0000d1ff ExitControls=002fefff
[ 1821.105730] RIP = 0xffffffff811fa113  RSP = 0xffff88016be4f390
[ 1821.107376] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1821.113483] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1821.130547] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.138050] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1821.140516] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.154795] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1821.162754] *** Control State ***
[ 1821.166306] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.167735] CR0=0000000080050033 CR3=00000001d7455000 CR4=00000000001426f0
[ 1821.183054] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1821.189857] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.193381] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1821.196559]         reason=80000021 qualification=0000000000000000
[ 1821.214878]         reason=80000021 qualification=0000000000000000
[ 1821.214935] EntryControls=0000d1ff ExitControls=002fefff
[ 1821.221263] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1821.234915] IDTVectoring: info=00000000 errcode=00000000
[ 1821.245166] IDTVectoring: info=00000000 errcode=00000000
[ 1821.245979] TSC Offset = 0xfffffc2f3866235c
[ 1821.250703] *** Control State ***
[ 1821.256170] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1821.258823] TSC Offset = 0xfffffc2f3b7c3900
[ 1821.270093] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1821.274274] TPR Threshold = 0x00
[ 1821.284902] EPT pointer = 0x00000001c569e01e
[ 1821.284906] TPR Threshold = 0x00
[ 1821.284918] EPT pointer = 0x00000001bd0b001e
[ 1821.289417] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.303945] EntryControls=0000d1ff ExitControls=002fefff
03:48:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x141002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:48:59 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0xffffffffffffffff], 0x1f000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1821.327876] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1821.328647] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1821.358341]         reason=80000021 qualification=0000000000000000
[ 1821.395032] IDTVectoring: info=00000000 errcode=00000000
[ 1821.400698] TSC Offset = 0xfffffc2f34c92689
[ 1821.415019] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.421801] TPR Threshold = 0x00
[ 1821.431953] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1821.435029] EPT pointer = 0x00000001d264001e
[ 1821.440835] *** Guest State ***
[ 1821.464925]         reason=80000021 qualification=0000000000000000
[ 1821.471271] IDTVectoring: info=00000000 errcode=00000000
[ 1821.479263] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1821.489054] *** Guest State ***
[ 1821.506234] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1821.511113] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1821.519364] TSC Offset = 0xfffffc2f37aaa8c3
[ 1821.535747] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1821.560581] CR3 = 0x0000000000000000
[ 1821.566138] CR3 = 0x0000000000000000
[ 1821.569939] TPR Threshold = 0x00
[ 1821.577303] EPT pointer = 0x00000001d2ff901e
[ 1821.583986] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1821.587001] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1821.605019] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:48:59 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:48:59 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:48:59 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1821.615332] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1821.615684] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1821.634706] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1821.638212] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.649888] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:48:59 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fcntl$getownex(r3, 0x10, &(0x7f0000000180)={0x0, <r4=>0x0})
modify_ldt$write(0x1, &(0x7f00000003c0)={0xe63, 0x20000800, 0x4000, 0x0, 0x1, 0x5, 0x1, 0x401, 0x4, 0x2}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x22000002}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)={0x2e4, 0x3c, 0x20, 0x70bd27, 0x25dfdbfc, {0xa}, [@typed={0x14, 0x8001, @ipv6=@mcast2}, @nested={0xf8, 0x1d, [@typed={0x8, 0x1e, @pid=r4}, @generic="96e1417f2c6ff1789edf89ffa9f23ca7468a9308b7", @typed={0x8, 0x26, @fd=r1}, @generic="f65a209ac910832481efee8b4e5beb133051e0d9f8cb1f3934adf9fe019b181b705fd58ea3c917c0da0351f8a25e9854eea2b3d8bf5f83158fa219da97ba73c905e55e81626285bc16ac1ca656d268be3c74464284b1df0c4de248df94b4b09df6a3d325a0f3e54302a274a35f45b6f4198082008b3aa2ebc065598dab529accac201089e30daaf4bb4f2d04dbd88c1eabe27038b15307b50404bba60386df0454977d7e7553d4", @typed={0xc, 0x1f, @u64=0xaf}, @typed={0x8, 0x1, @ipv4=@multicast2}, @typed={0x10, 0x2a, @str='/dev/dsp#\x00'}, @typed={0x4, 0x6b}]}, @generic="fbf115df8e0f71596c9931dac9001e339298bd44d8b59013209a5acf983f0ef7aeca0c149558da1c0491474199c0ac626e2edfbbfac7d6b9a750efedb538fca962e0906f0786e7fc11c67b579526ca8ea405f84bc63004355aca185fa7101cb8b5a13fe8dbdb6fb0dc669f9831514907d4f63f863f4fb40b0e58037d9fa16664ed32e8a3bc65f21227738231d744c8ebb72fe54672332ada2827511787af59e7845601dc3ee6f620cf5b5473bcbcde0cbc813c58fe82d35c538b2fbd9d3406373e60592f1a614dfbd08f7c838dbb70e40737b9ac8df0d9ca326d3b7eadb2978cbc16", @typed={0x14, 0x47, @ipv6=@dev={0xfe, 0x80, [], 0x19}}, @generic="653de1b285392963df249d232f2d493d4a3c232be0c7ff34e2ab0279753e8f541988c1de372f1ba33edec7458e07e56504fb0c03bebeb2258029261e4b370e4181132853e4bd08a63e54116c5fbbfed1af03f47533254c671fd1881983cb719a27abf4f127363ffea6be0ee1a7728461cabc90fd879a1c61a7dde62f656e77679c43a6a0c55234d3f829eaece6450e2ca8211401c42256537881438ed09644f2016b4d51117975e5b630815e8da38aafb6cb1b2e47895c397df8607493d598d4a81bb4f7d24b81259618f6ccc788"]}, 0x2e4}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)={[0x200000, 0x5, 0x7, 0x418, 0x5, 0x76, 0x2, 0x6, 0x81, 0x3, 0x1e32, 0xfffffffffffffff7, 0x77c, 0x34a0, 0x5, 0x3], 0xf000, 0x80000})

[ 1821.658327] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.700311] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.710078] *** Guest State ***
[ 1821.729560] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:48:59 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1821.743659] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.749394] *** Guest State ***
[ 1821.757313] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.777456] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1821.788032] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1821.799306] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.807601] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.817886] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.838101] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1821.846787] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1821.856090] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.864187] CR3 = 0x0000000000000000
[ 1821.874292] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1821.880425] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.880913] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.896610] CR3 = 0x0000000000000000
03:48:59 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1821.900521] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1821.900927] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1821.915829] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1821.918523] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1821.929980] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.938609] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1821.947941] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.956035] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1821.960467] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1821.974078] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.980588] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1821.986004] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(r3, 0x100000000, &(0x7f0000000080)="f6")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f0000000180))

[ 1821.990916] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.004919] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1822.018517] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1822.025151] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.027016] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.041820] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1822.056579] Interruptibility = 00000000  ActivityState = 00000000
[ 1822.057648] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.071049] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.080779] *** Host State ***
[ 1822.081633] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.095056] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.103111] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1822.103192] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1822.109238] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.116152] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.123748] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1822.132352] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1822.138790] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1822.149834] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1822.154362] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.174923] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1822.187171] Interruptibility = 00000000  ActivityState = 00000000
[ 1822.203780] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1822.206853] *** Host State ***
[ 1822.212072] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1822.215540] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.235790] CR0=0000000080050033 CR3=0000000180c44000 CR4=00000000001426f0
[ 1822.242930] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.245966] RIP = 0xffffffff811fa113  RSP = 0xffff8801cb3df390
[ 1822.258039] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1822.265320] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1822.267767] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.275095] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1822.283902] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1822.302099] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1822.311114] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.311623] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1822.331642] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1822.339491] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1822.344193] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1822.346085] Interruptibility = 00000000  ActivityState = 00000000
[ 1822.363587] *** Control State ***
[ 1822.367707] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1822.373665] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1822.373696] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1822.399790] CR0=0000000080050033 CR3=000000016b805000 CR4=00000000001426e0
[ 1822.403355] Interruptibility = 00000000  ActivityState = 00000000
[ 1822.413778] *** Host State ***
[ 1822.418154] *** Host State ***
[ 1822.420464] RIP = 0xffffffff811fa113  RSP = 0xffff88017d29f390
[ 1822.421464] RIP = 0xffffffff811fa113  RSP = 0xffff8801be247390
[ 1822.427732] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1822.434150] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1822.450251] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1822.452756] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1822.462835] EntryControls=0000d1ff ExitControls=002fefff
[ 1822.465849] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1822.470526] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1822.476077] CR0=0000000080050033 CR3=0000000182ea9000 CR4=00000000001426e0
[ 1822.483909] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1822.491144] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1822.503767] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1822.507691] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1822.515817] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1822.522754] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1822.522763] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1822.522771]         reason=80000021 qualification=0000000000000000
[ 1822.522778] IDTVectoring: info=00000000 errcode=00000000
[ 1822.522790] TSC Offset = 0xfffffc2e7cec02fc
[ 1822.530924] CR0=0000000080050033 CR3=000000017e051000 CR4=00000000001426e0
[ 1822.552323] *** Control State ***
[ 1822.559693] *** Control State ***
[ 1822.566519] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1822.570258] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1822.573298] TPR Threshold = 0x00
[ 1822.581045] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1822.589675] EntryControls=0000d1ff ExitControls=002fefff
[ 1822.592982] *** Control State ***
[ 1822.595329] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1822.598836] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1822.605472] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1822.619306] EntryControls=0000d1ff ExitControls=002fefff
[ 1822.627026] EntryControls=0000d1ff ExitControls=002fefff
[ 1822.628511] EPT pointer = 0x00000001bde7801e
[ 1822.632561] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1822.644030] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1822.650957] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1822.658090] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:49:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000340)=""/196)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1822.664947] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1822.671547]         reason=80000021 qualification=0000000000000000
[ 1822.678504] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1822.688259] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1822.690283] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1822.701657] IDTVectoring: info=00000000 errcode=00000000
[ 1822.707325] TSC Offset = 0xfffffc2e7661b90f
[ 1822.711836]         reason=80000021 qualification=0000000000000000
[ 1822.712354]         reason=80000021 qualification=0000000000000000
[ 1822.720481] TPR Threshold = 0x00
[ 1822.733667] IDTVectoring: info=00000000 errcode=00000000
[ 1822.737617] *** Guest State ***
[ 1822.739816] EPT pointer = 0x00000001c2d0001e
[ 1822.744954] IDTVectoring: info=00000000 errcode=00000000
[ 1822.747040] TSC Offset = 0xfffffc2e58056939
[ 1822.752599] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1822.765805] TPR Threshold = 0x00
[ 1822.766036] TSC Offset = 0xfffffc2e52c9645a
[ 1822.769235] EPT pointer = 0x00000001c8f0701e
[ 1822.773568] TPR Threshold = 0x00
[ 1822.781586] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1822.793229] EPT pointer = 0x00000001d2ec201e
[ 1822.803207] CR3 = 0x0000000000000000
03:49:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x4000, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x0, &(0x7f00000001c0), 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:49:00 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1822.820843] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1822.839501] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1822.868054] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1822.878297] *** Guest State ***
[ 1822.885007] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1822.906078] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1822.916631] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1822.928945] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.939214] CR3 = 0x0000000000000000
[ 1822.944832] *** Guest State ***
[ 1822.948385] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1822.950290] *** Guest State ***
[ 1822.957515] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.969100] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1822.975473] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1822.981604] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1822.993792] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1822.996308] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1823.004454] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1823.022404] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.025563] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1823.033150] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.051337] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.063942] CR3 = 0x0000000000000000
[ 1823.067855] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.076395] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.084482] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1823.091568] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.099965] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.108414] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1823.114526] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.124537] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.132780] CR3 = 0x0000000000000000
[ 1823.133882] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1823.137784] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1823.148210] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.160105] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1823.169753] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1823.169938] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.188585] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1823.193504] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.203415] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1823.210198] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.219133] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1823.227279] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.232081] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.235409] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.251584] Interruptibility = 00000000  ActivityState = 00000000
[ 1823.257513] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.261911] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:01 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1823.274048] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.276873] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.285538] *** Host State ***
[ 1823.297741] RIP = 0xffffffff811fa113  RSP = 0xffff8801cab2f390
[ 1823.304212] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.312748] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:49:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1823.321592] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.321610] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.329687] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1823.329699] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1823.329708] Interruptibility = 00000000  ActivityState = 00000000
[ 1823.329718] *** Host State ***
[ 1823.344289] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1823.369844] RIP = 0xffffffff811fa113  RSP = 0xffff8801be247390
[ 1823.376268] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.384603] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1823.391958] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.393085] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1823.409009] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.419475] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1823.426000] CR0=0000000080050033 CR3=0000000180c44000 CR4=00000000001426e0
[ 1823.434037] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1823.435817] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.440127] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1823.454845] CR0=0000000080050033 CR3=00000001bac42000 CR4=00000000001426e0
[ 1823.462023] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.471197] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1823.473692] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.478077] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1823.492248] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1823.498578] *** Control State ***
[ 1823.502138] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.510390] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1823.517325] *** Control State ***
03:49:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1823.517395] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.520921] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1823.538443] EntryControls=0000d1ff ExitControls=002fefff
[ 1823.544016] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1823.551238] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.559574] EntryControls=0000d1ff ExitControls=002fefff
[ 1823.566525] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1823.574079] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.582418] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1823.596890] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1823.604354] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1823.608307] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1823.622337] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1823.623931] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1823.638960]         reason=80000021 qualification=0000000000000000
[ 1823.650500] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1823.654486] Interruptibility = 00000000  ActivityState = 00000000
[ 1823.663649] *** Host State ***
[ 1823.667800] RIP = 0xffffffff811fa113  RSP = 0xffff88016be4f390
[ 1823.668045] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1823.673923] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1823.681986]         reason=80000021 qualification=0000000000000000
[ 1823.688621] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1823.702462] IDTVectoring: info=00000000 errcode=00000000
[ 1823.708042] IDTVectoring: info=00000000 errcode=00000000
[ 1823.714277] TSC Offset = 0xfffffc2dcb27647f
[ 1823.718937] TPR Threshold = 0x00
[ 1823.723590] TSC Offset = 0xfffffc2dbaeedd61
[ 1823.730810] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1823.737197] EPT pointer = 0x00000001cd58001e
[ 1823.741780] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1823.748302] CR0=0000000080050033 CR3=00000001c62fd000 CR4=00000000001426f0
[ 1823.755791] TPR Threshold = 0x00
[ 1823.765572] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1823.767883] EPT pointer = 0x000000018129401e
03:49:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000340)={0x74, 0x0, [0x0, 0x20, 0x0, 0x6]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1823.773392] Interruptibility = 00000000  ActivityState = 00000000
[ 1823.784135] *** Host State ***
[ 1823.786644] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1823.792413] RIP = 0xffffffff811fa113  RSP = 0xffff8801bb3c7390
[ 1823.797967] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1823.813558] *** Control State ***
[ 1823.822593] *** Guest State ***
[ 1823.828481] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1823.829129] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1823.838457] *** Guest State ***
[ 1823.847456] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1823.854121] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1823.858100] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1823.862273] EntryControls=0000d1ff ExitControls=002fefff
[ 1823.868418] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1823.882471] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1823.882814] CR0=0000000080050033 CR3=000000017e051000 CR4=00000000001426e0
[ 1823.889616] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1823.897294] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1823.903384] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1823.912796] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1823.921327] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1823.927983] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1823.934490]         reason=80000021 qualification=0000000000000000
[ 1823.940910] CR3 = 0x0000000000000000
[ 1823.951674] IDTVectoring: info=00000000 errcode=00000000
[ 1823.955254] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1823.958285] CR3 = 0x0000000000000000
[ 1823.963463] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1823.967091] TSC Offset = 0xfffffc2dadfc763e
[ 1823.973355] *** Control State ***
[ 1823.977460] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1823.980949] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1823.986941] TPR Threshold = 0x00
[ 1823.993736] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1823.997463] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1824.003910] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.009961] EPT pointer = 0x00000001cb9c101e
[ 1824.017922] EntryControls=0000d1ff ExitControls=002fefff
[ 1824.027736] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1824.027981] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1824.041609] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.042089] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.057683] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1824.057697] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1824.069078] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.074926] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.079742] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.093961] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.104402]         reason=80000021 qualification=0000000000000000
[ 1824.106980] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.118865] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.127087] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.127118] IDTVectoring: info=00000000 errcode=00000000
[ 1824.135226] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.147738] TSC Offset = 0xfffffc2daf6401ef
[ 1824.149008] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.161030] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.161413] TPR Threshold = 0x00
[ 1824.169155] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.180556] EPT pointer = 0x00000001cd17601e
[ 1824.180641] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.193092] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.197221] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.201225] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1824.215628] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1824.222967] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.227513] Interruptibility = 00000000  ActivityState = 00000000
[ 1824.237664] *** Host State ***
[ 1824.237678] RIP = 0xffffffff811fa113  RSP = 0xffff88018763f390
[ 1824.237701] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1824.237712] FSBase=00007f1e5f1f5700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1824.237725] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1824.247009] CR0=0000000080050033 CR3=00000001bac42000 CR4=00000000001426e0
[ 1824.259202] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.262062] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1824.276658] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.282309] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1824.289244] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1824.296855] *** Control State ***
[ 1824.296870] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1824.303464] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1824.309454] EntryControls=0000d1ff ExitControls=002fefff
[ 1824.313725] Interruptibility = 00000000  ActivityState = 00000000
[ 1824.319612] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1824.319621] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1824.319629] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1824.319637]         reason=80000021 qualification=0000000000000000
[ 1824.319656] IDTVectoring: info=00000000 errcode=00000000
[ 1824.327619] *** Host State ***
[ 1824.332685] TSC Offset = 0xfffffc2dbaeedd61
03:49:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0xffff8000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000080))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:02 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:02 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1824.339179] RIP = 0xffffffff811fa113  RSP = 0xffff88017d39f390
[ 1824.345922] TPR Threshold = 0x00
[ 1824.352694] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1824.359692] EPT pointer = 0x000000018129401e
[ 1824.366671] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1824.374680] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1824.385453] CR0=0000000080050033 CR3=0000000180c44000 CR4=00000000001426f0
[ 1824.442334] *** Guest State ***
[ 1824.454978] *** Guest State ***
[ 1824.459342] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1824.468956] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1824.478479] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:49:02 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1824.487378] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1824.494674] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1824.507149] *** Guest State ***
[ 1824.510686] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1824.520085] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1824.533839] CR3 = 0x0000000000000000
[ 1824.547466] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1824.554008] CR3 = 0x0000000000000000
[ 1824.554197] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1824.564059] CR3 = 0x0000000000000000
[ 1824.566961] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1824.569972] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1824.582857] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1824.584920] *** Control State ***
[ 1824.589685] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1824.605377] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1824.612023] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1824.617964] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1824.620008] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1824.628624] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:02 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1824.648773] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1824.655759] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.673410] EntryControls=0000d1ff ExitControls=002fefff
[ 1824.680519] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.683303] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.697422] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1824.704860] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.707026] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.713106] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.736912] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:02 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x0, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1824.738699] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1824.756504] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.756861] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.769932] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.781826] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x8840, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f00000004c0), &(0x7f0000000500)=0x4)
r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x10001, 0x80000)
write$P9_RLERROR(r4, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000000000000000195369264a03ea7f78d6d71a3051938de0ac242bfe08b6833125ca5720971ac99d138fbea4c91094dabd7618c3f41cd831c02454cdffb8c420836dc1719c62100a0a714bd6a4086c010b95e767cfb6624a28aa5b9ec439ece39e24e724c8115813fac56761e6db5f953aaa5bab4e421ae0115774ad18a14f093e8b8eff3e32d25452560112b0587f164329cfddc6a01196fdeba16b77b2948ccb4412b4c56f0a9ddd661a12b78962b1472d398e83e5ef27f0851d6e9f175904d6c51d0e4d25995941c9453362a0dd2faefc397fbeb4635d2454edf2d4cfe1e69f0937e6545175b52d43686fa8343c7338ca2e"], 0x12)
sched_setaffinity(0x0, 0xffffffffffffffd4, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f00000001c0), &(0x7f0000000340)=0x30)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vcs\x00', 0x220801, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1824.798834] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.806252] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.817046] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.817706] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.834446] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:02 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1824.847017] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1824.853749] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.862985]         reason=80000021 qualification=0000000000000000
[ 1824.870572] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.889917] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000080))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1824.903496] IDTVectoring: info=00000000 errcode=00000000
[ 1824.909165] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.917540] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.925868] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.934413] TSC Offset = 0xfffffc2d34381b40
[ 1824.939597] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.948250] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.957015] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1824.960327] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1824.972888] TPR Threshold = 0x00
[ 1824.979170] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1824.995515] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1824.996263] Interruptibility = 00000000  ActivityState = 00000000
[ 1825.008434] EPT pointer = 0x00000001bc47e01e
[ 1825.015355] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.024922] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1825.036899] *** Host State ***
[ 1825.042543] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
mq_open(&(0x7f0000000000)=':]\x00', 0x40, 0x4, &(0x7f0000000180)={0xacbc, 0x8, 0x100000001, 0xf3ef, 0x401, 0x2, 0x6, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000340)={0x1fe, 0x2, 0xd000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1825.050130] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1825.051913] RIP = 0xffffffff811fa113  RSP = 0xffff88018b867390
[ 1825.068328] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1825.075258] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.076831] Interruptibility = 00000000  ActivityState = 00000000
[ 1825.095743] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1825.110320] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1825.124067] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1825.134064] CR0=0000000080050033 CR3=00000001bac42000 CR4=00000000001426f0
[ 1825.153567] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1825.161101] *** Host State ***
[ 1825.164385] RIP = 0xffffffff811fa113  RSP = 0xffff88016be4f390
[ 1825.165224] *** Guest State ***
[ 1825.174271] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1825.182213] Interruptibility = 00000000  ActivityState = 00000000
[ 1825.184976] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1825.188879] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1825.201901] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1825.208635] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1825.213890] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1825.227673] *** Host State ***
[ 1825.231687] CR0=0000000080050033 CR3=0000000185c8c000 CR4=00000000001426e0
[ 1825.236839] RIP = 0xffffffff811fa113  RSP = 0xffff8801803bf390
[ 1825.247126] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1825.255433] *** Control State ***
[ 1825.258968] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1825.268796] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1825.277848] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1825.287437] *** Control State ***
[ 1825.288322] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1825.290917] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1825.290930] EntryControls=0000d1ff ExitControls=002fefff
[ 1825.309706] CR3 = 0x0000000000000000
[ 1825.313490] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1825.319709] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1825.322650] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1825.334581] EntryControls=0000d1ff ExitControls=002fefff
[ 1825.340996] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1825.348071] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1825.348735] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1825.362575] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1825.365245] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1825.375674] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1825.375747] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1825.383588] CR0=0000000080050033 CR3=00000001c84aa000 CR4=00000000001426e0
[ 1825.390320]         reason=80000021 qualification=0000000000000000
[ 1825.397780] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.410137] IDTVectoring: info=00000000 errcode=00000000
[ 1825.417380] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1825.429926] TSC Offset = 0xfffffc2cda29a06e
[ 1825.434756] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1825.442402] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.450540] TPR Threshold = 0x00
[ 1825.450824]         reason=80000021 qualification=0000000000000000
[ 1825.454266] EPT pointer = 0x00000001c1a0c01e
[ 1825.463978] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1825.472872] *** Control State ***
[ 1825.476454] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.484198] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1825.490117] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.491524] IDTVectoring: info=00000000 errcode=00000000
[ 1825.504918] EntryControls=0000d1ff ExitControls=002fefff
03:49:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x80ffff00000000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = memfd_create(&(0x7f0000000380)='/dev/kvm\x00', 0x2)
sendmsg$nl_crypto(r3, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=@get={0x118, 0x13, 0x701, 0x70bd2d, 0x25dfdbff, {{'gcm(khazad-generic)\x00'}, [], [], 0x400}, [{0x8, 0x1, 0x80000001}, {0x8}, {0x8, 0x1, 0xed}, {0x8, 0x1, 0xfffffffffffffff7}, {0x8, 0x1, 0x9}, {0x8, 0x1, 0x1ff}, {0x8, 0x1, 0xfffffffffffffff9}]}, 0x118}}, 0xc0)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x5, 0x4d2000)
ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f00000001c0)={0x2, &(0x7f0000000180)=[{<r6=>0x0}, {}]})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r5, 0xc0bc5310, &(0x7f0000000600))
ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000340)={r6, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x4000, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x0, &(0x7f00000001c0), 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1825.507690] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.510449] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1825.520365] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.529209] TSC Offset = 0xfffffc2ce16d8404
[ 1825.544943] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1825.551637] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1825.558407] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1825.558564] TPR Threshold = 0x00
[ 1825.577584] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.602055] EPT pointer = 0x00000001c590e01e
[ 1825.603906] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1825.613094] *** Guest State ***
[ 1825.618042]         reason=80000021 qualification=0000000000000000
[ 1825.624517] IDTVectoring: info=00000000 errcode=00000000
[ 1825.633331] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.636473] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1825.652556] TSC Offset = 0xfffffc2cdffb872e
[ 1825.660501] TPR Threshold = 0x00
[ 1825.666539] EPT pointer = 0x000000018728101e
[ 1825.673975] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1825.679950] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1825.716542] CR3 = 0x0000000000000000
[ 1825.736596] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1825.737041] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1825.750233] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1825.756299] Interruptibility = 00000000  ActivityState = 00000000
03:49:03 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0fe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x80000, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1825.765312] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1825.767365] *** Host State ***
[ 1825.772052] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.792578] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = memfd_create(&(0x7f0000000380)='/dev/kvm\x00', 0x2)
sendmsg$nl_crypto(r3, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=@get={0x118, 0x13, 0x701, 0x70bd2d, 0x25dfdbff, {{'gcm(khazad-generic)\x00'}, [], [], 0x400}, [{0x8, 0x1, 0x80000001}, {0x8}, {0x8, 0x1, 0xed}, {0x8, 0x1, 0xfffffffffffffff7}, {0x8, 0x1, 0x9}, {0x8, 0x1, 0x1ff}, {0x8, 0x1, 0xfffffffffffffff9}]}, 0x118}}, 0xc0)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x5, 0x4d2000)
ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f00000001c0)={0x2, &(0x7f0000000180)=[{<r6=>0x0}, {}]})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r5, 0xc0bc5310, &(0x7f0000000600))
ioctl$DRM_IOCTL_UNLOCK(r5, 0x4008642b, &(0x7f0000000340)={r6, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1825.814994] RIP = 0xffffffff811fa113  RSP = 0xffff88017d39f390
[ 1825.821603] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1825.836262] *** Guest State ***
[ 1825.843399] *** Guest State ***
[ 1825.845281] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1825.858828] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1825.867933] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.876700] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1825.885039] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1825.900460] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1825.909463] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.918595] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1825.924565] CR0=0000000080050033 CR3=00000001883ae000 CR4=00000000001426e0
[ 1825.931676] CR3 = 0x0000000000000000
[ 1825.935524] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.943563] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1825.951761] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1825.960109] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1825.967049] CR3 = 0x0000000000000000
[ 1825.970841] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1825.977050] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1825.985950] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1825.992035] *** Control State ***
[ 1825.995612] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1825.995626] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1825.995652] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.014280] *** Guest State ***
[ 1826.020293] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1826.027412] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1826.028959] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.045212] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1826.050229] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1826.052352] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.069234] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.079307] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1826.082806] CR3 = 0x0000000000000000
[ 1826.090125] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.090507] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.098916] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:49:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x200, 0xfffffffffffffffb)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000340)={0x0, 0x80000001, 0xffff, &(0x7f00000001c0)=0x5})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x5, 0xe000)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000000580)={"682db235c8d63914a807a18bb0ea6c5c80a13cc484380519083795fe475325f241e4094a41baa029bfd20fdd0b43c3170b908ea50916d50330a19e8d75cc0006a8c3c667b1e4c71de33b8a66adf97b0a6d0e0b99c2523a92818f3513df89cf1c00f5e4750f495254816b3209af026bc34969a9c5b0dd0feb1f34c840e4eac8d4d30b6688af360c476131d712feac6623f545dd11352228ea24a96828e2ad66ab73bc05c54da342967e25e6b3a122de956edffe0f560a9e0d2e41895355655592599a9ed17d66b4d88afb25948ca501c36f6bbd46c5fe3e094c7f388d676964c1a8b2da4d3ccb465e06cce07e6709e8d6ba2e174aa05fa5a452e0712cbb9f8682ee1162cccb8d517f6d5076189df363cec81bfab636cb01a9ffbc765c257259b15f2177c46e9aa90b1b15b903a2602ffbb628387c51beb3110ea86623d0b13c40541bf32de21ade53914d73b580500f945e9cc2576e63ebf18fc0f03b534bc5b9e90d3e56ac078c8f41e0cd51537d7a3e701df336a790d4e8f027ac478bba1bd450fc6bf57f5d001cd80d478bb6a8850c9c14892dd6f212f19718eba4862303927e41aefa69a1b99cbe40e845d0facdec6b2694824bce202c74601b61611b70ff3f6e58b6ed75e3fe71ab4c9e0bd477d6c6b77a4452837e44fd78439522dcbb51ef4e804de45c7f7e6de7791701df0af66f127d0a5c78999b9463134c551b1461aca90c139bdeeb988f0578b91df3cc029f9255afa9434b87a333fea22d468ec46cbb201dbc497e919800130fe69cfb6906f9c039ee8327cba5aaee7f84fc3f7bdc17ecf2096bf235e5a5d8277150db1bacb91bdbe88ecabf2a24410ae9827977c110d28b2da87793f8314ca126c0a7455b25d2c28fb22195c6d6de14a5786fbc237a6834f047ba94bb0005b78b4ed12765dfa1750b556031bd779bbc57b6ae2dd0627c3a129d0ff52d227f989d012e70a18adb704da3333a2cf354c7ce9f17cde1509ca4cc9d22a298a769cb64cddeba68e9330894fd6002323aec3189d4a94be22c40297b5fcadf76d48a42418900b196cd5fb5700c47a327d60f5bc5678a7db375d8cbae9e0e18c17b17b46e34b08340aab9631d3aec1ad91958cd1e7285269d3e63d2165d1cd683c8c78b472f0afd302a01e61cfa52ca11d18d7b784b5ea41be146fc0534e22d97862856886dd3faa9f4628d52ae0f441556d194c6f8d2ca2d0f85e7693a0e370fa13ddffd4c504192bcc709562e5177506e8e711480710667d3ea405c38bd3dab80da8175d57425e45bf7baf2a358c83d2223d569c78e2642590c848feaa8f27e302c1b0c664b0cca93b9ea9dfe8e9eb51e5ed3e362bb187edfe18778d933741af944a74549dd88ead5864334a18613c944eef48580a12eb6d4deb3669419390f79c5a2d90fe0465f6b5a161b8d5162f861791065451b7e"})
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40008000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="03000000", @ANYRES16=r5, @ANYBLOB="100a00000000ffdbdf250500000008000400080000002c000200080004000000010008000b000a0000000800050000000000080009000100000008000b0002000000080c040004000000080006000008000008000600ff7f0000080006000000000028000100080001000a000000080004004e24000008000800020000000c0007000400000001000000"], 0x90}, 0x1, 0x0, 0x0, 0x40}, 0x1)

[ 1826.112649] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.118392] EntryControls=0000d1ff ExitControls=002fefff
[ 1826.129744] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.130807] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.140662] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1826.155208] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.169163] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1826.176300] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1826.185471] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.193562] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.201958] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1826.209412] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.214446] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.219726] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1826.235732] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.243390] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.251779] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1826.251788] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1826.251796]         reason=80000021 qualification=0000000000000000
[ 1826.251802] IDTVectoring: info=00000000 errcode=00000000
[ 1826.251814] TSC Offset = 0xfffffc2c7e5de1ef
[ 1826.259069] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.289897] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.291314] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.298208] Interruptibility = 00000000  ActivityState = 00000000
[ 1826.314220] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.322769] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.334342] *** Host State ***
[ 1826.338574] RIP = 0xffffffff811fa113  RSP = 0xffff8801804b7390
[ 1826.348558] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.354878] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:04 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fcntl$getownex(r3, 0x10, &(0x7f0000000180)={0x0, <r4=>0x0})
modify_ldt$write(0x1, &(0x7f00000003c0)={0xe63, 0x20000800, 0x4000, 0x0, 0x1, 0x5, 0x1, 0x401, 0x4, 0x2}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x22000002}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)={0x2e4, 0x3c, 0x20, 0x70bd27, 0x25dfdbfc, {0xa}, [@typed={0x14, 0x8001, @ipv6=@mcast2}, @nested={0xf8, 0x1d, [@typed={0x8, 0x1e, @pid=r4}, @generic="96e1417f2c6ff1789edf89ffa9f23ca7468a9308b7", @typed={0x8, 0x26, @fd=r1}, @generic="f65a209ac910832481efee8b4e5beb133051e0d9f8cb1f3934adf9fe019b181b705fd58ea3c917c0da0351f8a25e9854eea2b3d8bf5f83158fa219da97ba73c905e55e81626285bc16ac1ca656d268be3c74464284b1df0c4de248df94b4b09df6a3d325a0f3e54302a274a35f45b6f4198082008b3aa2ebc065598dab529accac201089e30daaf4bb4f2d04dbd88c1eabe27038b15307b50404bba60386df0454977d7e7553d4", @typed={0xc, 0x1f, @u64=0xaf}, @typed={0x8, 0x1, @ipv4=@multicast2}, @typed={0x10, 0x2a, @str='/dev/dsp#\x00'}, @typed={0x4, 0x6b}]}, @generic="fbf115df8e0f71596c9931dac9001e339298bd44d8b59013209a5acf983f0ef7aeca0c149558da1c0491474199c0ac626e2edfbbfac7d6b9a750efedb538fca962e0906f0786e7fc11c67b579526ca8ea405f84bc63004355aca185fa7101cb8b5a13fe8dbdb6fb0dc669f9831514907d4f63f863f4fb40b0e58037d9fa16664ed32e8a3bc65f21227738231d744c8ebb72fe54672332ada2827511787af59e7845601dc3ee6f620cf5b5473bcbcde0cbc813c58fe82d35c538b2fbd9d3406373e60592f1a614dfbd08f7c838dbb70e40737b9ac8df0d9ca326d3b7eadb2978cbc16", @typed={0x14, 0x47, @ipv6=@dev={0xfe, 0x80, [], 0x19}}, @generic="653de1b285392963df249d232f2d493d4a3c232be0c7ff34e2ab0279753e8f541988c1de372f1ba33edec7458e07e56504fb0c03bebeb2258029261e4b370e4181132853e4bd08a63e54116c5fbbfed1af03f47533254c671fd1881983cb719a27abf4f127363ffea6be0ee1a7728461cabc90fd879a1c61a7dde62f656e77679c43a6a0c55234d3f829eaece6450e2ca8211401c42256537881438ed09644f2016b4d51117975e5b630815e8da38aafb6cb1b2e47895c397df8607493d598d4a81bb4f7d24b81259618f6ccc788"]}, 0x2e4}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)={[0x200000, 0x5, 0x7, 0x418, 0x5, 0x76, 0x2, 0x6, 0x81, 0x3, 0x1e32, 0xfffffffffffffff7, 0x77c, 0x34a0, 0x5, 0x3], 0xf000, 0x80000})

[ 1826.357000] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.367453] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.373103] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1826.387871] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.396470] TPR Threshold = 0x00
[ 1826.406088] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1826.413775] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1826.423808] EPT pointer = 0x00000001ba08201e
[ 1826.428458] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.436475] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.436494] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.436506] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.436525] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.436537] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1826.436553] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1826.436563] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1826.436573] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1826.436582] Interruptibility = 00000000  ActivityState = 00000000
[ 1826.436586] *** Host State ***
[ 1826.436597] RIP = 0xffffffff811fa113  RSP = 0xffff880181b97390
[ 1826.436619] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1826.447670] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1826.507869] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1826.527715] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1826.547896] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1826.554060] FSBase=00007ff4ae3eb700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1826.555862] Interruptibility = 00000000  ActivityState = 00000000
03:49:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ftruncate(r0, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1826.564551] Interruptibility = 00000000  ActivityState = 00000000
[ 1826.570927] *** Host State ***
[ 1826.580002] RIP = 0xffffffff811fa113  RSP = 0xffff8801c146f390
[ 1826.594939] *** Host State ***
[ 1826.597347] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1826.599753] CR0=0000000080050033 CR3=00000001bb72e000 CR4=00000000001426e0
03:49:04 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fcntl$getownex(r3, 0x10, &(0x7f0000000180)={0x0, <r4=>0x0})
modify_ldt$write(0x1, &(0x7f00000003c0)={0xe63, 0x20000800, 0x4000, 0x0, 0x1, 0x5, 0x1, 0x401, 0x4, 0x2}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x22000002}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)={0x2e4, 0x3c, 0x20, 0x70bd27, 0x25dfdbfc, {0xa}, [@typed={0x14, 0x8001, @ipv6=@mcast2}, @nested={0xf8, 0x1d, [@typed={0x8, 0x1e, @pid=r4}, @generic="96e1417f2c6ff1789edf89ffa9f23ca7468a9308b7", @typed={0x8, 0x26, @fd=r1}, @generic="f65a209ac910832481efee8b4e5beb133051e0d9f8cb1f3934adf9fe019b181b705fd58ea3c917c0da0351f8a25e9854eea2b3d8bf5f83158fa219da97ba73c905e55e81626285bc16ac1ca656d268be3c74464284b1df0c4de248df94b4b09df6a3d325a0f3e54302a274a35f45b6f4198082008b3aa2ebc065598dab529accac201089e30daaf4bb4f2d04dbd88c1eabe27038b15307b50404bba60386df0454977d7e7553d4", @typed={0xc, 0x1f, @u64=0xaf}, @typed={0x8, 0x1, @ipv4=@multicast2}, @typed={0x10, 0x2a, @str='/dev/dsp#\x00'}, @typed={0x4, 0x6b}]}, @generic="fbf115df8e0f71596c9931dac9001e339298bd44d8b59013209a5acf983f0ef7aeca0c149558da1c0491474199c0ac626e2edfbbfac7d6b9a750efedb538fca962e0906f0786e7fc11c67b579526ca8ea405f84bc63004355aca185fa7101cb8b5a13fe8dbdb6fb0dc669f9831514907d4f63f863f4fb40b0e58037d9fa16664ed32e8a3bc65f21227738231d744c8ebb72fe54672332ada2827511787af59e7845601dc3ee6f620cf5b5473bcbcde0cbc813c58fe82d35c538b2fbd9d3406373e60592f1a614dfbd08f7c838dbb70e40737b9ac8df0d9ca326d3b7eadb2978cbc16", @typed={0x14, 0x47, @ipv6=@dev={0xfe, 0x80, [], 0x19}}, @generic="653de1b285392963df249d232f2d493d4a3c232be0c7ff34e2ab0279753e8f541988c1de372f1ba33edec7458e07e56504fb0c03bebeb2258029261e4b370e4181132853e4bd08a63e54116c5fbbfed1af03f47533254c671fd1881983cb719a27abf4f127363ffea6be0ee1a7728461cabc90fd879a1c61a7dde62f656e77679c43a6a0c55234d3f829eaece6450e2ca8211401c42256537881438ed09644f2016b4d51117975e5b630815e8da38aafb6cb1b2e47895c397df8607493d598d4a81bb4f7d24b81259618f6ccc788"]}, 0x2e4}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)={[0x200000, 0x5, 0x7, 0x418, 0x5, 0x76, 0x2, 0x6, 0x81, 0x3, 0x1e32, 0xfffffffffffffff7, 0x77c, 0x34a0, 0x5, 0x3], 0xf000, 0x80000})

[ 1826.619529] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1826.620991] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1826.636177] RIP = 0xffffffff811fa113  RSP = 0xffff8801d5b6f390
[ 1826.644238] CR0=0000000080050033 CR3=00000001883ae000 CR4=00000000001426e0
[ 1826.653680] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1826.662355] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1826.670308] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1826.695225] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1826.711224] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1826.716917] CR0=0000000080050033 CR3=00000001c1b2b000 CR4=00000000001426f0
[ 1826.721704] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1826.738611] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1826.741281] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1826.745452] *** Control State ***
[ 1826.752659] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1826.762164] *** Control State ***
[ 1826.770380] CR0=0000000080050033 CR3=00000001cebb7000 CR4=00000000001426e0
[ 1826.778891] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1826.792193] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1826.799657] *** Control State ***
[ 1826.803319] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1826.810498] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1826.817632] EntryControls=0000d1ff ExitControls=002fefff
[ 1826.820406] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1826.823225] EntryControls=0000d1ff ExitControls=002fefff
[ 1826.836803] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1826.843015] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1826.853230] EntryControls=0000d1ff ExitControls=002fefff
[ 1826.860129] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1826.867223] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1826.873983] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1826.874000] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1826.880701]         reason=80000021 qualification=0000000000000000
[ 1826.889316] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1826.893982] IDTVectoring: info=00000000 errcode=00000000
[ 1826.906825] TSC Offset = 0xfffffc2c09f856ac
[ 1826.908818] *** Control State ***
[ 1826.911249] TPR Threshold = 0x00
[ 1826.918130] EPT pointer = 0x00000001bcdbd01e
[ 1826.922928] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1826.926158] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1826.938617] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1826.939253] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1826.952311]         reason=80000021 qualification=0000000000000000
[ 1826.959040] EntryControls=0000d1ff ExitControls=002fefff
[ 1826.962770]         reason=80000021 qualification=0000000000000000
03:49:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xc02, 0x1a)
connect$vsock_dgram(r3, &(0x7f0000000300)={0x28, 0x0, 0xffffffff, @reserved}, 0x10)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1826.964618] IDTVectoring: info=00000000 errcode=00000000
[ 1826.978104] IDTVectoring: info=00000000 errcode=00000000
[ 1826.986897] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1826.995609] TSC Offset = 0xfffffc2c215aa4ab
[ 1826.999946] TPR Threshold = 0x00
[ 1827.003310] EPT pointer = 0x00000001cd58001e
[ 1827.010332] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1827.017991] TSC Offset = 0xfffffc2c40f0873a
[ 1827.025532] TPR Threshold = 0x00
[ 1827.033678] EPT pointer = 0x00000001858e801e
[ 1827.043707] *** Guest State ***
[ 1827.048303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1827.058364] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:05 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x80ffff]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000080)={0x0, @loopback, 0x4e23, 0x2, 'dh\x00', 0x2, 0x400, 0x2f}, 0x2c)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
sendmsg$key(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x2, 0x17, 0x8, 0x0, 0x36, 0x0, 0x70bd2d, 0x68dd7964, [@sadb_x_nat_t_type={0x1, 0x14, 0xfffffffffffffffe}, @sadb_sa={0x2, 0x1, 0x4d2, 0x7ff, 0xfff, 0xc1, 0x2, 0x40000000}, @sadb_x_filter={0x5, 0x1a, @in6=@ipv4={[], [], @broadcast}, @in6=@remote, 0x13, 0x4, 0x4}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e22, 0x8, @remote, 0x9}, @in={0x2, 0x4e22, @rand_addr=0x7}}, @sadb_x_sec_ctx={0x16, 0x18, 0x3, 0x1, 0xa8, "dca56db42b827e8578fa171294b5bd09ceb5146c8964d5f839d7ea7f6e5f354640ecc3c1bc716229e1a94245ae989cda25a1f5a439036b97b25741384ce22b791d41fe16217419efd9099f7467b417c7ab65e8f38a3ea096c2e7aef6e500f5428f649a4083b792f2a85f40b222200f2a5d182538585720b8a25c2f610db998b0c055d58c478c447a33988a99318a41e7fe99f67ea59fd1bb04dff6c06cb4055a4523130da7b19ce9"}, @sadb_x_policy={0x8, 0x12, 0x2, 0x0, 0x0, 0x6e6bb0, 0x5, {0x6, 0xff, 0x4, 0x80000001, 0x0, 0x0, 0x0, @in=@multicast1, @in6=@loopback}}, @sadb_spirange={0x2, 0x10, 0x4d3, 0x4d6}, @sadb_address={0x5, 0x7, 0x32, 0x80, 0x0, @in6={0xa, 0x4e23, 0xbc, @mcast1, 0x1f}}]}, 0x1b0}}, 0x1)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:49:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ftruncate(r0, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0fe00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1827.072398]         reason=80000021 qualification=0000000000000000
[ 1827.087969] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1827.106008] IDTVectoring: info=00000000 errcode=00000000
[ 1827.120888] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:20003
[ 1827.123313] CR3 = 0x0000000000000000
[ 1827.130978] TSC Offset = 0xfffffc2c23ca4170
[ 1827.138713] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1827.145622] TPR Threshold = 0x00
[ 1827.151475] *** Guest State ***
[ 1827.155232] EPT pointer = 0x00000001d895201e
[ 1827.159780] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1827.162828] *** Guest State ***
[ 1827.166385] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1827.178472] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1827.187523] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1827.194449] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1827.203825] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.212394] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1827.222106] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.223629] CR3 = 0x0000000000000000
[ 1827.237961] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.247297] CR3 = 0x0000000000000000
[ 1827.254203] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1827.255148] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1827.268783] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:20003
03:49:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1827.269159] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.278062] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1827.289130] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.302248] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1827.315082] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.326663] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1827.327394] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1827.359064] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.364079] *** Guest State ***
03:49:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x200, 0xfffffffffffffffb)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000340)={0x0, 0x80000001, 0xffff, &(0x7f00000001c0)=0x5})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x5, 0xe000)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000000580)={"682db235c8d63914a807a18bb0ea6c5c80a13cc484380519083795fe475325f241e4094a41baa029bfd20fdd0b43c3170b908ea50916d50330a19e8d75cc0006a8c3c667b1e4c71de33b8a66adf97b0a6d0e0b99c2523a92818f3513df89cf1c00f5e4750f495254816b3209af026bc34969a9c5b0dd0feb1f34c840e4eac8d4d30b6688af360c476131d712feac6623f545dd11352228ea24a96828e2ad66ab73bc05c54da342967e25e6b3a122de956edffe0f560a9e0d2e41895355655592599a9ed17d66b4d88afb25948ca501c36f6bbd46c5fe3e094c7f388d676964c1a8b2da4d3ccb465e06cce07e6709e8d6ba2e174aa05fa5a452e0712cbb9f8682ee1162cccb8d517f6d5076189df363cec81bfab636cb01a9ffbc765c257259b15f2177c46e9aa90b1b15b903a2602ffbb628387c51beb3110ea86623d0b13c40541bf32de21ade53914d73b580500f945e9cc2576e63ebf18fc0f03b534bc5b9e90d3e56ac078c8f41e0cd51537d7a3e701df336a790d4e8f027ac478bba1bd450fc6bf57f5d001cd80d478bb6a8850c9c14892dd6f212f19718eba4862303927e41aefa69a1b99cbe40e845d0facdec6b2694824bce202c74601b61611b70ff3f6e58b6ed75e3fe71ab4c9e0bd477d6c6b77a4452837e44fd78439522dcbb51ef4e804de45c7f7e6de7791701df0af66f127d0a5c78999b9463134c551b1461aca90c139bdeeb988f0578b91df3cc029f9255afa9434b87a333fea22d468ec46cbb201dbc497e919800130fe69cfb6906f9c039ee8327cba5aaee7f84fc3f7bdc17ecf2096bf235e5a5d8277150db1bacb91bdbe88ecabf2a24410ae9827977c110d28b2da87793f8314ca126c0a7455b25d2c28fb22195c6d6de14a5786fbc237a6834f047ba94bb0005b78b4ed12765dfa1750b556031bd779bbc57b6ae2dd0627c3a129d0ff52d227f989d012e70a18adb704da3333a2cf354c7ce9f17cde1509ca4cc9d22a298a769cb64cddeba68e9330894fd6002323aec3189d4a94be22c40297b5fcadf76d48a42418900b196cd5fb5700c47a327d60f5bc5678a7db375d8cbae9e0e18c17b17b46e34b08340aab9631d3aec1ad91958cd1e7285269d3e63d2165d1cd683c8c78b472f0afd302a01e61cfa52ca11d18d7b784b5ea41be146fc0534e22d97862856886dd3faa9f4628d52ae0f441556d194c6f8d2ca2d0f85e7693a0e370fa13ddffd4c504192bcc709562e5177506e8e711480710667d3ea405c38bd3dab80da8175d57425e45bf7baf2a358c83d2223d569c78e2642590c848feaa8f27e302c1b0c664b0cca93b9ea9dfe8e9eb51e5ed3e362bb187edfe18778d933741af944a74549dd88ead5864334a18613c944eef48580a12eb6d4deb3669419390f79c5a2d90fe0465f6b5a161b8d5162f861791065451b7e"})
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40008000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="03000000", @ANYRES16=r5, @ANYBLOB="100a00000000ffdbdf250500000008000400080000002c000200080004000000010008000b000a0000000800050000000000080009000100000008000b0002000000080c040004000000080006000008000008000600ff7f0000080006000000000028000100080001000a000000080004004e24000008000800020000000c0007000400000001000000"], 0x90}, 0x1, 0x0, 0x0, 0x40}, 0x1)

03:49:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x20000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1827.368134] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.379815] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.381847] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.397546] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.400585] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1827.423723] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.432132] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.435000] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.448512] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.456741] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.464724] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.464744] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.464758] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.488880] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1827.498109] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.505500] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.510771] CR3 = 0x0000000000000000
[ 1827.517339] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1827.518366] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1827.530623] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.545112] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1827.559385] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1827.566946] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.575247] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.580899] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1827.583464] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.599210] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.607438] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.615807] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)={0x4, 0x0, [{0x37f, 0x0, 0x2}, {0x0, 0x0, 0x8}, {0xa6b, 0x0, 0x80000000}, {0x58f, 0x0, 0x81}]})

[ 1827.623994] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.632331] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.640581] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.648815] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.659334] Interruptibility = 00000000  ActivityState = 00000000
[ 1827.660723] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.669154] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.681906] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1827.692947] *** Host State ***
[ 1827.697700] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.706031] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.713766] RIP = 0xffffffff811fa113  RSP = 0xffff880187b1f390
[ 1827.719709] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1827.733140] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1827.737649] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.750243] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.758975] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1827.764937] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1827.770682] Interruptibility = 00000000  ActivityState = 00000000
03:49:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8008000000000007)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpgid(0xffffffffffffffff)
mq_notify(r3, &(0x7f00000001c0)={0x0, 0x20, 0x2, @tid=r4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1], 0x1f000})
connect$netlink(r3, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8800}, 0xc)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f0000000180)=r3)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)={&(0x7f0000000340)='./file0\x00', 0x0, 0x18}, 0x10)

[ 1827.781097] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1827.791606] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1827.801621] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1827.802493] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1827.814692] *** Host State ***
[ 1827.818953] Interruptibility = 00000000  ActivityState = 00000000
[ 1827.833191] RIP = 0xffffffff811fa113  RSP = 0xffff8801c1427390
[ 1827.839877] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1827.850645] *** Host State ***
[ 1827.853936] RIP = 0xffffffff811fa113  RSP = 0xffff8801d34e7390
[ 1827.865594] CR0=0000000080050033 CR3=00000001c290d000 CR4=00000000001426e0
[ 1827.872833] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1827.879670] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1827.887402] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1827.891084] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1827.900761] Interruptibility = 00000000  ActivityState = 00000000
[ 1827.907288] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1827.915427] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1827.920144] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1827.925060] *** Host State ***
[ 1827.934968] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1827.939353] RIP = 0xffffffff811fa113  RSP = 0xffff88017d39f390
[ 1827.954545] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1827.956265] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1827.967980] CR0=0000000080050033 CR3=00000001c1b2b000 CR4=00000000001426f0
[ 1827.976999] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
03:49:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000180)=0xc)
r5 = getgid()
setregid(r4, r5)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x80000, 0x0)
getpeername$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, &(0x7f0000000340)=0x10)

[ 1827.981011] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1827.992046] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1827.998727] CR0=0000000080050033 CR3=00000001c569e000 CR4=00000000001426f0
[ 1828.008046] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1828.015851] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1828.022527] *** Control State ***
[ 1828.026315] CR0=0000000080050033 CR3=00000001c742b000 CR4=00000000001426e0
[ 1828.033691] *** Control State ***
[ 1828.037497] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1828.044315] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1828.054575] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1828.066620] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1828.073713] EntryControls=0000d1ff ExitControls=002fefff
[ 1828.079403] EntryControls=0000d1ff ExitControls=002fefff
[ 1828.086169] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1828.092456] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1828.099695] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1828.108514] *** Control State ***
[ 1828.112163] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.119012] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1828.123323] *** Control State ***
[ 1828.125998] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1828.133629] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1828.136358] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.149384] EntryControls=0000d1ff ExitControls=002fefff
[ 1828.155036] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1828.155217] EntryControls=0000d1ff ExitControls=002fefff
[ 1828.168405]         reason=80000021 qualification=0000000000000000
[ 1828.175351] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.182191] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1828.189294] IDTVectoring: info=00000000 errcode=00000000
[ 1828.195112] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1828.202346]         reason=80000021 qualification=0000000000000000
[ 1828.206445] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1828.209774] TSC Offset = 0xfffffc2b50ea43d7
[ 1828.224478]         reason=80000021 qualification=0000000000000000
[ 1828.231393] IDTVectoring: info=00000000 errcode=00000000
[ 1828.238082] IDTVectoring: info=00000000 errcode=00000000
[ 1828.246214] TPR Threshold = 0x00
[ 1828.249735] TSC Offset = 0xfffffc2b7d711b4d
[ 1828.254192] TSC Offset = 0xfffffc2b6e1c4c24
[ 1828.259008] EPT pointer = 0x00000001cc12b01e
[ 1828.259691] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.263548] TPR Threshold = 0x00
[ 1828.274251] TPR Threshold = 0x00
03:49:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x4, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000000180))
r4 = gettid()
prlimit64(r4, 0x0, &(0x7f0000000080)={0x4, 0x5}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1828.286105] EPT pointer = 0x00000001d2ff901e
[ 1828.288482] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1828.298366] EPT pointer = 0x00000001ce66c01e
[ 1828.299223]         reason=80000021 qualification=0000000000000000
[ 1828.309217] IDTVectoring: info=00000000 errcode=00000000
[ 1828.314768] TSC Offset = 0xfffffc2b6c7ac3c0
[ 1828.319297] TPR Threshold = 0x00
[ 1828.322728] EPT pointer = 0x00000001cb5ac01e
03:49:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=<r3=>0x0)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000180)=r3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000340)=0x5e44d895, 0x4)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0xffffffffffffffff}, {0x0, 0x0, 0xfffffffffffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x80ffff]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:06 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd01}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:06 executing program 5:
clone(0x80002100, &(0x7f0000000340)="b2de1e4348bc8f61259bd054b04c9ecaddf6d3757da52e32a3896a6c930a957154f0d3fcc6b6bec6c574abc424a269f849d6cf034673d382e3ee7e9036f9015682ae5ac0b47a84f73910e517bca9fb32e2f2222588aeccc9ab250d5f4a950ff0337d83d00542f364c962b1b2a562495a58fdca9a3a5c68df6823e6eb853e5a90c85e9b4978dd2701d1395cf89d15440e0f9a8be20aa39219", &(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
recvmsg(r3, &(0x7f0000000640)={&(0x7f0000000400)=@can, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/14, 0xe}, {&(0x7f00000004c0)=""/229, 0xe5}], 0x2, &(0x7f0000000600)=""/3, 0x3, 0x6}, 0x63)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1828.419028] *** Guest State ***
[ 1828.422338] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1828.451850] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1828.465841] *** Guest State ***
[ 1828.472226] *** Guest State ***
[ 1828.475925] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1828.486746] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1828.496264] CR3 = 0x0000000000000000
[ 1828.501764] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1828.508541] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000080)={0x6, 0xc536})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1828.513625] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1828.528314] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1828.534299] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1828.542822] CR3 = 0x0000000000000000
[ 1828.552211] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1828.559267] CR3 = 0x0000000000000000
[ 1828.568351] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1828.579907] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1828.586930] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.595921] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.598892] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.604292] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x4, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000000180))
r4 = gettid()
prlimit64(r4, 0x0, &(0x7f0000000080)={0x4, 0x5}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1828.620604] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.621565] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1828.629356] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.643019] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.651263] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1828.663510] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1828.666246] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.691939] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1828.700418] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1828.702440] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.718408] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1828.720327] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.727518] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1828.744343] Interruptibility = 00000000  ActivityState = 00000000
[ 1828.752472] *** Host State ***
[ 1828.754497] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.757220] RIP = 0xffffffff811fa113  RSP = 0xffff8801804b7390
[ 1828.770002] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1828.776706] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1828.784719] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1828.790786] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.790921] CR0=0000000080050033 CR3=00000001c7ea1000 CR4=00000000001426e0
[ 1828.806955] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1828.813926] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1828.820259] *** Control State ***
03:49:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1828.824028] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1828.832721] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.841148] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.860607] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.873321] EntryControls=0000d1ff ExitControls=002fefff
[ 1828.885187] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.888319] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.901359] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.912795] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={<r4=>0x0}, &(0x7f0000000180)=0xc)
sched_setaffinity(r4, 0x8, &(0x7f00000001c0)=0x3)

[ 1828.918972] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1828.929096] *** Guest State ***
[ 1828.934748] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1828.940131] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1828.952708] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.958122] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.959825] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1828.975677] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1828.984761] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1828.988268] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1828.992270] CR3 = 0x0000000000000000
[ 1829.000354] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.003973]         reason=80000021 qualification=0000000000000000
[ 1829.019266] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1829.019275] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.019293] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.025520] IDTVectoring: info=00000000 errcode=00000000
[ 1829.034713] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.057480] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1829.063551] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1829.070793] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1829.078456] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1829.078470] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.078487] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.093241] TSC Offset = 0xfffffc2ab921c14e
[ 1829.109355] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000080)={0x6, 0xc536})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1829.132362] Interruptibility = 00000000  ActivityState = 00000000
[ 1829.135133] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1829.164551] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1829.172389] TPR Threshold = 0x00
[ 1829.176214] *** Host State ***
[ 1829.178733] EPT pointer = 0x00000001c234b01e
[ 1829.184295] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.198320] Interruptibility = 00000000  ActivityState = 00000000
[ 1829.201511] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1829.204756] *** Host State ***
[ 1829.214163] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.232180] RIP = 0xffffffff811fa113  RSP = 0xffff880168f17390
[ 1829.237337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1829.238630] *** Guest State ***
[ 1829.245477] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1829.260291] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1829.268092] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000180)="48b800800000000000000f23c00f21f835000009000f23f866ba430066edb91b0b00000f32c461a5ef0548dfc8e7266536f3c08300000000000f2132c4817d5a800a000000366436650f0666b801018ed866450f35"}], 0x241, 0x0, &(0x7f0000000600), 0xd64034b8089dce2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x401, 0x7, 0x9000}, 0x4)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0xffffffffffffffff, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1829.281012] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1829.287608] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.298680] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1829.298717] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1829.322461] CR3 = 0x0000000000000000
[ 1829.327773] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1829.327944] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.340870] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1829.351747] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1829.360632] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.369692] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1829.375759] CR0=0000000080050033 CR3=0000000184d01000 CR4=00000000001426f0
03:49:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000080)={0x6, 0xc536})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1829.382993] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.397076] CR0=0000000080050033 CR3=00000001c7bbc000 CR4=00000000001426f0
[ 1829.404236] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.415019] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1829.428925] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1829.435827] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.444550] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1829.450827] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.459059] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1829.465310] *** Control State ***
[ 1829.468905] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1829.476022] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.484885] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.492885] *** Control State ***
[ 1829.492901] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1829.496503] EntryControls=0000d1ff ExitControls=002fefff
[ 1829.508712] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.517013] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.525215] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.525412] EntryControls=0000d1ff ExitControls=002fefff
[ 1829.533339] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1829.545797] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.553958] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1829.560597] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.568859] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1829.577830] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:49:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = fcntl$getown(r0, 0x9)
write$cgroup_pid(r3, &(0x7f0000000080)=r4, 0x12)

[ 1829.581496] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1829.593261] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.603456] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1829.606879] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.612724] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.626987] Interruptibility = 00000000  ActivityState = 00000000
[ 1829.632657] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1829.641873] *** Host State ***
[ 1829.642537]         reason=80000021 qualification=0000000000000000
[ 1829.646741] RIP = 0xffffffff811fa113  RSP = 0xffff8801d34e7390
[ 1829.651916] IDTVectoring: info=00000000 errcode=00000000
[ 1829.663848] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1829.667416]         reason=80000021 qualification=0000000000000000
[ 1829.670559] TSC Offset = 0xfffffc2ac0409a1e
[ 1829.683953] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1829.685466] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1829.691826] TPR Threshold = 0x00
[ 1829.701396] Interruptibility = 00000000  ActivityState = 00000000
[ 1829.707834] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1829.715740] IDTVectoring: info=00000000 errcode=00000000
[ 1829.721190] TSC Offset = 0xfffffc2ab9e14f58
[ 1829.725739] EPT pointer = 0x00000001b9bd701e
[ 1829.732552] *** Host State ***
[ 1829.739463] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1829.746734] RIP = 0xffffffff811fa113  RSP = 0xffff880187b1f390
[ 1829.756228] TPR Threshold = 0x00
[ 1829.762313] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1829.776339] EPT pointer = 0x00000001d7e2e01e
[ 1829.787273] CR0=0000000080050033 CR3=00000001cdbe8000 CR4=00000000001426e0
[ 1829.796781] FSBase=00007fe0750e3700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1829.808730] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1829.818187] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1829.825248] CR0=0000000080050033 CR3=00000001c7ea1000 CR4=00000000001426e0
03:49:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000080)={0x6, 0xc536})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1829.832380] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1829.835213] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1829.845319] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1829.860778] *** Control State ***
[ 1829.871719] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1829.880072] EntryControls=0000d1ff ExitControls=002fefff
[ 1829.886621] *** Control State ***
[ 1829.898453] *** Guest State ***
[ 1829.901901] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1829.913398] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1829.920215] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1829.920230] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1829.920235] CR3 = 0x0000000000000000
[ 1829.920243] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1829.920260] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1829.934239] EntryControls=0000d1ff ExitControls=002fefff
[ 1829.955005] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1829.960038] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.966778] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.980150] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.986835] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1829.986954]         reason=80000021 qualification=0000000000000000
[ 1829.993654]         reason=80000021 qualification=0000000000000000
[ 1830.000047] IDTVectoring: info=00000000 errcode=00000000
[ 1830.011963] TSC Offset = 0xfffffc2a7caf6e13
[ 1830.016507] TPR Threshold = 0x00
[ 1830.016881] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1830.019988] EPT pointer = 0x00000001bde7801e
[ 1830.034333] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.044940] IDTVectoring: info=00000000 errcode=00000000
[ 1830.050532] TSC Offset = 0xfffffc2ab921c14e
[ 1830.053710] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.057262] TPR Threshold = 0x00
[ 1830.074123] EPT pointer = 0x00000001c234b01e
[ 1830.079036] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:08 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0xffff8000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x0, &(0x7f0000000600), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x15, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = memfd_create(&(0x7f0000000000)='/dev/kvm\x00', 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000340)={{0x3b, @multicast1, 0x4e24, 0x0, 'lblc\x00', 0x2, 0xfffffffffffffffa, 0x46}, {@dev={0xac, 0x14, 0x14, 0x1d}, 0x4e24, 0x3, 0x624e40a, 0x2, 0xff}}, 0xfffffffffffffcee)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1830.109544] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.124438] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.160978] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.182819] *** Guest State ***
[ 1830.193397] *** Guest State ***
[ 1830.201230] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = fcntl$getown(r0, 0x9)
write$cgroup_pid(r3, &(0x7f0000000080)=r4, 0x12)

[ 1830.203999] *** Guest State ***
[ 1830.217212] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1830.227530] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.230991] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1830.247000] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1830.259780] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1830.270994] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.283030] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1830.287809] CR3 = 0x0000000000000000
[ 1830.298506] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1830.308665] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.316074] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1830.317547] CR3 = 0x0000000000000000
[ 1830.326816] CR3 = 0x0000000000000000
[ 1830.332694] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1830.334517] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1830.345161] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.348912] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.353804] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.362121] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1830.374543] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.377717] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1830.391085] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1830.392398] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.406034] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1830.406052] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1830.412542] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1830.418714] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.439410] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.455013] Interruptibility = 00000000  ActivityState = 00000000
[ 1830.455198] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1830.464901] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.471533] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.483438] *** Host State ***
[ 1830.494961] RIP = 0xffffffff811fa113  RSP = 0xffff880182cb7390
[ 1830.497553] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = getpgid(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000080)=0x4000000000000c)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1830.502234] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1830.515566] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.524584] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1830.532887] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.534713] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.541731] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1830.555171] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.563464] CR0=0000000080050033 CR3=00000001c8f07000 CR4=00000000001426e0
[ 1830.570807] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.579137] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.579531] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.597767] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.604112] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.613925] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1830.620737] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.624012] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1830.635590] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.644012] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.649929] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000180)="48b800800000000000000f23c00f21f835000009000f23f866ba430066edb91b0b00000f32c461a5ef0548dfc8e7266536f3c08300000000000f2132c4817d5a800a000000366436650f0666b801018ed866450f35"}], 0x241, 0x0, &(0x7f0000000600), 0xd64034b8089dce2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x401, 0x7, 0x9000}, 0x4)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0xffffffffffffffff, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1830.660186] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1830.665100] *** Control State ***
[ 1830.672832] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1830.674990] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1830.684649] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.688323] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.718760] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.721724] Interruptibility = 00000000  ActivityState = 00000000
[ 1830.733321] EntryControls=0000d1ff ExitControls=002fefff
[ 1830.744090] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1830.753688] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1830.761078] *** Host State ***
[ 1830.772510] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1830.773699] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.780420] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
[ 1830.794738] Interruptibility = 00000000  ActivityState = 00000000
[ 1830.801896] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1830.812844] *** Host State ***
[ 1830.820786] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1830.827261] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1830.834412] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1830.841356] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1830.844387] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.848344] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
03:49:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x1, 0x8})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = getpgid(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000080)=0x4000000000000c)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1830.873721] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1830.878331] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.896433] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1830.902056] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1830.912343] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1830.925325] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1830.938911] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1830.939125]         reason=80000021 qualification=0000000000000000
[ 1830.952066] CR0=0000000080050033 CR3=00000001c975e000 CR4=00000000001426f0
[ 1830.954946] CR0=0000000080050033 CR3=00000001d2138000 CR4=00000000001426e0
[ 1830.975474] IDTVectoring: info=00000000 errcode=00000000
[ 1830.992750] TSC Offset = 0xfffffc29f575600d
[ 1830.997050] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1831.000880] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1831.012432] TPR Threshold = 0x00
[ 1831.013567] Interruptibility = 00000000  ActivityState = 00000000
[ 1831.024289] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1831.025766] EPT pointer = 0x000000018231701e
[ 1831.035511] *** Host State ***
[ 1831.040483] RIP = 0xffffffff811fa113  RSP = 0xffff88018066f390
[ 1831.057022] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1831.065608] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1831.088801] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1831.095071] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1831.102369] *** Control State ***
[ 1831.116844] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1831.122853] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
03:49:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f00000004c0)={0x1f, {{0x2, 0x4e20, @multicast1}}, 0x0, 0x4, [{{0x2, 0x4e21, @remote}}, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e23, @remote}}, {{0x2, 0x4e20, @multicast1}}]}, 0x290)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x1, 0x8})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1831.137590] *** Control State ***
[ 1831.138754] CR0=0000000080050033 CR3=00000001c7ea1000 CR4=00000000001426e0
[ 1831.164905] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1831.167428] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1831.187708] EntryControls=0000d1ff ExitControls=002fefff
[ 1831.192908] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1831.211038] EntryControls=0000d1ff ExitControls=002fefff
[ 1831.216931] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1831.226795] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1831.233201] *** Control State ***
[ 1831.234062] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1831.244516] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1831.251303] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1831.258272] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1831.265328]         reason=80000021 qualification=0000000000000000
[ 1831.272638] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1831.279404] EntryControls=0000d1ff ExitControls=002fefff
[ 1831.285092] IDTVectoring: info=00000000 errcode=00000000
[ 1831.290747]         reason=80000021 qualification=0000000000000000
[ 1831.297294] TSC Offset = 0xfffffc29cf36345b
[ 1831.301774] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1831.308933] IDTVectoring: info=00000000 errcode=00000000
[ 1831.314768] TPR Threshold = 0x00
[ 1831.318358] TSC Offset = 0xfffffc29cbb6101d
[ 1831.322999] EPT pointer = 0x00000001bca8c01e
[ 1831.329804] TPR Threshold = 0x00
[ 1831.333804] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1831.343924] EPT pointer = 0x00000001c2d0d01e
[ 1831.362884] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
03:49:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1831.394238]         reason=80000021 qualification=0000000000000000
[ 1831.419035] IDTVectoring: info=00000000 errcode=00000000
[ 1831.450410] TSC Offset = 0xfffffc29ce2d89b2
[ 1831.463776] *** Guest State ***
[ 1831.478850] TPR Threshold = 0x00
[ 1831.482234] EPT pointer = 0x00000001cb5c301e
[ 1831.486688] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1831.486702] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1831.486708] CR3 = 0x0000000000000000
[ 1831.486716] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1831.486726] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1831.486741] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1831.486753] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.486776] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.486796] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:09 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x80ffff00000000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:09 executing program 3:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x2000, 0x0)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000540)={0x100000001, 0x2, 0x9e7, 0xffffffffffffff7f}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xfffffffffffffff7, 0x1)
syz_genetlink_get_family_id$nbd(&(0x7f00000005c0)='nbd\x00')
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f00000004c0)={0x9, 0x0, {0x2, 0x1, 0x1, 0x3, 0x4}})
gettid()
ioctl$KVM_PPC_GET_PVINFO(r2, 0x4080aea1, &(0x7f0000000440)=""/114)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
syz_open_dev$audion(&(0x7f0000000580)='/dev/audio#\x00', 0x7, 0x2a8782)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000340)={0x0, 0x0, @pic={0x8, 0xfffffffffffffffb, 0x8, 0x1f, 0x2, 0x3, 0xfffffffffffffe00, 0x4, 0x7, 0x1, 0xfffffffffffffff7, 0xcc, 0x81, 0xbce7, 0x0, 0x7}})
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000], 0x1f000, 0x2000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f0000000080)={0x28, 0x2, 0x0, {0x3, 0xfff, 0xda67}}, 0x28)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
fcntl$setpipe(r2, 0x407, 0x6)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1831.521639] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.535747] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.597766] *** Guest State ***
[ 1831.606354] *** Guest State ***
[ 1831.611178] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1831.622263] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1831.634170] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1831.655800] *** Guest State ***
[ 1831.659108] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1831.659188] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.676305] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1831.676434] CR3 = 0x0000000000000000
[ 1831.686220] CR3 = 0x0000000000000000
[ 1831.693010] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1831.701096] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1831.702311] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1831.716172] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1831.716676] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.730586] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1831.740511] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.748850] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1831.755246] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1831.761846] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1831.765061] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1831.773411] Interruptibility = 00000000  ActivityState = 00000000
[ 1831.777923] CR3 = 0x0000000000000000
[ 1831.782012] *** Host State ***
[ 1831.792780] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1831.799900] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1831.806425] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1831.813058] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1831.815283] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1831.821351] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.828865] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1831.836124] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1831.848020] CR0=0000000080050033 CR3=00000001c975e000 CR4=00000000001426e0
03:49:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$BLKROGET(r3, 0x125e, &(0x7f0000000080))
ioctl$BLKROGET(r3, 0x125e, &(0x7f0000000180))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1831.856275] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1831.862813] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.872138] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1831.878936] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1831.882736] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.893747] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.902333] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.905569] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.918393] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1831.924539] *** Control State ***
[ 1831.928543] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.937772] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1831.943686] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.946079] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.957203] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.978250] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.978819] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1831.989121] EntryControls=0000d1ff ExitControls=002fefff
[ 1832.004415] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.010212] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.020605] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1832.027657] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1832.027669] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.027687] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.034468] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.059053] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1832.065818]         reason=80000021 qualification=0000000000000000
[ 1832.072424] IDTVectoring: info=00000000 errcode=00000000
[ 1832.072946] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.084987] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.094092] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.096311] TSC Offset = 0xfffffc29224a9e3b
03:49:10 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000], 0x1f000, 0x2000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1832.106659] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.111029] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.123807] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.132638] TPR Threshold = 0x00
[ 1832.137331] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.144342] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.155726] EPT pointer = 0x00000001c884001e
[ 1832.157971] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.168877] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.185851] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.188563] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.203114] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1832.211601] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1832.219831] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1832.226677] Interruptibility = 00000000  ActivityState = 00000000
[ 1832.237650] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1832.250090] *** Host State ***
03:49:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1832.254640] Interruptibility = 00000000  ActivityState = 00000000
[ 1832.260461] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.263575] RIP = 0xffffffff811fa113  RSP = 0xffff880165f7f390
[ 1832.279121] *** Host State ***
[ 1832.286245] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1832.287365] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1832.295265] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1832.308116] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1832.314698] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1832.333518] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1832.343863] *** Guest State ***
03:49:10 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1832.354923] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1832.357106] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1832.362524] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1832.382404] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1832.393746] Interruptibility = 00000000  ActivityState = 00000000
03:49:10 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x80080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x0, &(0x7f0000000080)=[@cr0={0x0, 0x40000000}], 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
r4 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
r5 = getuid()
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000004c0)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f0000000400)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@remote}, 0x0, @in=@rand_addr}}, &(0x7f0000000440)=0xe8)
setresuid(r5, r6, r7)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000003c0)=<r8=>0x0)
perf_event_open(&(0x7f0000000340)={0x5, 0x70, 0x101, 0x5, 0x400, 0x4, 0x0, 0xc8, 0x40, 0x1, 0x6, 0x2, 0xffffffffffffff7d, 0x6, 0x4, 0x3, 0x6, 0x7, 0x8, 0x6, 0x100, 0x8, 0x10e42f20, 0x97, 0x9, 0x1, 0x8, 0xb325, 0x1, 0x7ff, 0x46d, 0x6, 0xffff, 0x1, 0x8, 0x80af, 0x6, 0x2, 0x0, 0x100000000, 0x4, @perf_config_ext={0x6, 0x9}, 0x10000, 0xf6, 0x1, 0x1, 0x3f, 0x401, 0x2}, r8, 0x2, r4, 0x8)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xfffffffffffffffe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1832.406463] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426f0
[ 1832.421429] *** Host State ***
[ 1832.431408] RIP = 0xffffffff811fa113  RSP = 0xffff880180a77390
[ 1832.445036] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1832.456671] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1832.465993] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1832.469361] CR3 = 0x0000000000000000
[ 1832.476602] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1832.477135] CR0=0000000080050033 CR3=00000001bdee1000 CR4=00000000001426f0
[ 1832.482681] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1832.495801] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:10 executing program 4 (fault-call:8 fault-nth:0):
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1832.502867] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.505856] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1832.517484] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1832.537909] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1832.545892] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.564116] *** Control State ***
[ 1832.575513] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1832.581694] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1832.581711] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1832.594667] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.600792] CR0=0000000080050033 CR3=00000001c7ea1000 CR4=00000000001426f0
[ 1832.610111] EntryControls=0000d1ff ExitControls=002fefff
[ 1832.615894] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1832.622885] *** Control State ***
[ 1832.623186] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1832.633441] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1832.640364] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.640512] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1832.648567] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
03:49:10 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1832.655131] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1832.668002] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.670581] *** Control State ***
[ 1832.683506]         reason=80000021 qualification=0000000000000000
[ 1832.685139] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.696021] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1832.708425] EntryControls=0000d1ff ExitControls=002fefff
[ 1832.710895] EntryControls=0000d1ff ExitControls=002fefff
[ 1832.719674] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1832.727895] IDTVectoring: info=00000000 errcode=00000000
[ 1832.735032] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.737047] TSC Offset = 0xfffffc290b9da601
[ 1832.747445] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.755784] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1832.756707] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1832.772475] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1832.778313] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1832.779335]         reason=80000021 qualification=0000000000000000
[ 1832.792126] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1832.793671] IDTVectoring: info=00000000 errcode=00000000
[ 1832.805744] TPR Threshold = 0x00
[ 1832.805757] EPT pointer = 0x00000001c5ec301e
[ 1832.813636] TSC Offset = 0xfffffc290c80b5ae
[ 1832.818254] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1832.826624] TPR Threshold = 0x00
[ 1832.827820] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1832.830104] EPT pointer = 0x00000001bb72e01e
[ 1832.845599] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1832.852935]         reason=80000021 qualification=0000000000000000
[ 1832.865350] IDTVectoring: info=00000000 errcode=00000000
[ 1832.870839] TSC Offset = 0xfffffc2908f82fd0
[ 1832.875193] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1832.875204] Interruptibility = 00000000  ActivityState = 00000000
[ 1832.875208] *** Host State ***
[ 1832.875219] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
[ 1832.875241] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1832.875253] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
03:49:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0xffff8000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
socketpair$inet(0x2, 0xa, 0x7f, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, <r4=>0x0, 0x0]}, &(0x7f0000000340)=0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000380)={0x81, 0x800a, 0xfffffffffffffbff, 0x401, r4}, 0x10)

[ 1832.875264] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1832.875279] CR0=0000000080050033 CR3=00000001d8bc9000 CR4=00000000001426e0
[ 1832.894892] TPR Threshold = 0x00
[ 1832.901661] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1832.929094] EPT pointer = 0x00000001c7a1801e
[ 1832.935918] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1832.947169] *** Control State ***
[ 1832.956935] *** Guest State ***
03:49:11 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
membarrier(0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="670f083ef0819ec00080000f017c06670f01d70f01c8440f20c0663504000000440f22c00f0137f00051373e0fc7679f360f013b", 0x34}], 0x1, 0x40000000000004, &(0x7f0000000600), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000080)={0x0, 0x1, 0x7f, 0x9, 0x3adb})
keyctl$set_reqkey_keyring(0xe, 0xffffffffffffffff)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:11 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x1d, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1832.962526] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1832.969660] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1832.979500] EntryControls=0000d1ff ExitControls=002fefff
[ 1832.988838] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1833.015279] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1833.032680] CR3 = 0x0000000000000000
[ 1833.044714] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1833.052104] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1833.052346] *** Guest State ***
[ 1833.058539] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1833.068244] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1833.068671]         reason=80000021 qualification=0000000000000000
[ 1833.081170] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1833.081513] IDTVectoring: info=00000000 errcode=00000000
[ 1833.093651] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1833.103216] TSC Offset = 0xfffffc28a7bb41a5
[ 1833.107883] TPR Threshold = 0x00
[ 1833.111445] EPT pointer = 0x00000001d749c01e
03:49:11 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0xa, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1833.116408] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1833.126280] CR3 = 0x0000000000000000
[ 1833.133625] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.141930] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1833.148536] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1833.158610] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = dup3(r0, r1, 0x80000)
ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000080))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x10000000000001)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x40000000002, 0x5, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1833.171265] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.182219] *** Guest State ***
[ 1833.186014] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1833.197528] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1833.213183] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.221064] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.237666] CR3 = 0x0000000000000000
[ 1833.244104] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.246234] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.260636] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1833.267329] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1833.275161] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.283260] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1833.295076] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.305087] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.305208] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.313883] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.329494] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.331176] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.346823] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.355171] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.363338] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.364280] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.381360] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.392408] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.400972] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.409473] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.417855] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.422025] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.429507] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.442121] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.442132] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1833.442141] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1833.442149] Interruptibility = 00000000  ActivityState = 00000000
[ 1833.442152] *** Host State ***
[ 1833.442162] RIP = 0xffffffff811fa113  RSP = 0xffff880182cb7390
[ 1833.442183] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1833.442194] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1833.442204] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1833.442218] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426e0
[ 1833.442234] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1833.442245] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1833.442249] *** Control State ***
[ 1833.442257] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1833.442264] EntryControls=0000d1ff ExitControls=002fefff
[ 1833.442276] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1833.442284] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1833.442297] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1833.458166] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.471615] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.480881] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1833.503167]         reason=80000021 qualification=0000000000000000
[ 1833.508776] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1833.515030] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.521399] Interruptibility = 00000000  ActivityState = 00000000
[ 1833.524494] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1833.524514] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.524526] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1833.531599] *** Host State ***
[ 1833.537247] IDTVectoring: info=00000000 errcode=00000000
[ 1833.544627] RIP = 0xffffffff811fa113  RSP = 0xffff880182a8f390
[ 1833.551733] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1833.558287] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1833.566351] TSC Offset = 0xfffffc28522987a0
[ 1833.574922] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1833.580639] Interruptibility = 00000000  ActivityState = 00000000
[ 1833.587175] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1833.594334] TPR Threshold = 0x00
[ 1833.602701] CR0=0000000080050033 CR3=00000001cdf9b000 CR4=00000000001426f0
[ 1833.608587] *** Host State ***
[ 1833.617005] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1833.624692] EPT pointer = 0x00000001d806d01e
[ 1833.631392] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1833.634628] RIP = 0xffffffff811fa113  RSP = 0xffff8801bf2a7390
[ 1833.640254] *** Control State ***
[ 1833.645893] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1833.655284] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1833.659844] FSBase=00007fe0750e3700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1833.664122] EntryControls=0000d1ff ExitControls=002fefff
[ 1833.671945] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1833.678866] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1833.684656] CR0=0000000080050033 CR3=00000001d8bc9000 CR4=00000000001426e0
[ 1833.687934] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1833.694663] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1833.705497] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1833.715481]         reason=80000021 qualification=0000000000000000
[ 1833.721033] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1833.724505] IDTVectoring: info=00000000 errcode=00000000
[ 1833.738400] TSC Offset = 0xfffffc2845142145
[ 1833.745630] *** Control State ***
[ 1833.751246] *** Guest State ***
[ 1833.761801] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1833.764142] TPR Threshold = 0x00
[ 1833.771100] EntryControls=0000d1ff ExitControls=002fefff
[ 1833.778851] EPT pointer = 0x00000001d214d01e
[ 1833.791161] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1833.803664] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1833.813885] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1833.820413] CR3 = 0x0000000000000000
[ 1833.833838] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1833.840326] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1833.852752] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1833.856499] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1833.865085]         reason=80000021 qualification=0000000000000000
[ 1833.869062] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1833.875540] IDTVectoring: info=00000000 errcode=00000000
[ 1833.882049] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.888393] TSC Offset = 0xfffffc28a7bb41a5
[ 1833.894412] *** Guest State ***
[ 1833.900632] TPR Threshold = 0x00
[ 1833.908268] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.912795] EPT pointer = 0x00000001d749c01e
[ 1833.921203] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1833.928730] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1833.969303] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:11 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:11 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:11 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x6, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000180)="2e0f23de0f01cb0f20d86635200000000f22d86726670f01ca0f20d86635200000000f22d866b94c06000066b80070000066ba000000000f300fc79a00003e0fc7add9142e2e660f3a619606384b360f01ca", 0x52}], 0x1, 0x0, &(0x7f0000000600), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000380)='/dev/dsp#\x00', 0x3, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
r3 = socket(0x5, 0x2, 0x466)
r4 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x40000)
ioctl$EXT4_IOC_RESIZE_FS(r3, 0x40086610, &(0x7f0000000100)=0xfffffffffffff000)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e23, @multicast2}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1833.973901] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.003983] *** Guest State ***
[ 1834.008625] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1834.023730] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.041136] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1834.050984] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.051874] CR3 = 0x0000000000000000
[ 1834.060267] CR3 = 0x0000000000000000
[ 1834.067326] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1834.067484] *** Guest State ***
[ 1834.073420] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.090118] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1834.096212] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1834.102239] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1834.112099] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1834.119703] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:49:12 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x9, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1834.123734] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1834.127228] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.134940] CR3 = 0x0000000000000000
[ 1834.143236] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.154489] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1834.159645] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1834.167635] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.176077] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.182055] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1834.184165] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.199017] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.208329] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.218426] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1834.221082] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.237553] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.247959] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.256182] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.256608] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.273023] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.281315] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.289723] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.292132] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.298029] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.314607] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.322996] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1834.333348] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.342479] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.348791] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.350953] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1834.366474] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.375652] Interruptibility = 00000000  ActivityState = 00000000
[ 1834.377247] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.381908] *** Host State ***
[ 1834.381922] RIP = 0xffffffff811fa113  RSP = 0xffff880187b1f390
[ 1834.381943] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1834.390446] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.399487] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.405989] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1834.414560] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.428742] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.445632] FSBase=00007f1e5f1f5700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1834.449015] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1834.454411] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1834.467489] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.471644] Interruptibility = 00000000  ActivityState = 00000000
[ 1834.475604] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.482193] *** Host State ***
[ 1834.489896] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426e0
[ 1834.493451] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1834.500228] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.506516] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1834.514259] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1834.521246] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1834.527510] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.527524] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1834.536582] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1834.544210] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1834.552545] CR0=0000000080050033 CR3=00000001d8bc9000 CR4=00000000001426e0
[ 1834.558179] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1834.571617] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1834.571764] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1834.579708] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1834.586298] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1834.599745] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1834.606231] *** Control State ***
[ 1834.614886] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1834.619382] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1834.635207] Interruptibility = 00000000  ActivityState = 00000000
[ 1834.635263] *** Control State ***
[ 1834.641766] *** Host State ***
[ 1834.644961] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1834.648437] RIP = 0xffffffff811fa113  RSP = 0xffff880183617390
[ 1834.654927] Interruptibility = 00000000  ActivityState = 00000000
[ 1834.661059] EntryControls=0000d1ff ExitControls=002fefff
[ 1834.672667] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1834.673468] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1834.679169] EntryControls=0000d1ff ExitControls=002fefff
[ 1834.686408] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1834.691600] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1834.698580] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1834.705226] FSBase=00007ff4ae3a9700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1834.705236] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1834.705248] CR0=0000000080050033 CR3=00000001cdf9b000 CR4=00000000001426e0
[ 1834.705262] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1834.705274] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1834.719803] *** Host State ***
[ 1834.725844] VMEntry: intr_info=8000008f errcode=00000000 ilen=00000000
[ 1834.734326]         reason=80000021 qualification=0000000000000000
[ 1834.741254] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1834.746930] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1834.750152]         reason=80000021 qualification=0000000000000000
[ 1834.758463] IDTVectoring: info=00000000 errcode=00000000
[ 1834.763180] *** Control State ***
[ 1834.770020] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1834.775834] IDTVectoring: info=00000000 errcode=00000000
[ 1834.782274] TSC Offset = 0xfffffc27c32900e9
[ 1834.787714] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1834.791317] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1834.797601] TSC Offset = 0xfffffc28522987a0
[ 1834.805224] TPR Threshold = 0x00
[ 1834.807597] EntryControls=0000d1ff ExitControls=002fefff
[ 1834.814912] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1834.824872] TPR Threshold = 0x00
[ 1834.829569] EPT pointer = 0x00000001d806d01e
[ 1834.836382] CR0=0000000080050033 CR3=00000001d33a2000 CR4=00000000001426f0
[ 1834.844313] EPT pointer = 0x00000001c574201e
[ 1834.860227] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1834.867585] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1834.878591] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
03:49:12 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x80ffff00000000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1834.886565] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1834.898342] *** Control State ***
[ 1834.906461] *** Guest State ***
[ 1834.908268] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1834.910439] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1834.925426] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1834.926490] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1834.941116] EntryControls=0000d1ff ExitControls=002fefff
[ 1834.942014]         reason=80000021 qualification=0000000000000000
[ 1834.946701] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1834.960798] CR3 = 0x0000000000000000
[ 1834.961352] IDTVectoring: info=00000000 errcode=00000000
[ 1834.964616] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1834.976072] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1834.982108] TSC Offset = 0xfffffc2845142145
[ 1834.987563] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1834.989058] TPR Threshold = 0x00
[ 1834.998749] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1835.001925] EPT pointer = 0x00000001d214d01e
[ 1835.011264] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1835.018191] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.026272]         reason=80000021 qualification=0000000000000000
03:49:13 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x8, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={<r3=>0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x9, &(0x7f0000000080)='/dev/kvm\x00'}, 0x30)
sched_setaffinity(r3, 0xffffffffffffff2f, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:13 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x80, 0x0)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000340)={[0x0, 0x6000, 0x4000, 0x10000], 0xac34, 0x40, 0x6})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {0x1}, {0x0, 0x1}, {0x800000000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000b40)={"82aa1d82855f036364521f6a3d097d414c55cf11244ff81f4bea6618f8d9da21bd1cc1c2e92d3c9754993823b6c0fa7113ba66da844e09341ea1a082231584f7abef58f574e17c54c7d8278012b3877cbc1fdf9ff002cd732617e93ec61ac7ee8f0e387d5b2995c26e6f0f95c1dc4bc046d7153ab7541aca999a5935aee938306596035523ec91e8a312e0f8d126a81b7b6dcc405a3d43b9bea4652c9f87a0b3f24c4b11c0ed7af8c0eb4f93eeabaf9ef5891e8c7514eeb4424e73dca4ff7522b0c9fdbb49192bb25097674aa9b27de3b1b54e4fb2417c856bf9346b9825ae1839aaced2751aabe0468ab8a1ad05034cfca7d01902de889d7a8257650f00174ca90e9914d7022d5a6acd9d6f4494054452107cb1f3ff69dc3b653dbebf81ac810c734f163fbc203b2d8fb5dbb340464e0282c6dd151c504f8eb633d480007c7d5cd8f566f84a74dfd313df04f73f5796c66711816c9c8db2686652e4636f4498eed2b5a62ddb9cc12cf24b7eedb5e507cf557f71b9888e740f722d28961bfbd816e40ff45bff3ed2ff67578a93f396566bf0b48bb4811b97fc038f6b9274965ea5cf04c60c27f6f4fd2f77ecf3880f1da6addfdc0835d986b6cb076bad1b88d5e36c294e2620b948ae6cb40e81135ed26d99bbfcb1bdd2b3d3498d85f7289ec4ad29ba233b9693dc3d21e196e0a52f1512b9643ddf7e89c914ea2f1adab0b3c3eaaea5d3ed2c875e59c86ccc7b73e2b8e29bafa8b111f1e725edab3f9cfeb0d37b64be55c754dc0579622be2efb5664f14c747425c1a4e8069dda0a79f855e2477b750ad327e4e835c937613895113920e49595d14daf05beff2fba5c4f0a6da40e4ea97e16f00f10588d190eee0b090edbee4d9f626fbe7ab920a4458c8d6a2249017699ef620e20e4896e3e9908d0f927cbf934265345d74a0e97aa018eb4246c4e6286c30d6e3702384a21e1af0537e846ef5c8da9a1c0ce76e3e07bb769f2cde2a3a059df748f6c660c947f8dbcfadf8a7e1a340eb53e208a163f8ba44c36971eedee942a676c6b4425faba0431932796a15617f505181a34e811e815921615dca242a59774ab5647d1ec5894fa94d093a1ae7dbe0c9adcda510cbf1969281df57f8c1dcc3427f8d3755f21ae16188c9b3709744d947ffadcdc4079dcda0f9e39abd5c07fa940b227e4eaca2d25acb47c6538bbb1cc906b3f98613a19ebda1a85d316042355b298d62403aca35f8eabd95de964a4c3b56434691119a62bc043dd4239616612877606ebe849e16d924ea6e2c85ee45ae99411c16e4650deae884e2b7deb744077154a5e1b9f7aeb1aa584552c4fae33e49c208e81162b2df26342b9cd1649bc60f57665bf3edc246f4ab4fe4c3931207ba23eff6e443d1f1b4bced03e0e213ebba399235568e11b0b31dfda26005d9a2795520d4d342ffe9"})
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x2)

[ 1835.032752] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.041612] IDTVectoring: info=00000000 errcode=00000000
[ 1835.047262] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.058795] TSC Offset = 0xfffffc27ba479a04
[ 1835.083216] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.099074] TPR Threshold = 0x00
[ 1835.115682] *** Guest State ***
[ 1835.119107] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1835.124906] EPT pointer = 0x00000001cf30601e
[ 1835.128502] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1835.141670] CR3 = 0x0000000000000000
[ 1835.145542] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.145879] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1835.160231] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1835.175557] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:13 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x10, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1835.187970] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1835.204938] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.220266] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.237593] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.258910] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.268412] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, {}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000340)="baa000ecc0ec002e0f00980d00f265f2d300440f20c0663507000000440f22c00f01cadae9baf80c66b8d28c708766efbafc0cb80600ef0f20c06635010000000f22c0f23ef20f08", 0x48}], 0x1, 0x22, &(0x7f0000000180), 0x0)
madvise(&(0x7f0000fef000/0x4000)=nil, 0x4000, 0x1b)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x80813, r2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r3, 0x111, 0x2, 0x1, 0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1835.286117] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.304080] *** Guest State ***
[ 1835.314905] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1835.324482] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.327546] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:49:13 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x7, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x2, 0x800000000000000)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f0000000080))

[ 1835.344988] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1835.353513] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1835.354073] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.364507] Interruptibility = 00000000  ActivityState = 00000000
[ 1835.378956] CR3 = 0x0000000000000000
[ 1835.390520] *** Host State ***
[ 1835.402411] RIP = 0xffffffff811fa113  RSP = 0xffff88017e4ff390
[ 1835.408831] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1835.415105] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.434656] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1835.436525] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1835.447252] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.449533] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1835.464078] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.472195] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1835.480795] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.485465] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:13 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x15, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1835.497717] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1835.503698] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.507314] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426f0
[ 1835.523293] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.538255] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:49:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000480)='/dev/uinput\x00', 0x802, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
r3 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x8, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000340)={<r4=>0x0, 0x5c, "c79d78553b96694806b599c591734239c82a3cc15cac34340658bcad2a7286700e01422c0dac64922b7df7dd722ea43723f5c4a6c8d8205d3aa4b4d145389bdd20920f626c68eb3e955c3be9502b2fe7ad1cb0dd30856d2afbf37ab0"}, &(0x7f00000003c0)=0x64)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000400)={r4, 0x101}, &(0x7f0000000440)=0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000000))

[ 1835.545683] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.546345] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.566413] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.570070] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1835.583834] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.606615] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1835.607991] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.614285] *** Control State ***
[ 1835.628974] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.639677] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1835.641173] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1835.659289] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.668486] EntryControls=0000d1ff ExitControls=002fefff
[ 1835.673839] *** Guest State ***
[ 1835.675500] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1835.681032] Interruptibility = 00000000  ActivityState = 00000000
[ 1835.685433] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1835.695898] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.705618] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1835.714549] *** Host State ***
[ 1835.718272] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.727328] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1835.736825] RIP = 0xffffffff811fa113  RSP = 0xffff8801c1427390
[ 1835.736981] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001
[ 1835.749756] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1835.750624]         reason=80000021 qualification=0000000000000000
[ 1835.766424] IDTVectoring: info=00000000 errcode=00000000
[ 1835.772012] TSC Offset = 0xfffffc2746eadc6e
[ 1835.772181] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1835.780191] TPR Threshold = 0x00
[ 1835.783053] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1835.786415] EPT pointer = 0x00000001d806d01e
[ 1835.799336] CR3 = 0x0000000000000000
[ 1835.799645] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1835.803149] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1835.811385] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1835.822955] Interruptibility = 00000000  ActivityState = 00000000
[ 1835.823182] CR0=0000000080050033 CR3=00000001d3483000 CR4=00000000001426e0
[ 1835.836973] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1835.845339] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1835.852176] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1835.859243] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.863856] *** Host State ***
[ 1835.867652] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1835.876784] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.877135] *** Control State ***
[ 1835.893967] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1835.894038] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
03:49:13 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x80ffff]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:13 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x13, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x200000, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000f000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000180)="2e0f01ca66baf80cb8424cc187ef66bafc0c66b8020066ef66b87f000f00d02e2e660f383397d50400000f0094e7000000000f32b84ca67a450f23d00f21f8353000000c0f23f8ea6fa400000301b8010000000f01c1f20f32", 0x59}], 0x30f, 0x0, &(0x7f0000000080)=[@efer={0x2, 0xc00}], 0x1000000000000280)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x6)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1835.911052] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.919179] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.929817] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.938703] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1835.939513] EntryControls=0000d1ff ExitControls=002fefff
[ 1835.945402] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1835.954613] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1835.974219] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1835.982454] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1835.991002] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1836.004037] *** Guest State ***
[ 1836.009574] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.013581] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1836.020833] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1836.032614] CR0=0000000080050033 CR3=00000001d33a2000 CR4=00000000001426e0
[ 1836.035326] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1836.040099] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.049347] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1836.057341] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1836.075777] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1836.085414]         reason=80000021 qualification=0000000000000000
[ 1836.091841] IDTVectoring: info=00000000 errcode=00000000
[ 1836.097906] CR3 = 0x0000000000000000
[ 1836.102398] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1836.108738] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1836.115713] TSC Offset = 0xfffffc272a48b1b4
[ 1836.121302] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1836.127786] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1836.131653] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1836.135626] TPR Threshold = 0x00
[ 1836.145748] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1836.151517] *** Control State ***
[ 1836.152543] Interruptibility = 00000000  ActivityState = 00000000
[ 1836.162275] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1836.162355] *** Host State ***
[ 1836.174354] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.182916] EPT pointer = 0x000000018b72401e
[ 1836.183748] EntryControls=0000d1ff ExitControls=002fefff
[ 1836.187723] RIP = 0xffffffff811fa113  RSP = 0xffff8801bf2a7390
[ 1836.200839] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:14 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x2, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:14 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = socket$inet6(0xa, 0x1, 0x9)
getsockopt$inet6_buf(r3, 0x29, 0x0, &(0x7f0000000340)=""/167, &(0x7f0000000080)=0xa7)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xff, 0x0, 0x6], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1836.215586] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1836.223201] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1836.223740] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.253796] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1836.267303] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.283510] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1836.302158] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1836.303418] *** Guest State ***
[ 1836.309795] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1836.320261] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.329678] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1836.330021] CR0=0000000080050033 CR3=00000001c0125000 CR4=00000000001426e0
[ 1836.339243] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.358971]         reason=80000021 qualification=0000000000000000
[ 1836.360864] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1836.369541] IDTVectoring: info=00000000 errcode=00000000
[ 1836.375925] CR3 = 0x0000000000000000
[ 1836.383521] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1836.391633] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1836.392070] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1836.398805] TSC Offset = 0xfffffc271062191a
[ 1836.405004] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.408995] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1836.418980] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1836.426657] *** Control State ***
[ 1836.432838] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1836.433906] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1836.447825] TPR Threshold = 0x00
[ 1836.451753] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1836.459806] EPT pointer = 0x00000001ba3cb01e
[ 1836.470086] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.475524] EntryControls=0000d1ff ExitControls=002fefff
[ 1836.488819] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.497204] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.499639] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1836.511841] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:14 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x3, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000540)={0xfffffffffffffffe, 0x0, {0xffffffffffffffff, 0x3, 0x8001, 0x0, 0x5}})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000500))
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000180))
r3 = fcntl$getown(r1, 0x9)
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f00000003c0)={0xfffffffffffffff9, {{0xa, 0x4e23, 0xfffffffffffffffc, @mcast1, 0xe8}}}, 0x88)
sched_setaffinity(r3, 0x8, &(0x7f0000000380)=0x2)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$inet_icmp_ICMP_FILTER(r4, 0x1, 0x1, &(0x7f0000000140)={0x4}, 0x4)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000005c0)={0x3, 0x0, [{0x0, 0x2, 0x6, 0x7, 0x5, 0x51dcd467, 0xfffffffe}, {0x6, 0x7, 0x0, 0x1000, 0x6, 0x400, 0x5}, {0x2, 0xf93, 0x5, 0x401, 0x7ff, 0x3, 0xffffffffffffffff}]})
shutdown(r4, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1836.520619] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1836.523447] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1836.531261] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.558610] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1836.574991] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.579505] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1836.590101] Interruptibility = 00000000  ActivityState = 00000000
[ 1836.595832] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.610590] *** Host State ***
[ 1836.613896] RIP = 0xffffffff811fa113  RSP = 0xffff88018438f390
03:49:14 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x11, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1836.632365] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1836.636590] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1836.640514]         reason=80000021 qualification=0000000000000000
[ 1836.654187] *** Guest State ***
[ 1836.659606] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1836.670027] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1836.678686] IDTVectoring: info=00000000 errcode=00000000
[ 1836.686673] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1836.689943] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.701973] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1836.709742] TSC Offset = 0xfffffc26dde01184
[ 1836.714145] TPR Threshold = 0x00
[ 1836.718551] CR0=0000000080050033 CR3=00000001d97cf000 CR4=00000000001426e0
[ 1836.721313] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1836.726421] EPT pointer = 0x00000001c5f5a01e
[ 1836.733957] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.738614] CR3 = 0x0000000000000000
[ 1836.750757] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1836.757680] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1836.758397] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:49:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x1)
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1836.780504] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1836.781286] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1836.799190] Interruptibility = 00000000  ActivityState = 00000000
[ 1836.808656] *** Host State ***
[ 1836.813113] RIP = 0xffffffff811fa113  RSP = 0xffff880187b1f390
[ 1836.826081] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:49:14 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400000)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000003c0)={<r1=>0x0, 0x2, 0x30, 0x8, 0x401}, &(0x7f0000000400)=0x18)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000440)={r1, 0x0, 0x0, 0xe53c, 0x4, 0x8}, &(0x7f0000000480)=0x14)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x7, 0x100000001, 0x1, 0x8})

[ 1836.832618] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1836.851865] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1836.870210] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.885219] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1836.893086] *** Control State ***
[ 1836.909157] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1836.909279] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.916272] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1836.930056] EntryControls=0000d1ff ExitControls=002fefff
[ 1836.935853] CR0=0000000080050033 CR3=00000001cc9c0000 CR4=00000000001426e0
[ 1836.947285] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.952862] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1836.962120] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1836.974383] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1836.974739] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1836.980798] *** Control State ***
[ 1836.992597] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1836.999648] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1837.006973] EntryControls=0000d1ff ExitControls=002fefff
[ 1837.012490] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1837.017639] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.019485] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1837.034534] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.042716] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.050857] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.051955]         reason=80000021 qualification=0000000000000000
[ 1837.058991] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.066001] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1837.073486] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.088241] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1837.090129] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1837.095046] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1837.109022] Interruptibility = 00000000  ActivityState = 00000000
[ 1837.109230] IDTVectoring: info=00000000 errcode=00000000
[ 1837.115408] *** Host State ***
[ 1837.121120] TSC Offset = 0xfffffc26b0905a5d
[ 1837.124051] RIP = 0xffffffff811fa113  RSP = 0xffff8801844ff390
[ 1837.134483] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1837.134933]         reason=80000021 qualification=0000000000000000
[ 1837.147806] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1837.155635] TPR Threshold = 0x00
[ 1837.155644] EPT pointer = 0x00000001d8d5b01e
[ 1837.163567] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1837.169790] CR0=0000000080050033 CR3=00000001bbf3e000 CR4=00000000001426f0
[ 1837.176999] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:49:15 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0xffff8000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:15 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0xd, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:15 executing program 3:
socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000000))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000340)={0xd6, "1c0420c835296ae6e36f4fc2d51fb812d0e337b28f7dcb47befffae2161dd79a56cdfceb890ea0e0aecf50a03b4d60c6afca954141c6c0bab5c9b934f89e74596ff514a79dcc8c1cba2449a4a85801bcf3dcae5a754619492a4d1d3e9d52f45d5a5e334a8d3b8fdd90b1b36fc682a4ab9203974e18e87350bf6e1963daefd4e2f7ed5d98a021d2b5682f9b8bd4bcc85a4ba86f4fadde821a47ee99c587eaeef43e1162560ace3303045cb0d2eaf022bb8068f809b6cfc3b76f795364dddc921a4a74bd9c3196c5c56bf6f490baf6342ec1b31fca988a"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1837.183820] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1837.185049] IDTVectoring: info=00000000 errcode=00000000
[ 1837.194916] *** Control State ***
[ 1837.201166] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1837.209912] EntryControls=0000d1ff ExitControls=002fefff
[ 1837.214965] TSC Offset = 0xfffffc2687df3e88
[ 1837.218811] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
03:49:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2)
write$binfmt_elf64(r3, &(0x7f0000000300)=ANY=[], 0x303)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0xe9, &(0x7f0000000080)=""/233}, &(0x7f0000000180), &(0x7f0000000240)=""/126, 0x0, 0x0, 0x0, &(0x7f00000002c0)})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
write$binfmt_script(r3, &(0x7f00000005c0)=ANY=[@ANYBLOB="2321202e2f66696c65300af5261e68096d5c0229a3b790564806b2d199ab53bb15d0f456464f127c998493b19e80"], 0x2e)
poll(&(0x7f0000000180)=[{r3}], 0x1, 0x5)
shutdown(r4, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1837.239021] TPR Threshold = 0x00
[ 1837.252446] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1837.261454] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1837.265556] *** Guest State ***
[ 1837.278166] *** Guest State ***
[ 1837.283837]         reason=80000021 qualification=0000000000000000
[ 1837.290429] EPT pointer = 0x00000001c300c01e
[ 1837.291639] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1837.304174] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1837.310244] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1837.313217] IDTVectoring: info=00000000 errcode=00000000
[ 1837.327992] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1837.338481] CR3 = 0x0000000000000000
[ 1837.348262] TSC Offset = 0xfffffc265a105996
[ 1837.354614] CR3 = 0x0000000000000000
[ 1837.355666] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1837.365216] TPR Threshold = 0x00
[ 1837.369040] EPT pointer = 0x00000001c3d6001e
[ 1837.369224] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1837.373673] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:49:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:15 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x5, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1837.395900] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1837.402879] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1837.410307] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1837.422019] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.428507] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.431201] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.455313] *** Guest State ***
[ 1837.458617] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1837.494600] *** Guest State ***
[ 1837.498131] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.508328] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.509695] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1837.525849] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1837.534695] CR3 = 0x0000000000000000
[ 1837.538983] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.548271] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1837.557753] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.560117] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.566732] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1837.580129] CR3 = 0x0000000000000000
[ 1837.583933] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.592262] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1837.598564] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1837.604622] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.612943] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1837.619268] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1837.626021] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.626041] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.648674] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1837.656771] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.670559] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.674960] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.683632] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.695064] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.703186] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.711666] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.717014] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.720100] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.736418] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.744556] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.753025] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.761194] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.761475] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.769269] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1837.777661] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.795742] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.798328] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1837.803876] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.822418] Interruptibility = 00000000  ActivityState = 00000000
[ 1837.829667] *** Host State ***
[ 1837.832950] RIP = 0xffffffff811fa113  RSP = 0xffff8801cb827390
[ 1837.839227] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.840832] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.847712] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1837.855930] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.862528] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.872055] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.877817] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1837.892338] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.893719] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.904479] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.909676] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1837.918003] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1837.923619] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.931924] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1837.947627] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1837.948031] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1837.954172] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1837.961190] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1837.967404] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1837.982155] Interruptibility = 00000000  ActivityState = 00000000
[ 1837.982195] CR0=0000000080050033 CR3=00000001c18c7000 CR4=00000000001426e0
[ 1837.988522] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1837.995966] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1838.002991] *** Host State ***
[ 1838.010059] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1838.012971] Interruptibility = 00000000  ActivityState = 00000000
[ 1838.019425] *** Control State ***
[ 1838.025369] Interruptibility = 00000000  ActivityState = 00000000
[ 1838.029041] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1838.035109] *** Host State ***
[ 1838.045084] EntryControls=0000d1ff ExitControls=002fefff
[ 1838.048348] RIP = 0xffffffff811fa113  RSP = 0xffff8801c41ef390
[ 1838.050542] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1838.050551] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1838.050564] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1838.063554] *** Host State ***
[ 1838.072389] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1838.077073] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1838.080484] FSBase=00007fe0750e3700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1838.086573] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1838.100554] RIP = 0xffffffff811fa113  RSP = 0xffff88018438f390
[ 1838.107997] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1838.118778] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1838.119099] CR0=0000000080050033 CR3=00000001bbf3e000 CR4=00000000001426e0
[ 1838.133745] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1838.133823] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1838.139791] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1838.151412] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1838.152912] CR0=0000000080050033 CR3=0000000187281000 CR4=00000000001426e0
[ 1838.160578] *** Control State ***
[ 1838.166239] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1838.173069] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1838.177344]         reason=80000021 qualification=0000000000000000
[ 1838.184528] EntryControls=0000d1ff ExitControls=002fefff
[ 1838.190427] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1838.196367] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1838.202684] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1838.215540] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1838.215556] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1838.221688] *** Control State ***
[ 1838.228686] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1838.232357] IDTVectoring: info=00000000 errcode=00000000
[ 1838.243940] CR0=0000000080050033 CR3=00000001c745a000 CR4=00000000001426f0
[ 1838.244335] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1838.251719]         reason=80000021 qualification=0000000000000000
[ 1838.257782] TSC Offset = 0xfffffc260388c7ee
[ 1838.268540] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1838.273083] IDTVectoring: info=00000000 errcode=00000000
[ 1838.275383] EntryControls=0000d1ff ExitControls=002fefff
[ 1838.282268] TSC Offset = 0xfffffc265a105996
[ 1838.286295] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1838.290987] TPR Threshold = 0x00
[ 1838.298721] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1838.307167] *** Control State ***
[ 1838.307174] EPT pointer = 0x00000001c3d6001e
[ 1838.310713] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1838.325610] TPR Threshold = 0x00
[ 1838.329261] EntryControls=0000d1ff ExitControls=002fefff
[ 1838.334925] EPT pointer = 0x00000001c8ac001e
[ 1838.339457] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1838.346263] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
03:49:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:16 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x18, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = getpgrp(0xffffffffffffffff)
syz_open_procfs(r2, &(0x7f0000000680)='net/softnet_stat\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
connect$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, {0x2, 0x8, 0x0, 0x7, 0xffff, 0xf6e}, 0x81}, 0xa)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000340)={{{@in=@multicast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@local}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000440)=0xc)
write$FUSE_CREATE_OPEN(r4, &(0x7f00000004c0)={0xa0, 0x0, 0x8, {{0x4, 0x2, 0x723, 0x8, 0x400, 0x40000000000000, {0x3, 0x81, 0x8, 0x9a04, 0xffffffff00000001, 0x4, 0x5579, 0xfa, 0x5, 0x6, 0x7, r5, r6, 0x5, 0x398}}, {0x0, 0x4}}}, 0xa0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
connect$bt_rfcomm(r4, &(0x7f0000000580)={0x1f, {0x3, 0x1, 0x4, 0x4, 0x0, 0x9}, 0x2a135409}, 0xa)
ioctl$sock_netdev_private(r4, 0x5, &(0x7f00000005c0)="96c02bc8fd605f0b7972428e13be96fe0fe5049c55a8184f7b65629eb57e945a3908b5f5a76d345e3f79981d8228b5f2c63e39cd8dbf33abac140bc5306a8e45d7d09baee2c92a3a0fe89628efc89098e5753e5275c287176b33f94bcec29e632ee68e2c68cf7d79fc84e8546a797a0bb1673eb6c4aa80d0cec8c1fc759e83296d7a8b5cba6a4e83eeecfb44987885a1a34e516d5d3c626104f7d3ca0a")

[ 1838.353414] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1838.353572] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1838.367913] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1838.394986]         reason=80000021 qualification=0000000000000000
[ 1838.401331] IDTVectoring: info=00000000 errcode=00000000
03:49:16 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x21, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1838.401338] TSC Offset = 0xfffffc2601e9e375
[ 1838.401343] TPR Threshold = 0x00
[ 1838.401353] EPT pointer = 0x00000001bd67901e
[ 1838.419213]         reason=80000021 qualification=0000000000000000
[ 1838.436543] IDTVectoring: info=00000000 errcode=00000000
[ 1838.447115] TSC Offset = 0xfffffc25e4167f76
[ 1838.451507] TPR Threshold = 0x00
03:49:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000000)={0x6, 0x9, 0x2, 0x5, 0x3fff80000})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000340)={0x5, 0x1, 0x9, 0x4, 0x6, 0x100})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11f005})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x100, 0x0)
ioctl$EVIOCGREP(r3, 0x80084503, &(0x7f00000003c0)=""/189)

03:49:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1838.460794] EPT pointer = 0x00000001d266401e
[ 1838.476038] *** Guest State ***
[ 1838.479333] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0x80ffff00000000]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1838.527341] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1838.569236] CR3 = 0x0000000000000000
[ 1838.575125] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1838.596762] *** Guest State ***
[ 1838.602791] RFLAGS=0x00000002         DR7 = 0x0000000000000400
03:49:16 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x4, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1838.612662] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1838.638302] *** Guest State ***
[ 1838.638567] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1838.641625] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1838.641656] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
msgget$private(0x0, 0x408)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4f2681, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1838.666563] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1838.678880] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.684504] CR3 = 0x0000000000000000
[ 1838.710080] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1838.713487] CR3 = 0x0000000000000000
[ 1838.724245] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.740216] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1838.742666] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1838.753870] *** Guest State ***
03:49:16 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x1a, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1838.756276] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1838.763984] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.765808] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.772741] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1838.788927] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1838.795097] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.803392] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1838.805747] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.818143] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.824988] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1838.838287] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.840778] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.857849] CR3 = 0x0000000000000000
[ 1838.862205] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1838.866586] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.869585] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.884307] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.884456] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1838.899022] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:16 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x14, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1838.907172] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.915569] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.925827] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.929294] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1838.941197] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.954940] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.965297] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.969273] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1838.981475] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1838.992912] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1838.993057] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.006865] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1839.015850] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.023951] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.038949] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1839.041142] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1839.055402] Interruptibility = 00000000  ActivityState = 00000000
[ 1839.061845] *** Host State ***
[ 1839.063181] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.068099] RIP = 0xffffffff811fa113  RSP = 0xffff8801d2947390
[ 1839.076637] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.079762] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1839.093793] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.094224] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1839.102065] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1839.110256] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1839.123756] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1839.124099] CR0=0000000080050033 CR3=0000000182317000 CR4=00000000001426f0
[ 1839.131728] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1839.145243] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.153328] Interruptibility = 00000000  ActivityState = 00000000
[ 1839.159755] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.160042] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1839.167855] *** Host State ***
[ 1839.178305] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.180239] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1839.186454] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1839.193086] *** Control State ***
[ 1839.200640] RIP = 0xffffffff811fa113  RSP = 0xffff8801844ff390
[ 1839.204455] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1839.210102] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.210115] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1839.210133] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.217416] EntryControls=0000d1ff ExitControls=002fefff
[ 1839.227704] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.241299] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1839.247264] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1839.254831] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1839.268240] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1839.275131] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1839.282876] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1839.293410] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1839.297249] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1839.304091]         reason=80000021 qualification=0000000000000000
[ 1839.309802] CR0=0000000080050033 CR3=000000018105c000 CR4=00000000001426f0
[ 1839.323220] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.323267] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1839.331300] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1839.339206] IDTVectoring: info=00000000 errcode=00000000
[ 1839.345505] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1839.345517] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1839.345526] Interruptibility = 00000000  ActivityState = 00000000
[ 1839.345530] *** Host State ***
[ 1839.345541] RIP = 0xffffffff811fa113  RSP = 0xffff880187f8f390
[ 1839.345569] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1839.351386] TSC Offset = 0xfffffc2561c6e256
[ 1839.357531] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1839.368478] Interruptibility = 00000000  ActivityState = 00000000
[ 1839.371905] *** Control State ***
[ 1839.375289] TPR Threshold = 0x00
[ 1839.380991] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1839.389013] *** Host State ***
[ 1839.391809] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1839.404853] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1839.410929] CR0=0000000080050033 CR3=00000001bd019000 CR4=00000000001426e0
[ 1839.410946] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1839.410958] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1839.410968] *** Control State ***
[ 1839.419229] RIP = 0xffffffff811fa113  RSP = 0xffff880187b1f390
[ 1839.442220] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1839.456112] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1839.458070] EPT pointer = 0x00000001c5b4a01e
[ 1839.464188] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1839.479237] CR0=0000000080050033 CR3=00000001d8d0a000 CR4=00000000001426e0
[ 1839.482820] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1839.489157] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:49:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d0000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:17 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x1c, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = creat(&(0x7f0000000380)='./file0\x00', 0x20)
write$UHID_INPUT(r2, &(0x7f00000014c0)={0x8, "565e22cbd308056be01f6119638d73ff1cf49d3b5ddf21749d4102765edaecf4abf937e0b0ec25693d6ac7a842420805cefdb5513b2de47322b28ef0acf4a87b7ce43310e8d233c5680021359b02c6603fed2164677e00d92ee198ad3758065a07b2cf7555f291b06d1f748a15e7c2d9d800c5c256dd7f02a0dfafa0ddafa40fb05349a9975095baeb8eda4ec297a9241a60688ca194a3a97beea70efc0d8e45449f44174f5122136873833a32c0b945812d08205da8546c01a8fd2d4cb03e58c74063b65be3403cee7d12845c36c17ac9864670694815896855e53db02ee6d411720264927cdd43baa267de5606d3eb2662a09ed811057fca5dc60f42ec839fe1e77b3cb889752f15300375be741e8ec10d6e830abab045de1dabbc24242197135b133b5130c0f560c02e459f6fda43d0f8dcb50f59c1b428e823cb46b8911fd666a60a587f9adbb21444275b449f7de134a0ef53d8612d39c77dd79325f3d4b96c5c1799780a78a2ac526f7591b2b196e261be6a77facd659d662b981518d10535039699504cbd3d5b7a2b87234d457fa5d6eb2554c2849fbe910246c81be5ba663250dfd25904b5f6b2f361ecbc02238857c0ee6d8f24f3b3a8986ffbd5f459f67350d3e84f8926b2d46e94f22f60f92a114b15f4370003b3daef67c5e32b9f1c6a85d8b2a5836700fb45788424d3fa6b9f1b98c39a6e691f5cfe5b9c2013dfeaaf740b95feb132136e75b032b30064a32fcfd3aa0fcecf1b3ca7c1ac887ca91317583b069498b36f23330100935cd10f9d43f7e9c8d18cfcca7ef8f52044f71818c04cff8003fb597b3e544f280f5c432f283f0310fe12898b0c7b94a6f5db04ff73f75844424d9ae0e16506240fc857a8baf6baeca8baa522b14961855eabcec212ab8fe138372c45a86ea11ae7cfba873fc37dc36f70cc4c26202f9ec92ab2b5bebd591a2a85c0f32c050d285ad3dcca9acfe0ab88e54da4ea4b6847c3b4f3fdacb3801dfc44673ebe7f32d5aef51eb8ca2d53ebf068d653b21e3801e0b342d4a89cabae238edd019c8710e9fd8b07a80c197c5c21710f0ff85206c968723f83ef6dbad702e1ec598fbe15e2a140e70a0c1d6001ff5a2f41ba25ee8a7b40c8598ab214e6fd4be2a098de82275203ef8380a05190fded99add362e8d4a5cfd4732fc0d52d8373f3db2185cbe147a798b6f0d2527e4b60c268be2bd7ee09f6d880e8b2b532262e16ff4a819a22670349870a2da89e2260f9560406869e386bdc93f9eab7b04d68e8ebc12024a555578884d16b6c4409215af78c60ffc0f04e75c5dfbe5e597683b4f4a76bbfac80fdcaa108971f8653f202988652f8e1e2c730f36312d9594e3438bd197bfe1adea616b16824ae4d8299aa93d6d39704dae3f8b5511a7a11294ce302dad56b7d81858a2ef9fd5e2f4ee120e04764a2f6a464be5787de72811117240271e50f09ecf0caff715dfcdfcab58a84c98a94093b97b438def46ce928b22f9dd5ac554f83a551146f7fea14e9b025d1075dc2aec66e6e745c3346d4f8fde9de255786bcce116eef0cf35a4397a3d0f136bea5dfc031560cc286d004b05ece3819f0dfd853ad26a75392c18302416abdc0f70a17cb7b1aa2c310c2415292832d580499e3704709208ae3b3883c493367e4b741699d6e6f49d1d1eb6f3f639d994cdb890f1d347d9d05e3cf5c6b000fc1703b11b58884fd3e9961db62d4eed3e3fe8d7608aa3a6feaea1eff8213f457e9067b015cc5ad68285cf805e684afdf530178ee7fd3956b3879cfdee981f6980a23097434a8333a49ec521789b50fd54ce5558dfdca812e59266789fa665fbc0f4ed92cd2bee0ee77b3f27af92331f44803fb5f42ff59507e6631e05c52ff05e1bb0dae3502c67afab01a2e0ea3c7b2c2581846c03acd167a8ed98f6746070de2312c21ee2f0e945e5dc7ca5d2583fc5fb04ba0471fa73c62292288d05edfa0885d087b5a181b06b15a6779bfcfe4e1029b431f5d1abbff9b4214a0bf2feb40578f40d93fb244bb39e05f1137fc302554ecb098881035245f1b244f37d002cc5bc424ca9305f5b46650bb15f58a82ff5a430a5d79b9d10c076c4100fec2cd44d7e9842baf7486cd69d5a1cf4debfcdf190a2b2056b34e313a93c93c0e08dfa66cb40139decd485b4bf7d728556d36ea3f75e3b6f43273d543e00cd96a7bb7a75c9ede376fc5fa74926c00c0d82f9f1cd68a4cf40b79d491579b6140fd92cdc4ca1c9b003a26f80fa299e04309a83501dfb6278b2fbb8df574f70e4a7defc3a7fa26fb0eeb24f9259e58005aa17f6b0a7fc740360edff90d06bc5aa69413b008c6e94455dbdfd4df1a57960cb0828d7d7535b357fe006a2f7530447c6370f5b5e95f5df1e6cb882f5ccf89e998bd18ca66af16fda8502134c72c3ba3a8dacc225b12928f59ba6642e7e5eb2800969f3be54ca4fc1d402c9d08f9113f1837f43fc0514e2229f4d374cf182e83529046fb9ddc83689bf77da6574d892a0c971e63c4d04b94bdc52397030b7f397c72a579f3483d1156134be6612ec63494557cf85a7b87983f792fb16ea5bb6ead594e9ba5e915e7e1a934e45fb16c82d4cc868823518ba9bab8e1fdee4fa048c5ac7220c6430a1bd3d09130897178cac4ff413f25e92b5c3363f5d6e1c70f98ff8cc5108d4fb4f8d96c53524b06e2fbc1013c7a5859f413f4eecd70c1f83653c9c607f80bc2498754352f53454b37f35eb0876e3983e3e85ac57a64e0905e52202a22b70e01a61d2cb4e203bd355ff02fa0cafafc93d0052cb6e480918ef698c82cd72bd3a7b3d9af00f6c86c096dbc86e0362899edc7ff153846ddf77072d00efc18f6da0371ab3de4f46fb6e3b9eeb23ed19d8adeb6c21ae0b2b687b75fc0273cbc73507469d4a4f3e982b2275bb7097f3e003e1712d0164cc8b2361c44bcbe1655d63b65d800511186371eafa5b9317b9d26842a15c55b68779eba0080b96ed0ac9f934e72e25d08ea1c91b88caf50a453dfd4c87ce9e91c2bdd27619ace38fbe980b508a01f8ea73839b6eea07913b73421ae6c8623bdd3e1e5bf4cc7ba2a601d1204a44dff8cc980250c223934e6968bd215a7c284ad4c44d1ed268f409c94b16625600f12a3e7baee5ceedadb42e3d21cde0910924125d9805bbe9000709aaa49c23dc9dee426c4ea3ceb348bac78349d1517fd8eb883e0101f02151e3e145dac5d4c45c6ff7f68bc0d3cedd54104b2025638f55777c613503e40cc52abcb09374ca1db5e123c147ae3c25b089af35f1786e203c28f0a35d0689e4f5b4da8ba234ce214301143ead0ab485c5cf4b35515288a8801f52585554f4d32f84a77763b030892b1bcd90fcfec432b8c508d347070dee330a7809fee2811f10821f51d462712d9d3fc35028d0bee952e23b4f444fb3ca0df99be58a6de715c4ed26252da0bc45368cdf2b840972bce9b87b0e94164904d07b86ec76f74ac6bfee158b752151fc396543f7dce4365f1543fddd4d65050bc437699bd9cb56b87da6808f35f6b9202e9fe947725873db95201ac1403a2b650beccb29785e3733efe52b371405f5e9f52c3e8d7265c57f574cec682963040359f8b7ae4484c6c8f0d0063bbc103fd56210b59c9d1859d31fcf275c605cb1da60814f7bca509da5b2434711f32bf39bcb3c386d3a2dad65ad63c84d0531114e129695820e2411d196a580caa30199935c5e5e9953c39083be5361b140119b9cbad916f9096864c0352c90d0185e5d9b387239103521584c8fb8860f65b5e3ae3f01fc4e739a94fab5345798b30a9d43df2f020f57756832a8dca7089d7042089afd04491724117e43d6c334f7c90d673ab0fa38b5827005cbca334378c1a9209acb2801ca42fdd33294f295e89dff0704aeaaed3738a56e59b919c29a2cbf2b5c0bddf7a37714ef8e4b31fbf19a7f0b5dd884cd7a3a81ca72494dd8587e722e24c9f07b9c44ceb989208802ca8f73f53d986466840372648d2f0d28099ca148f9747e4da2490169ea1979dbf884394fb8b2ed9e2f8913e65079c680e3449bcc77436a496f3a4f0f598ea99302ea056dae1a8d1142d1e2ef35a6f0b0f00690ef0ac8bf939d37c065ae6b0405361a2f517dde9a6ea7358e2549d4628248768e99c429259626bf065e016a44284433e736af4330a95928106ab9f069b8eb4ba31d63218757545c4897b750441ac8cdf97d24689df137eb56ca435caa1a4bf5b73071b2baf91b36919097eb1c17b5f9ef46506e1b50d2793c40b57de446d59c67fcf0a084354b1e5e7a5b8fee37635661f5a83b3751f116240e97f949d6123aaf5f76e4b4fbc4c50131b887d4c2f9ba7aab8378c1cd5fc2a3e40d76fdc577df8b383ca7344e31eabbe01b1dae432eb2bcdfd8d2cbf0961624a68a04eaba0623e9353c73ec55ec56cd03cb7ba0ea96e93e90f8b5c0ecaf34a9a65c45e6d30606fd5f6655b8c1a609aae3bf4bd2acc12febf30fb0654cbbf71ad034d5c77451e7e49fd2cd5a64cf34db406880f655ae4c1249c60c866fb3d424a3c1c9a74969557209dd34c53ecd6b09b7104acb1cca74deff7bb1cadb1af4eff6eb2901943c646aa4464b619759acab8bf6d42cb268a990ffb2bad2e01a738321491dea81dda9981e585cbc8eeb7773e1851d06a74172e0372c02afebaab3510746f2987ba7b55f0cf2bc844e76129477d56b3e41af1fa1ea00711d6a7e34daccfbebdb5d84a2db0576ab7a9c105d95e678f01cd66366d69fe6e7846b86d75915a924d0386fddee18eba6da7f67ab05b2e1cbf0dc54853f470db14156806e213f5d094409590907636ae9216d216dfe22c6d448b1527a0c3ae7cacc4cd5287e3802cc63dc397268d5777e0e1795cd60f4f9aea1bff89b37ad42b05b79edd31b3bba3f11e9aa4a18999d3045f59a02e37e326b6caa336ec320145a560810b05a3f5e00fbbb135b63e9c82b555812eb6a9e61ff2e47be6bb5e882e0aa08dce7c1e56069567538e7336528e850f99f10d1848b8d462ec5b4e0375188f605b70bd22de1fec5f1e2e4904358a35a0437f34b18579b1d51499132837580adbc29dcdcd7d47f758a47565013accb6a38a11fc562a817f3914763e92b6381fc5d154c9e5b646d46f272cb63d7307b1cdf89d541a495875c438ed1d396441308db958ba9adac3b92030703e4a63bc2ad062b81afd9c721dc4dc3c3b48adc2ca6812fd551fba9b4a9c080edb248d22c18fe3791188945a10f829ef64241b8336ea43dca73eb09d458a7e3e1c064112f0647d0bae6d6a76b19a8c2e8db014f5e1ce53a43b93fb4194e62b120ce2985cd2c0c11cb94098b30adcceb0f4e63aa2d78115f2dbb9f642963803fa2fb88a5dd45693da8282a7656cef4c14b20f971af4814ddc3c4934e32d6af8447bebd7c26c7b370b0b2e278ad0b8066c1e40c05138e74f927fa3641693f49b5a44588cee7280768c558d3bbf131de23e85612de7fab74ac24311e8092a9c13adf7231881010e7d4893e23687b04886552f29fd9d056c782daec98a73df30408edeec642d8617eee2a038f08ea8d3122a8ede517493d2b4af65e9bc5a28f50e09ed92b3656b8c6eec5cbcafbc69b0d37677d992056879fd580a6b1be25e96f608d0f2df892b2d64f337d55b6faa0bd3d1338de25628596a5f1fa33effb6472b1da4c35ea70cb4e53387670140cdaa0eccd5bb5f4420a0124800396c5ef1ce73f43e4b5e1b8451ddeb022b53e15e96c1b67404e490157334c58d3e2598840693ed9e4be29b7a4e", 0x1000}, 0x1006)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x40000000000009)
syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0xede, 0x0)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r4, 0x8917, &(0x7f0000000140)={'bridge_slave_0\x00', {0x2, 0x4e21, @remote}})
ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000400))
ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000080)=0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
sendto$inet6(r4, &(0x7f00000004c0)="5e63f9195139acf6b737e82ecf653c5362ae2d4a16e19073ac00cab26eca11b0f1e135a533de6d216b2759c83e8c2c65b6742ff9067b94de482294cbd88e20d00c35d45ddb4b9713e4fdc7917817861889b449e9a1584158675853319e9301d2e6becf9847ad108f6e9b6ffed86f1efc76e7145207a66122176b955d0ef57edb880f59b7d739be379079e19ca79d667d75d56b6129550b95d82da339f5d36cd4acf737f8dca610bb082636071c1f69f726b0cf47fe56b1230cc7f1990c07e97a14911c9497aac403a82edc322706a496c8326ae5514b2d6e681c6c04dcc0a015930fbe64d77e243ef11b9fa9f88d1b47d20a3e5285f734bee0a91a73048ba2177382a302394a43e20037e601b6379734df525ee8d3d536bfe9acfe81fec4fcc4efa56a33cec6a3b7e72f6c09c6f38c9f13f71cf3c8d21656f2a975173cb4dbe9a86f749b262ca6c1d5f994ac019beaebd9d46a78e29c6f0d89b715c6b1810457dc5afcc6e9250724c100cc2aa2da749f68a6e99895a80c1c08e1defd1196061c0b5cebb0a7b0bfb19e7ccd34138d8ad91490c44f5e446d1c770912fe1ed0525844b30e38efe989b742ec3869696061b2ac7d92e5dba6d04bcbf0bd5ff6e4b002dc9bef22bdc0ddc88f40c13d68cfa64ca9fb1f49fd66273dff2c16319ca181b0472f7120aafcccfe3c30dd69797b43c9830e9b1b1e42cca82cde16e3417112bcea215cacb0c25995c3d77ce47db620ac6356f55ddbce65e2fe268a6655bc945215579a9035b915d6ac32ebee9a38677373e9751775e5c6b419dd7904963130792a43703db9f02d17e04c493fee620d1e148b92b074e36330116aeb2e6161bb494fd3eebcb28e92264471e6e42bedd567060aa513a77a98b4248cb33bf4b38b66809e4b1d7603ca784361a91c8a3dfcbc913b55f22b3b8e08d33347a6c3335d970ee9eda09bf557521a3e9b8a15a5e9db0c8d9db0913042f00f951dd7fc6b3248707c15da92ec353fe73aef95cf15e127e9f0eef6c91ee3f534259ed033e6aa2e5c02b3f782bb9eb8b7e1c9bece021ef685b2909b76b591a52be069d33ce650f0c1ba0778c12ffed5ce63e53203ab68396cba695a0261e6665db57188ec6730353e80eb8c079fd20e10db59b26cf9535c84803debdc62287df21937c8ae3b4dfa83324e4d959923b8d0b9867291b27903846896f634eeaf0ec0fac04ecb917980a0b78dccfbb8c56468f76ca265f8959b9cadbbc192e84e7cd243f3e4a928b2c40c703e74d94b3280e490957a2e81539e5e9d9114f08d59bc21b979e6d16527a42c05d77b1ed1fd640167df4942ad1f376c7962d03c0a02e0092f054c0c1afcc536095386d6985403f0dcc0c0b2700a9bee5914ab829f093d20c538002bd531ed83d5a195a688cf82720159b15dbdc0bfbf2151113bf0d715c1c9dfe78f205a62aa94eb7f84ff6cd391644ad3339e98fc6d549fe21e927ac9c68cc2dc17b4ad45d55bdc261be02a76a61ff2d95792b4da315dc9e8f22fdcd13b260cf554edaa9a8cf5a1e8e7a86165aed083b143f205d1081e4e6d9062425096e69cc8e3a46e6424e01546b88d8473e53ddf3d04ec3edcd79514689a609ac48bf25dc15efa4babf3363df07ba7bffbafbe318d1c109b26ae8288b359a0ff4b5e5e952cab5efa7de1ceda4b041da53a086bf96848de833b2fbeb54b5f82020eceec9540abfef66f0a5a36155fce304752ef14303ae18103d0db1cfb006e4c798fa417b4743dd78b3939778bae4c174d9fcae2c23e2892c228d8c8cdd03590a3b5baa81ce5bb55cea9acc1ec079242f1535c54f58c78fc67ef47457cb0c6ef7c69af3c463e65e60978832f31cf54d26104b52191f1f8db9736c352a545fed55e9b44ef25c002c110dce4544ca490e794b204e5daf772e42f4d1d90179e794d8d4617a3bf9893e2c68b10960f9c8e3710b37c19a0744cdddb1e8d3b17a89ff3e22857c6cba535227c5dc2221c076c6eaaa0e4a5cabbb157cf2b31221a53a425b215e686e0c96a0b1e58fcd01e4d7d58cf04e5d026de25627fe677c40f39b32b6534c8b9c4f9c15f23f2bd8ab00425e66a053a8efb394099931cc61cc8fdae4a038a45d4bd59eca68e740f4ff54632ef3109251e4536c7dc3529cb4d67190709390619b1b42765ccbec7ff54e69fce99910b9403eac905f2c1480b7cfdf70a734c2158a9610f893e327043cd1b1505cae0582970eeb64801d4638d2eb1d1d891f3273cb64d6723e55e6dd758f82e15804860f4f64de380c180312ef6903c7ca5a85d92eb74fb51d58ec4399d14170b4ddff190ebd75d308f501b2bf2b5a21758fd9d765931552291b237fbb456f8d2159a011b311e5d590f53da27ab154be43ea9d1acd9f9b8654ce3c4cc190ac2b409d3829897cad2ce3b133da66961808fcdeeb6a1aeb4cb4d898660fbbe7d9cbe2611a31406beb1389e36b9072525119fe9715d62fcedf584ec8dc95ab79870bda9f9c2bcd3f0cdf5125410fcc2a995467e4e8f9e52caa43045be0403165284be4211a4ff82f992aba0fc7d7d4ab369a1dc677ea1d5afe8c074fd1c7e21dbcc2852c53c3589e342908c0f0e8d3fce8a627e59846fdee42b8ed43b0eda19dcfee82531bd0afef475f9e50d3735a4292dbeb835020810db09384f6a2cf31bfd237f6ef905b28778edf8b9c5d509b54ddb0787b68f2dd6293d443a08d34a5cc20974785cb2be074a2930b9c77589a1f955ce31b0def140f1201f6aec372f734fa53278f1adb787d16c9c959a0055e4b78310414feb26582f5db595c624d4b606efb8a0816bcf422200a828a7149b13661c90a04f6869dfacf3d3b4fbf9dc232d927f498955022db89e4c5418beec740b3c956fbfe0499c9c5ad8146b51e11a1027ee1683335fc530ef06b02c36c9134f05b02477da5ec47cbbf2cf93b9082d4fd84f0be1a20d9c0ff0815390c338461f89172bdd0b10f2e3d0e81e001e5e8386017993887fa2b414ac08c3fd065b4132e407212c4b6fbe265a42b8ac0d8b1c43f7c650c3ca06f2dae0fbf99776a9f0120897cb8f52af1397012b2b2a08a324cb53a5e8dfe0ff1c8d723e189d9501fc2e9a9b67a098690c6f6e0f8f279ece81cf0ed61691a5d43f2472e19f9c1a2dbfb0cc4bdbd684992c8322422a59d39d6afcc2d0ef33dfd6fdb660ed05b0f11689591d48b53df7c4009744915b60a2c8f20c39322aa26a9a883c0603268e23a4f16e12d1291b362ffce51eeb3019e5d7f637bf4569f15877136f6a95ec5112bb429b9ff5ddcc24e113907e788c1028f446af0e2cc1c78be11c76b45a28899bdf2e3eeec1c169449ffa9294dc0f1deb7ad0b7dc3311ee99de01bfd9e23c2ffde10719cc7fc72226d16d5945f1c6c8011cadc6f02619c62ccd6851d2fb3e352a583e86e5d32ecf64a0b5da9b54f915159785bc3a5a5d08c4dc9256288e3a39b74872ae2dd2ff6d4ebfe3471b46792778aedefa16c0cc25aa975d8168531dc65d43f7af8ec70c189ab6b0485cc24ccc8f362be32f3a45e1880b11197bdc07006388eb450449877f61b6003afa9af5d8fb4ed992cd96a468fcff0f2ac8fe58d1e943c148da6be20993ab8ca85b71ef5dbe96f497a18ac3d7d2bd006981b385306eca8f794701955518b0a77024005c1025c8c132534076489b67041339a61fa1ac3c5b6340ae7c2a316a8e104968552265bf0dc0be384b176c725799dfe8f4cd0960850d4d4bf3f137367a5b98ed4e8e1017f12f07e203fb82ec015c5ff51efc91146cb376149df424f0492443a18ef83e57a716d5f1b5d1dc01afa55cefe5bc4e5cb60fd366376818b6c0623e478f59973ace7328c05a7e1003d39050df447f82b9e1c20238ec189468beb7c420002a527a87ee75df8bd61e8c9090445659c3758048337afbc998909ca31245a60610a388543eebec28687e7d43737813388bdaf77c732d35363dd1086e7d3a5826f79f6b13d01ef1fc88ded2cffe8afb0e0a8b7d46c0e37d614770ff4123abac0d59cdd8c6514a3735752c1567085e29b14e27ae21df7a087d6e0c9cfe48a59507c2699e4895956a50e6c4b9a794136ff778c6562e1f92e8548146685776840f01d9a5ff974552b63d4b694aa5e5f1843f604952b39124e4af27dc967c7fd4ec0646f0d7c37ae038dc28d64166fe7e6c2a2ad76c9696d8975afa71d69443816b0cd1371f139343e455d1461a7699457b768c3a9f549bf3f0e3814f7d5c198116a7459b3080d1e91cfe18e5fdb990b202562a8290006dc2a4aeef76d3672ce53d6c6f5afb3d838ed7038e7422f2cba180e0bd5815368111eb5a772762c55fbaf23ab03ab8f29334fa5be1d52f8ad7d0571f833b961aa1972a09963e8e1b2bc1d6c79e40b66076fb285eea538118bcffb3ac71e2b81ecb9bd2b6962b2c4f62a25302ac9d0041ef751f717a6d1cc6c747fe66f0062be622007874e4915161020602cdb50fbbeecfaa55bf273f46d2d82a0a4070a43479df47e80c55fc10bbc9e64e9564290b8406d19b2c4a8ee1aab626f48db2824c3b04295c620d926451b067d48e8fe9e52d55ce23aec66cc870732c76391631bd2c61de36d68c07c1750e86930987a42bcf5b7ef6ec656d51d9bc0fa012385908e4f6e6871122092f22fd3241fb94822aa6d65e77768af12679c31bcbfabacb110a11eac63f1c453485311230d977f827895f426b696a7afbf2153efe72bd6a1b7bf5cb2013f04994e74ef8d18271fdc385908022002823ce1f5f821a993d1e89eadb71c4c0ef86f6945e6305c350f936f70ab8c43b35146fa0c876dbdedca419746f25ab5d4382dc99001f6df6065c19fb0514fd0152b6604fecfe140d5933567bd14c0b9c2f26806a7d8537630d496b85c4177c5d386a641819f3979cbc134beafe0f4f0939e78d294f4b2db7f751cae1d16e794327c739f9641f5e4d55e61704bf3d23a5f42fc33ff5832e50de15c9027f181c813fd7aca66793c6f453d957bcf33f2d1ec9fcead1aea815e603101d82c52fc2afe764702da1695c6cd30019c07f6db871e761856afa2f279c31d9dfa44df63f978536bbcecaac89bc13174cc27c5025edb9e7d715742ce6440deeeaed6411c939f9ed03259a514efb0501fe3047352e1277fc8afa059dee89f4385c0d79b27553351179c235de43c31b6630b708f5123b6297dace5abbb18b189596ada86a808c32720cb36a583ef0319c77ba922f1d943fe0d28c11c3c5b24d0f94cc76faabf5efb13f3d693131a845c668362197cd138865bac6bb6df64339bc553b5f1e81c97656ad54714eb21ebd2238ede24ae25dd478283cff67ed145d10d5e7af14fc4ae53b019c69ffc39ef4138fa84a6724727e5093768cb5282a1d5f5e5d8e8e6c78acaaa6a1f8a236c8694f4c21ab2292d0424cb5209475f7ec55b82d6e8fa31b7fdeb0d1f99671693dceef06408384cccc9e47acca555eb610603ee6a840723c8b5a0ac09324143e1f9e15d3e1d4eb22ec4228100057dc4ce27e2fa8d48ebfabb9039e754e16d097a85506436df73ff191986a97aad466b8bbbb43ef8ffa735f7cb65e8af00d592d6ef534108c78c97d71d6c75a5aab3cdaafeef422083bb53046b70eff310f2b5d03d0d7fa6f3d3bba9a7be6459da16ff482a17bbd72eee5d20328f805833c964bd2e85330c4600b7bc44b53f0ae73de44b87bd71d3d02df4b351435c8153a13744648b38ba634bab02c7066a57f21a063d1e85f9954c0c6c55cdce268ac692452e43e68495d6ddd97a65f3ad3f5ec265a2d19", 0x1000, 0x400c004, &(0x7f0000000180)={0xa, 0x4e20, 0x100, @mcast1, 0x80000000}, 0x1c)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snapshot\x00', 0x2, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000000440), &(0x7f0000002500)=0x4)

[ 1839.516096] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1839.524664] EntryControls=0000d1ff ExitControls=002fefff
[ 1839.525157] EntryControls=0000d1ff ExitControls=002fefff
[ 1839.545402] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1839.572657] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1839.574464] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1839.583127] *** Control State ***
[ 1839.599208] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1839.607634] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:49:17 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x1e, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1839.623063] *** Guest State ***
[ 1839.627260] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1839.636474] EntryControls=0000d1ff ExitControls=002fefff
[ 1839.642755] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1839.657797] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1839.680010]         reason=80000021 qualification=0000000000000000
[ 1839.684294]         reason=80000021 qualification=0000000000000000
[ 1839.690555] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1839.698682] IDTVectoring: info=00000000 errcode=00000000
[ 1839.701320] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1839.715618] IDTVectoring: info=00000000 errcode=00000000
[ 1839.721485] CR3 = 0x0000000000000000
[ 1839.725394] TSC Offset = 0xfffffc25475c20c2
03:49:17 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0xb, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1839.729857] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1839.733540] TSC Offset = 0xfffffc25377d8c1c
[ 1839.736722] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1839.747086] TPR Threshold = 0x00
[ 1839.750568] EPT pointer = 0x00000001d169901e
[ 1839.753348] TPR Threshold = 0x00
[ 1839.763587] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1839.781428] EPT pointer = 0x00000001c00c001e
[ 1839.782902] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1839.798219]         reason=80000021 qualification=0000000000000000
[ 1839.802432] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1839.817745] IDTVectoring: info=00000000 errcode=00000000
[ 1839.828638] TSC Offset = 0xfffffc254fe656b5
[ 1839.833717] TPR Threshold = 0x00
[ 1839.845499] EPT pointer = 0x00000001807dc01e
[ 1839.871940] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000683ff4)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000380)=ANY=[@ANYBLOB="e000000a7f000001000000000a000000ac1414bbffffffffe00000010000000000000000ffffffff00000000e0000002ac0414bbffffffff9461bc50138a51fe3d595c521e520127d600001836e5f2a78ea3141fd63ad4fd1ec780033440f4b70100000000000000c416953f267832cc065a4cc209a3e39c6cb846649b76a6f480381e5b97c7a140ead2d840ff24bee39efa66a276b7bae93cb2edc14580fd5fa7ba8cc0a6a3e3ab9d4731cdb52ca314db1e583c252012916f581d8deda0d47d4ad07c5660efc0c8b95a899792a2d771cfc9660f0c30472aba80ecf3692e2f8441dbbd9d27d66992e7623376e1063bb0cfaaf57d5f52ea9beaba36d29030fc87743c10639b2588310fcb08163d9d9bfa0f51688a7cb83e315a1c60829823b623022665549f2b73c54efdc876b6f841d50aceed07b1d707c55df7d2b0aaabf79d576a70f053e11f76d177423340000000000000000000000000000000"], 0x38)
setsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f0000231000)={@multicast2, @loopback, @broadcast}, 0xc)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000340)='veth1_to_team\x00')
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x8100, 0x0)
ioctl$TIOCSCTTY(r4, 0x540e, 0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000000000)=0x4)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x800})

03:49:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:17 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x0, 0x0, 0x80ffff]})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1, 0x1)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:17 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x12, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1839.890292] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.903101] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.912067] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.925652] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.967880] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1839.980048] *** Guest State ***
[ 1839.989485] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1839.999477] *** Guest State ***
[ 1840.002947] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.011245] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1840.020546] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1840.029697] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.038244] CR3 = 0x0000000000000000
[ 1840.039732] *** Guest State ***
[ 1840.042508] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1840.054299] CR3 = 0x0000000000000000
[ 1840.058299] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:49:18 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x19, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1840.064422] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.076937] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1840.079764] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1840.083196] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1840.103405] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.112136] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1840.124432] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1840.129173] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1840.132470] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1840.147435] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1840.154496] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.162865] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.170718] CR3 = 0x0000000000000000
[ 1840.179647] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1840.187089] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1840.187341] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.201568] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1840.204895] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.215942] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1840.217163] Interruptibility = 00000000  ActivityState = 00000000
03:49:18 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x1b, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1840.229175] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.230749] *** Host State ***
[ 1840.237780] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.244788] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.262491] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1840.270572] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.272750] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1840.289405] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.293488] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.305607] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1840.305621] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1840.330756] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.338496] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.347563] CR0=0000000080050033 CR3=00000001c3401000 CR4=00000000001426e0
[ 1840.350693] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.367609] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1840.370050] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.382599] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.386846] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.390855] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.406920] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.413198] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1840.415485] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.421249] *** Control State ***
[ 1840.430030] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.440772] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.448924] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.449674] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.465174] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.466239] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1840.473306] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1840.479966] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.486559] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.494981] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.502638] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1840.514634] EntryControls=0000d1ff ExitControls=002fefff
[ 1840.518107] Interruptibility = 00000000  ActivityState = 00000000
[ 1840.523693] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1840.529926] *** Host State ***
[ 1840.536898] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1840.540029] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1840.546835] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.554741] RIP = 0xffffffff811fa113  RSP = 0xffff8801c6277390
[ 1840.568825] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1840.577231] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1840.577270] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1840.583822] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1840.590416] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1840.598413] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1840.610656]         reason=80000021 qualification=0000000000000000
[ 1840.611336] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1840.618616] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1840.623468] CR0=0000000080050033 CR3=00000001d82ae000 CR4=00000000001426e0
[ 1840.631041] IDTVectoring: info=00000000 errcode=00000000
[ 1840.638064] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1840.650190] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1840.650200] Interruptibility = 00000000  ActivityState = 00000000
[ 1840.650203] *** Host State ***
[ 1840.650283] TSC Offset = 0xfffffc24c05052ba
[ 1840.657919] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1840.664777] RIP = 0xffffffff811fa113  RSP = 0xffff8801c146f390
[ 1840.667485] *** Control State ***
[ 1840.671874] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1840.677919] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1840.683897] Interruptibility = 00000000  ActivityState = 00000000
[ 1840.687474] EntryControls=0000d1ff ExitControls=002fefff
[ 1840.693916] TPR Threshold = 0x00
[ 1840.700634] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1840.706923] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1840.712342] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1840.715747] *** Host State ***
[ 1840.722651] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1840.730596] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1840.737262]         reason=80000021 qualification=0000000000000000
[ 1840.740503] EPT pointer = 0x00000001cdf6601e
[ 1840.753280] CR0=0000000080050033 CR3=00000001bac42000 CR4=00000000001426f0
[ 1840.763966] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1840.778370] IDTVectoring: info=00000000 errcode=00000000
[ 1840.783199] RIP = 0xffffffff811fa113  RSP = 0xffff8801bf2a7390
[ 1840.790361] TSC Offset = 0xfffffc248f99dde1
[ 1840.795368] TPR Threshold = 0x00
[ 1840.803566] EPT pointer = 0x000000017bd9101e
[ 1840.809806] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1840.816184] *** Control State ***
[ 1840.824210] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
03:49:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000400)='bbr\x00', 0x4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe, &(0x7f0000000080)='\\eth1security\x00', 0xffffffffffffffff}, 0x30)
r4 = getpgid(0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000340)=0x40000000000009)
r5 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$VT_WAITACTIVE(r5, 0x5607)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r5, 0xc058534b, &(0x7f0000000500)={0x50, 0x2, 0xfffffffffffff001, 0x7ff, 0x2, 0x6})
getpid()
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000440)={0xf000, &(0x7f00000001c0), 0x0, r5, 0xb})
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={<r6=>0x0, 0x6}, &(0x7f00000004c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000380)={0xc3b3, 0x1, 0x1, 0x3, r6}, &(0x7f00000003c0)=0x10)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:49:18 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0xc, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1840.829718] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1840.845143] *** Guest State ***
[ 1840.852045] EntryControls=0000d1ff ExitControls=002fefff
[ 1840.861777] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1840.879480] *** Guest State ***
[ 1840.884075] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1840.887623] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1840.893780] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1840.903306] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1840.917261] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1840.923906] CR0=0000000080050033 CR3=0000000186327000 CR4=00000000001426e0
03:49:18 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x24, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1840.936858] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1840.946769] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1840.955090] CR3 = 0x0000000000000000
[ 1840.958929] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1840.970624] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1840.982405] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1840.985568] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1840.990449] CR3 = 0x0000000000000000
[ 1841.000647] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1841.010346] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1841.012942] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1841.022719] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.031030]         reason=80000021 qualification=0000000000000000
[ 1841.037611] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1841.043690] *** Control State ***
[ 1841.043764] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.055512] IDTVectoring: info=00000000 errcode=00000000
[ 1841.057888] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1841.061132] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1841.074648] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x22, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1841.082918] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.091138] TSC Offset = 0xfffffc2487d7f565
[ 1841.095696] TPR Threshold = 0x00
[ 1841.099243] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.100059] EntryControls=0000d1ff ExitControls=002fefff
[ 1841.107517] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.120940] EPT pointer = 0x00000001c111501e
[ 1841.130990] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.139450] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1841.149861] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.158044] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1841.164933] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1841.171646] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.186793] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1841.194797] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.195067]         reason=80000021 qualification=0000000000000000
[ 1841.203247] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.217439] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1841.217748] IDTVectoring: info=00000000 errcode=00000000
[ 1841.232396] TSC Offset = 0xfffffc248f54469c
[ 1841.238400] TPR Threshold = 0x00
[ 1841.242071] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.250388] EPT pointer = 0x00000001c1ad001e
[ 1841.259762] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.269604] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffffff0, 0xc0480)
faccessat(r3, &(0x7f0000000180)='./file0\x00', 0xc, 0x200)

03:49:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfee00000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1841.291796] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1841.298422] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1841.308371] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1841.308833] Interruptibility = 00000000  ActivityState = 00000000
[ 1841.337304] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.344706] *** Host State ***
[ 1841.358840] *** Guest State ***
[ 1841.362150] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1841.367591] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1841.379313] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.379625] RIP = 0xffffffff811fa113  RSP = 0xffff8801c6277390
[ 1841.387611] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1841.399925] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1841.400949] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1841.407910] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1841.415240] Interruptibility = 00000000  ActivityState = 00000000
[ 1841.423696] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1841.434586] *** Host State ***
[ 1841.437254] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1841.446160] RIP = 0xffffffff811fa113  RSP = 0xffff8801839df390
[ 1841.446338] CR3 = 0x0000000000000000
[ 1841.456157] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1841.456336] CR0=0000000080050033 CR3=00000001d82ae000 CR4=00000000001426e0
[ 1841.467593] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1841.470435] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1841.483767] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1841.491282] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1841.495769] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1841.497696] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1841.504000] CR0=0000000080050033 CR3=00000001be6d4000 CR4=00000000001426e0
[ 1841.509784] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1841.523527] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.528661] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1841.531673] *** Control State ***
[ 1841.540862] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1841.545088] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.556538] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1841.560716] *** Control State ***
[ 1841.567436] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1841.571026] EntryControls=0000d1ff ExitControls=002fefff
[ 1841.576668] EntryControls=0000d1ff ExitControls=002fefff
[ 1841.579962] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.585303] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1841.593382] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.600276] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1841.608338] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1841.615177] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1841.622143] VMEntry: intr_info=800000c0 errcode=00000000 ilen=00000000
[ 1841.635104]         reason=80000021 qualification=0000000000000000
[ 1841.635283] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1841.641544] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.648134]         reason=80000021 qualification=0000000000000000
[ 1841.656285] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.670534] IDTVectoring: info=00000000 errcode=00000000
[ 1841.676251] IDTVectoring: info=00000000 errcode=00000000
[ 1841.681706] TSC Offset = 0xfffffc24141877aa
[ 1841.681711] TPR Threshold = 0x00
[ 1841.681720] EPT pointer = 0x00000001c2e2a01e
[ 1841.681787] TSC Offset = 0xfffffc248f99dde1
[ 1841.686309] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1841.690138] TPR Threshold = 0x00
[ 1841.693961] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.698329] EPT pointer = 0x000000017bd9101e
[ 1841.722172] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000480)=<r3=>0x0)
migrate_pages(r3, 0xfffffffffffffff8, &(0x7f00000004c0)=0x9, &(0x7f0000000500)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
memfd_create(&(0x7f0000000180)='smaps\x00', 0x1)
prctl$setfpexc(0xc, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$PPPIOCGL2TPSTATS(r4, 0x80487436, &(0x7f0000000340)="2eddc381e425081ecf881883356669851ae2f5bfcfaa3804d2a1bf04be2ea2237523016d4bb1fb24781c21941e11cf9eb9b10ab6177f18965311a8c88e37d9ccfc2913c376694fb5dbaadf2038f72ad6b20bfa7bab3d3cbbd1847f1eda7428f470df7d5920e7e6db3b8b1ddf1be8fdcaaf62ce3e473d1ee59aa40c24ffb7ccfa3bbc5ca88631794337051dacb15b0f615ea54faf17a985e470902b4e379385e3400a87aef9af9c99f273971d10f2cb331be0471f750f1bb9c5159fd2ec5660bfe743323d1519671237c4719b7d1710ab843d0a73425eb25ea8e4ccf2091b82cdcf891e514c8437f50a61559cacf07fb6cc10a62e4098")
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000440)={0x500000000000000, 0x8000, 0x8c0})
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, &(0x7f0000000000)={0x0, 0xfffffffffffffffd, 0x62, 0x9})

03:49:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x17, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = dup2(r0, r0)
ioctl$EVIOCSCLOCKID(r1, 0x400445a0, &(0x7f0000000080)=0x42b7)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x101000, 0x2000})
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:49:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0fe00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1841.742834] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1841.758867] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1841.767390] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1841.776566] Interruptibility = 00000000  ActivityState = 00000000
[ 1841.783358] *** Host State ***
[ 1841.787100] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
03:49:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1841.815127] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1841.827016] *** Guest State ***
[ 1841.830469] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1841.851329] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x3000}, &(0x7f0000000100)=0x10)

[ 1841.869633] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1841.878572] CR0=0000000080050033 CR3=00000001d2b45000 CR4=00000000001426f0
[ 1841.902354] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1841.922260] *** Guest State ***
[ 1841.941242] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1841.958250] CR3 = 0x0000000000000000
[ 1841.965791] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:49:20 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x5000}, &(0x7f0000000100)=0x10)

[ 1841.978854] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1841.987898] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1842.000103] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1842.001603] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1842.009568] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x10000)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000180))
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f00000001c0)={0x1, {0x0, 0x40, 0x4, 0x10001, 0xfff, 0xfffffffffffffffe}})
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1842.044922] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.045210] *** Guest State ***
[ 1842.057589] *** Control State ***
[ 1842.060842] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.071101] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.080570] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.089036] CR3 = 0x0000000000000000
[ 1842.093212] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1842.099404] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1842.100948] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1842.108855] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1842.121530] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.122554] EntryControls=0000d1ff ExitControls=002fefff
[ 1842.129842] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:20 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x2000}, &(0x7f0000000100)=0x10)

[ 1842.142297] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1842.146539] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1842.153043] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.171426] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.185649] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1842.196358] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.204719] CR3 = 0x0000000000000000
[ 1842.209428] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.217585] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.231882] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1842.240095] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1842.241464]         reason=80000021 qualification=0000000000000000
[ 1842.246823] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.253027] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.269482] IDTVectoring: info=00000000 errcode=00000000
[ 1842.272592] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1842.284003] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1842.291215] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.299601] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.308148] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.311948] TSC Offset = 0xfffffc23d25f6348
[ 1842.316977] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1842.328667] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.336866] TPR Threshold = 0x00
[ 1842.336887] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1842.349390] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.350031] EPT pointer = 0x00000001d83b501e
[ 1842.358752] Interruptibility = 00000000  ActivityState = 00000000
[ 1842.362760] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.369410] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.385255] *** Host State ***
[ 1842.388578] RIP = 0xffffffff811fa113  RSP = 0xffff88016a7b7390
03:49:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc0\x00', 0x101001, 0x0)
ioctl$BLKIOOPT(r1, 0x1279, &(0x7f0000000380))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = fcntl$dupfd(r0, 0x406, r2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x0, &(0x7f0000000080)=[@vmwrite={0x8, 0x0, 0x3, 0x0, 0x3, 0x0, 0x9, 0x0, 0x2}, @vmwrite={0x8, 0x0, 0x8, 0x0, 0x100000001, 0x0, 0x3, 0x0, 0x5}], 0x2)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x1, 0x8001, 0x605, 0x3, 0x7ff, 0x3})
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r5 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KIOCSOUND(r5, 0x4b2f, 0x7)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0xd8b], 0x1f000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1842.394678] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1842.401496] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1842.404135] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.409685] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1842.423461] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.440123] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.450779] CR0=0000000080050033 CR3=00000001ccb0e000 CR4=00000000001426e0
[ 1842.469680] *** Guest State ***
[ 1842.473108] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.478364] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.481440] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1842.497459] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1842.498371] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.513219] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1842.522529] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.522787] CR3 = 0x0000000000000000
[ 1842.531930] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1842.534587] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.548723] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.554143] *** Control State ***
[ 1842.557023] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1842.562582] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1842.566460] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1842.576287] EntryControls=0000d1ff ExitControls=002fefff
[ 1842.579224] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.592713] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.593770] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1842.601518] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1842.614657] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1842.621356] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.629574] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1842.637322] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.645533] Interruptibility = 00000000  ActivityState = 00000000
[ 1842.651933] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.663707] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1842.670355] *** Host State ***
[ 1842.674642] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.682947] RIP = 0xffffffff811fa113  RSP = 0xffff880187f8f390
[ 1842.683281] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1842.692682] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.703934] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1842.712805] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.734762] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1842.737027] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1842.748022] Interruptibility = 00000000  ActivityState = 00000000
[ 1842.755018] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.763507] *** Host State ***
[ 1842.765214] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1842.767454] RIP = 0xffffffff811fa113  RSP = 0xffff88018a8b7390
[ 1842.779630] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1842.780897] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.786669] CR0=0000000080050033 CR3=00000001bc592000 CR4=00000000001426e0
[ 1842.794668] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1842.801843] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1842.809677]         reason=80000021 qualification=0000000000000000
[ 1842.825057] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1842.831797] IDTVectoring: info=00000000 errcode=00000000
[ 1842.837085] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1842.837622] TSC Offset = 0xfffffc239257a4ea
[ 1842.843596] *** Control State ***
[ 1842.848406] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1842.859311] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1842.859449] TPR Threshold = 0x00
[ 1842.867481] EntryControls=0000d1ff ExitControls=002fefff
[ 1842.869714] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1842.877263] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1842.881071] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1842.895995] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1842.896249] EPT pointer = 0x00000001ce66a01e
[ 1842.906744] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1842.907493] CR0=0000000080050033 CR3=00000001c17ff000 CR4=00000000001426e0
[ 1842.913900]         reason=80000021 qualification=0000000000000000
[ 1842.937648] IDTVectoring: info=00000000 errcode=00000000
[ 1842.940217] EFER =     0x0000000000000000  PAT = 0x0007040600070406
03:49:20 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f00000003c0)=ANY=[@ANYBLOB="04000000b0c8de9aa99efcf5110900000081000010000000000700000000000000c80c000000000000f7de000000000000cc390000000000000900000000000000ffffff7f000000000400000000000000"])
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:20 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000, 0x10000000000}, &(0x7f0000000100)=0x10)

03:49:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x2, &(0x7f0000000600), 0x1000000000000162)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffa149, 0x800)
ioctl$SG_SCSI_RESET(r3, 0x2284, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48)
io_setup(0x0, &(0x7f0000000440))
syz_open_procfs(0x0, &(0x7f0000000100)='oom_adj\x00')
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080)={0x0, 0xfffffffffffffffc}, 0x8)
exit(0x0)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000580)={[0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80007], 0x1f000, 0x1611})
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000180)='trusted.overlay.upper\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="00fbda017962e6ab80e4c52e713325cac8d24c041a721ea73b75feccec0d123b25b2ce946615cdf7acc9824136a3e9d45f4091dd5587ac4ecbaf6d881b52225149026d2944ef144c49068ec8b58f11e7d3c9dc7d787410860c97ae3feca94e5acc2485d26a0643562201577f2293ea4c83e1ee086dbcda915b2852ff530c0a47b1453768f4e59ae8217cfa04ead9e70a64216a6b511afef68c843f3684dcec502fa06f2d51642091ee3b93cd8cb20ad1e7baad52dce3e6ebb1a48b7a8535783fcd40f63e06b1fa600a26b82fffa66fe1c517378156552c"], 0xda, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1842.943243] TSC Offset = 0xfffffc2385915a2b
[ 1842.952971] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1842.954171] TPR Threshold = 0x00
[ 1842.964665] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1842.979558] EPT pointer = 0x00000001c79fe01e
[ 1842.982301] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1842.991595] *** Control State ***
[ 1842.995489] Interruptibility = 00000000  ActivityState = 00000000
[ 1843.003331] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1843.010486] *** Host State ***
[ 1843.014126] EntryControls=0000d1ff ExitControls=002fefff
[ 1843.020339] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1843.027881] RIP = 0xffffffff811fa113  RSP = 0xffff88017f59f390
[ 1843.035235] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:49:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:21 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000, 0xff0f000000000000}, &(0x7f0000000100)=0x10)

[ 1843.053179] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1843.062390] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1843.079228]         reason=80000021 qualification=0000000000000000
[ 1843.086918] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1843.116069] IDTVectoring: info=00000000 errcode=00000000
[ 1843.134988] TSC Offset = 0xfffffc23746c4996
[ 1843.141440] TPR Threshold = 0x00
[ 1843.155057] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1843.161107] EPT pointer = 0x00000001853bc01e
03:49:21 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000, 0x8000000000000000}, &(0x7f0000000100)=0x10)

03:49:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d0000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:21 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x3)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1843.199170] CR0=0000000080050033 CR3=0000000184424000 CR4=00000000001426e0
[ 1843.268788] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1843.300343] *** Guest State ***
[ 1843.316298] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1843.343292] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1843.347131] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1843.389402] *** Control State ***
[ 1843.393461] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1843.403985] CR3 = 0x0000000000000000
[ 1843.418272] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1843.441728] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1843.468018] EntryControls=0000d1ff ExitControls=002fefff
[ 1843.470481] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:21 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000, 0xff0f0000}, &(0x7f0000000100)=0x10)

[ 1843.493837] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.499452] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1843.501983] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.513528] *** Guest State ***
[ 1843.519072] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.530171] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.538337] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.538358] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.538382] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1843.555010] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1843.573388] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.574889] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1843.584114] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1843.596691] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.601692] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1843.604976] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1843.618221] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1843.621680]         reason=80000021 qualification=0000000000000000
[ 1843.633811] IDTVectoring: info=00000000 errcode=00000000
[ 1843.633995] CR3 = 0x0000000000000000
[ 1843.639623] TSC Offset = 0xfffffc233a0fb3d6
[ 1843.643327] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1843.647778] TPR Threshold = 0x00
[ 1843.658611] EPT pointer = 0x00000001d843001e
[ 1843.658883] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1843.673674] Interruptibility = 00000000  ActivityState = 00000000
[ 1843.680634] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1843.686947] *** Host State ***
03:49:21 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
alarm(0x6)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KDGKBMETA(r3, 0x4b62, &(0x7f0000000000))
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:21 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000, 0xff0f}, &(0x7f0000000100)=0x10)

03:49:21 executing program 3:
unlink(&(0x7f0000000000)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=<r3=>0x0)
getpgrp(r3)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x40000000000000, 0x0, 0x800}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {0x0, 0xd001}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1843.690245] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1843.697752] RIP = 0xffffffff811fa113  RSP = 0xffff88018438f390
[ 1843.704040] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1843.711164] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.728246] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.737025] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1843.754093] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.764470] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1843.770914] CR0=0000000080050033 CR3=00000001d2640000 CR4=00000000001426f0
[ 1843.778571] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.795115] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1843.815797] *** Guest State ***
[ 1843.821862] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.826463] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1843.838802] *** Guest State ***
[ 1843.839432] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.843335] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:21 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x200000d0)

[ 1843.862625] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1843.878690] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1843.890106] *** Control State ***
[ 1843.896306] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1843.907698] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1843.917559] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1843.919330] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.931116] EntryControls=0000d1ff ExitControls=002fefff
[ 1843.940832] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1843.941289] CR3 = 0x0000000000000000
[ 1843.957846] CR3 = 0x0000000000000000
03:49:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)={0x3, 0x0, [{0xbaf, 0x0, 0x6}, {0x0, 0x0, 0x101}, {0xaef, 0x0, 0x4f9}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1843.961998] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1843.969509] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1843.981681] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1843.982115] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1843.991526] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1843.994718] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1844.011727] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
03:49:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x806d)

[ 1844.019386] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1844.027090] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1844.033492] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1844.040443] Interruptibility = 00000000  ActivityState = 00000000
[ 1844.047038] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1844.051920]         reason=80000021 qualification=0000000000000000
[ 1844.053866] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1844.067575] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.075871] *** Host State ***
[ 1844.079354] RIP = 0xffffffff811fa113  RSP = 0xffff8801814f7390
[ 1844.085718] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.093969] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1844.100728] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.110463] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x4000, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000079000/0x1000)=nil, &(0x7f0000078000/0x3000)=nil, 0x1000, 0x1})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1844.118857] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1844.126863] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.135279] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.139505] IDTVectoring: info=00000000 errcode=00000000
[ 1844.143366] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1844.155659] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.163751] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.172084] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.180822] CR0=0000000080050033 CR3=00000001ccb3d000 CR4=00000000001426e0
[ 1844.189289] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1844.209606] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1844.211091] TSC Offset = 0xfffffc22c85bf440
[ 1844.217347] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.229526] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.239612] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1844.239902] TPR Threshold = 0x00
[ 1844.245845] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0xb4, &(0x7f0000000080)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1844.263158] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.271483] EPT pointer = 0x0000000180e4701e
[ 1844.271580] *** Control State ***
[ 1844.279714] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1844.289776] TR:   sel=0x0000, attr=0x10000, limit=0x0000d001, base=0x0000000000000000
[ 1844.297917] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.307225] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1844.313994] EntryControls=0000d1ff ExitControls=002fefff
[ 1844.320105] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1844.329050] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1844.338618] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.348023] Interruptibility = 00000000  ActivityState = 00000000
[ 1844.354491] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1844.363026] *** Host State ***
03:49:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10d000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1844.367020] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1844.380020] RIP = 0xffffffff811fa113  RSP = 0xffff8801d207f390
[ 1844.391154] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1844.399519] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
03:49:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
poll(&(0x7f0000000040)=[{r1, 0x8}, {r0, 0x12}, {r0, 0x4008}], 0x3, 0x2)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1844.415529] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.432626] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1844.444146] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1844.451332] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1844.463312] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1844.463636] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1844.472034]         reason=80000021 qualification=0000000000000000
[ 1844.485845] *** Guest State ***
[ 1844.489218] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1844.500522] IDTVectoring: info=00000000 errcode=00000000
[ 1844.501724] CR0=0000000080050033 CR3=00000001d83b5000 CR4=00000000001426e0
[ 1844.506150] Interruptibility = 00000000  ActivityState = 00000000
[ 1844.519862] TSC Offset = 0xfffffc22acd13104
[ 1844.524324] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1844.526426] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1844.533341] TPR Threshold = 0x00
[ 1844.543494] EPT pointer = 0x00000001d214d01e
[ 1844.548884] CR3 = 0x0000000000000000
[ 1844.556604] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
03:49:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0xbe, 0x0, 0x401], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1844.582266] *** Host State ***
[ 1844.585422] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1844.585701] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1844.597783] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1844.618005] *** Guest State ***
[ 1844.618901] RIP = 0xffffffff811fa113  RSP = 0xffff88017e4ff390
[ 1844.627778] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.638067] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.641807] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1844.646357] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1844.666580] *** Control State ***
[ 1844.670205] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.681669] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1844.693627] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1844.701680] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.710050] EntryControls=0000d1ff ExitControls=002fefff
[ 1844.715827] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.718405] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1844.723878] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1844.733699] *** Guest State ***
[ 1844.739103] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1844.749351] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.754739] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1844.757665] CR0=0000000080050033 CR3=0000000180e7e000 CR4=00000000001426e0
[ 1844.773647] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1844.781995] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.790371] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1844.790889] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1844.805130] VMEntry: intr_info=80000041 errcode=00000000 ilen=00000000
[ 1844.812723] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1844.821038] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1844.827414] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1844.834066] *** Control State ***
[ 1844.837940] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.846417] CR3 = 0x0000000000000000
[ 1844.850225] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1844.854548] CR3 = 0x0000000000000000
[ 1844.857002] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1844.866964] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1844.868970] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1844.873455] EntryControls=0000d1ff ExitControls=002fefff
[ 1844.885168]         reason=80000021 qualification=0000000000000000
[ 1844.891599] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1844.892471] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1844.899181] IDTVectoring: info=00000000 errcode=00000000
[ 1844.911822] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1844.919172] Interruptibility = 00000000  ActivityState = 00000000
[ 1844.925725] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1844.926323] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1844.938512] *** Host State ***
[ 1844.942119] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1844.950393] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1844.957429] RIP = 0xffffffff811fa113  RSP = 0xffff8801c146f390
[ 1844.963673] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.971725] TSC Offset = 0xfffffc227ff00197
[ 1844.976311] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1844.982889]         reason=80000021 qualification=0000000000000000
[ 1844.982896] IDTVectoring: info=00000000 errcode=00000000
[ 1844.982901] TSC Offset = 0xfffffc2282b0cda2
[ 1844.982907] TPR Threshold = 0x00
[ 1844.982915] EPT pointer = 0x00000001c025801e
[ 1844.989860] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1844.995587] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1844.999327] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.002736] FSBase=00007faf77344700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1845.007157] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.015312] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.021596] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.029708] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1845.067805] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x80}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x20000}, {}, {0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:23 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x5c8, 0x8000)
write$P9_ROPEN(r2, &(0x7f0000000080)={0x18, 0x71, 0x1, {{0x10, 0x0, 0x3}}}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f0000000180)=""/37)
openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/current\x00', 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1845.079309] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.084779] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.087498] TPR Threshold = 0x00
[ 1845.098879] CR0=0000000080050033 CR3=000000017d37c000 CR4=00000000001426f0
[ 1845.102644] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.114005] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.115057] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.136510] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.144761] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1845.151794] EPT pointer = 0x00000001c234b01e
[ 1845.156906] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.165100] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.176907] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.194441] *** Guest State ***
[ 1845.196611] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1845.202372] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1845.206434] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1845.216135] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.219164] *** Control State ***
[ 1845.229386] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1845.240080] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.245105] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1845.251021] CR3 = 0x0000000000000000
[ 1845.259659] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1845.259721] Interruptibility = 00000000  ActivityState = 00000000
[ 1845.271673] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1845.278436] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.281779] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1845.287653] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1845.300300] *** Host State ***
[ 1845.303809] TR:   sel=0x0000, attr=0x10000, limit=0x0000d001, base=0x0000000000000000
[ 1845.313450] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.313636] RIP = 0xffffffff811fa113  RSP = 0xffff88016a7b7390
[ 1845.321891] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1845.328350] EntryControls=0000d1ff ExitControls=002fefff
[ 1845.334473] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.339672] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1845.348087] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1845.362435] Interruptibility = 00000000  ActivityState = 00000000
[ 1845.365707] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1845.369087] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.377006] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1845.384730] *** Host State ***
[ 1845.391626] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1845.395598] RIP = 0xffffffff811fa113  RSP = 0xffff8801c0467390
[ 1845.400734] CR0=0000000080050033 CR3=00000001c344a000 CR4=00000000001426f0
[ 1845.407087] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.422513] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1845.429060] FSBase=00007ff4ae3ca700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1845.429336] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1845.437422] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1845.443728] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.450012] CR0=0000000080050033 CR3=00000001d83b5000 CR4=00000000001426f0
[ 1845.457898] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1845.471577] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1845.473453] *** Control State ***
[ 1845.478932] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1845.485277] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1845.489020] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1845.502328] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1845.508597]         reason=80000021 qualification=0000000000000000
[ 1845.508831] *** Control State ***
[ 1845.515092] EntryControls=0000d1ff ExitControls=002fefff
[ 1845.518902] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1845.524048] IDTVectoring: info=00000000 errcode=00000000
[ 1845.536452] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.540501] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1845.544550] EntryControls=0000d1ff ExitControls=002fefff
[ 1845.551566] TSC Offset = 0xfffffc2225b0145e
[ 1845.557358] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.561459] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1845.570357] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1845.576098] TPR Threshold = 0x00
[ 1845.583116] VMEntry: intr_info=80000041 errcode=00000000 ilen=00000000
[ 1845.586848] EPT pointer = 0x00000001c281201e
[ 1845.593812] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1845.597716] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1845.604331] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.618864]         reason=80000021 qualification=0000000000000000
[ 1845.626502] IDTVectoring: info=00000000 errcode=00000000
[ 1845.632023] TSC Offset = 0xfffffc221434e22a
[ 1845.636770] TPR Threshold = 0x00
[ 1845.639241]         reason=80000021 qualification=0000000000000000
[ 1845.640210] EPT pointer = 0x00000001bf1bf01e
[ 1845.651575] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1845.656865] IDTVectoring: info=00000000 errcode=00000000
[ 1845.665364] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1845.684117] TSC Offset = 0xfffffc220640f1a8
[ 1845.693030] TPR Threshold = 0x00
03:49:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x50400)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000c00)=@filter={'filter\x00', 0xe, 0x5, 0x8a0, [0x0, 0x20000340, 0x20000518, 0x20000820], 0x0, &(0x7f0000000180), &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x0, 0x8, 0x8235, 'dummy0\x00', 'tunl0\x00', 'bond_slave_0\x00', 'veth0_to_team\x00', @local, [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [0x0, 0x0, 0x0, 0xff, 0xff, 0xff], 0xd8, 0x160, 0x1a8, [@cgroup0={'cgroup\x00', 0x8}, @cluster={'cluster\x00', 0x10, {{0x6, 0x9, 0x4, 0x1}}}]}, [@common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x4, 'syz0\x00', 0x80}}}, @common=@mark={'mark\x00', 0x10, {{0xfffffff0, 0xffffffffffffffff}}}]}, @common=@ERROR={'ERROR\x00', 0x20, {"c45e39bcffd9592b337aa4576c4f44a2e012b3eef82bc16b5ef3d24cd5a0"}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffc, 0x2, [{{{0xde5e5b34ce059fb7, 0x46, 0x6207, 'yam0\x00', 'rose0\x00', 'ip6_vti0\x00', 'bond_slave_0\x00', @dev={[], 0x13}, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], @dev={[], 0xb}, [0xff, 0x0, 0x0, 0x0, 0xff], 0x120, 0x168, 0x1b8, [@connbytes={'connbytes\x00', 0x18, {{0x7a, 0x4, 0x1, 0x2}}}, @rateest={'rateest\x00', 0x48, {{'nr0\x00', 'bcsh0\x00', 0x0, 0x2, 0x48000000, 0x5, 0x9, 0x1, 0x1, 0x8}}}]}, [@common=@ERROR={'ERROR\x00', 0x20, {"7e19f83e2d4435a48d97e4fce7b5a1fc2267777424990715c1e884e3b236"}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x1, 'syz1\x00', 0x101}}}}, {{{0x1b, 0x6f, 0xdada, 'ip6_vti0\x00', 'sit0\x00', 'veth0_to_bond\x00', 'veth1_to_bond\x00', @broadcast, [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], @local, [0x0, 0x0, 0x0, 0xff, 0xff, 0xff], 0xd0, 0xd0, 0x120, [@arp={'arp\x00', 0x38, {{0x205, 0xf118, 0x9, @multicast2, 0xff, @rand_addr, 0xffffffff, @local, [0xff, 0x0, 0x0, 0x0, 0xff], @broadcast, [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], 0x1b, 0x53}}}]}}, @common=@log={'log\x00', 0x28, {{0xee, "d0eb5348aae42c927ef131ed09b495c0a7abed83497e8693d0d73bf744a0"}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe, 0x2, [{{{0x11, 0x8, 0x200, 'ip6gretap0\x00', 'veth0_to_bridge\x00', 'ifb0\x00', 'bridge0\x00', @local, [0x0, 0x0, 0xff, 0x0, 0xff], @dev={[], 0x21}, [0x0, 0x0, 0xff, 0x0, 0xff], 0xe8, 0x188, 0x2b8, [@ip6={'ip6\x00', 0x50, {{@ipv4={[], [], @remote}, @mcast2, [0x0, 0xff, 0xffffffff, 0xffffffff], [0xff0000ff, 0x0, 0x0, 0xff000000], 0xffffffff, 0x3f, 0x40, 0x0, 0x4e22, 0x4e22, 0x4e24, 0x4e24}}}]}, [@common=@log={'log\x00', 0x28, {{0x4972534d, "8ad4dfcac446c85800547559dad1d8c3a4d647809877701f967dd1423fd2", 0x4}}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0xace, 'syz1\x00', 0x100}}}]}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x4, 'system_u:object_r:crontab_exec_t:s0\x00'}}}}, {{{0x11, 0x4a, 0x9aff, 'veth0_to_bridge\x00', 'gre0\x00', 'bond_slave_1\x00', 'ip6gre0\x00', @broadcast, [0xff, 0xff, 0xff, 0xff, 0xff], @broadcast, [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], 0x70, 0x70, 0xa8}}, @common=@mark={'mark\x00', 0x10, {{0xffffffd0, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x5, 0xffffffffffffffff}]}, 0x918)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000c80)=0x3, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

03:49:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xffffffff, 0x200)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=ANY=[@ANYBLOB="73656375726974790000000000000000000000000000000000000000000000000e00000004000000e00300001801000008020000000000000000000008020000100300001003000010030000100300001003000004000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="00000000000000000000000000000001fe4f6bc65141052e08b047c4f7758000000000000000000000000000bbffffffffffffffffff000000ff000000000000000000000000000000ffffffff7465716c30000000000000000000000069726c616e3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000002900ff0108000000000000000000000000000000f0001801000000000000000000000000000000000000000000000000280069636d7036000000000000000000000000000000000000000000000000000e0901000000000028004e46515545554500000000000000000000000000000000000000000000022d0f000102000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000ff00000000000000ffffff00ffffff00ffffffffffffffff766c616e30000000000000000000000079616d30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000000ff00ff041e000000000000000000000000000000c800f0000000000000000000000000000000000000000000a7eb70ef7f81a495bec822c4540000000028004e4651554555450000000000000000000000000000000000000000000002010004000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800080100000000000000000000000000000000000000000000000040005443504f5054535452495000000000000000000000000000000000000000fd000000090c00000300000001000000bf02000000001800000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d00000000000000000000000000000000000000000000000000028000000000000000000000000000000000000000000000000000074642ab1ef9f247c95f2cb82d42296f0e1b16914851be5506b3cee765f9deb6bbaf93fc2671a66553c7b723f122930c21618020358bd5d45670e5af89d4ca73b3d0e0d541fe051a87d12da700ee1738efe9d519716e34a8535f2617db40275a1ca4c05152820fa7d20e86ee7177491eeecc3045006ae68511dc9064e6671a24f8b52ea9973d143419df26fefe77f5f9ef8f0427ce0ad040fdd947944ac18875bdc34a2d383e261287ba6bd59a84e4642d85fed02e8c27ffaee41740c109ccf8dd5c358b6396b2bd4684b929bcbd726edc879a9bd53c306af623578c5edc8a7707966f1defc8e8073f61feebe8e9c546c099dc5a4ecff209f43f3e17660da45aeff5068d9f090b2a3fa86b361fc5529acb294858f04ddcb5105b8e9c7b9eb7e0dabd894c4df6c60544c58c7203a705499c37976c20a81f9feeeda717dcc81b273b19c5c689bc5939cada72501869d2c47e2719b227bb18e3bce584e509f788baef2aa6b1e7840ebc5fda6c3053e773634c5e0fe6d48255cb79bfdb5fbd44a11bb1ca9e73a48e919e11f28d0ae565d923a55dd3f1cf1d8a09cbf48bda0457767f3168911150c02fc92b9e871ba0de11086428465fe5091e4321443"], 0x440)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:23 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x120)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x2c, r3, 0x408, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xe10e}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xac3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x80)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
r4 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f00000015c0)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10, 0x80000)
clock_gettime(0x0, &(0x7f0000001600)={<r5=>0x0, <r6=>0x0})
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r4, 0x28, 0x6, &(0x7f0000001640)={r5, r6/1000+10000}, 0x10)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1845.693440] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1845.701698] EPT pointer = 0x00000001c7b7101e
[ 1845.706602] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:49:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1845.753132] Interruptibility = 00000000  ActivityState = 00000000
[ 1845.768141] *** Host State ***
[ 1845.771902] RIP = 0xffffffff811fa113  RSP = 0xffff88017e607390
03:49:23 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl$void(r0, 0x5451)
ioctl(r0, 0x4f, &(0x7f0000000440)="153f6234488dd25d766070746c2cdf9d526441a9cd623bfc8d7825dfdc2f210904fdfd5ae8049c926e391c5195dd851fb7039cf7fffc01bc31459563de815a9108abd9dfd3d213d1ead81ac9d8a16c656cd1d2e986ab89110270086eb91ef68870e14a66c4231c294f2f16424eb3c8a993cf853a57e393c9054cc847d03c8d4b176c287da9d47eb7b0f0acf5053d293db94c196c65e50509f035fa1637a7481edf3c74949b5ed5c33653125437db80de3d542b1eb664f3eacb6c935c38d6efad197dd3978121e3b4e89ab169d9e7cea8db49578dc8403190b4318a2b6228468bf90c2f17b3b069a1c0cce8f964c8289a538c449764a128861f07075e67d06c5580a8e2c1dd71b002c88c2e26118a4887bb03eb02acab510895004933d5cdbad1e1abbc7a1733c1c562f30ab0882320aee32faab86e43783e1f337ef8e746ef1b9e153204156d80")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0xffffffffffffffaa)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1845.795294] *** Guest State ***
[ 1845.803859] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1845.821892] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1845.832040] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1845.847537] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1845.867714] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1845.885822] CR3 = 0x0000000000000000
[ 1845.889860] CR0=0000000080050033 CR3=00000001cec02000 CR4=00000000001426e0
03:49:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000180))
syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x55f6, 0x400000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$RTC_VL_READ(r1, 0x80047013, &(0x7f0000000340))
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
fcntl$setflags(r2, 0x2, 0x1)

03:49:23 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x48000, 0x0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000080)={0x6, [0x800, 0x9, 0x8, 0x7ff, 0xff, 0x7f]}, &(0x7f0000000140)=0x10)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1845.902779] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1845.916737] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1845.924670] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1845.932677] *** Guest State ***
[ 1845.944235] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1845.956022] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1845.956134] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1845.980867] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1845.999814] *** Guest State ***
03:49:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x2, 0x154)
write$smack_current(r3, &(0x7f00000004c0)="7070703026126264657600", 0xb)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x3, 0x400)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f00000005c0)=ANY=[@ANYRES32=<r5=>0x0, @ANYBLOB="26000800e2ac08dc9f3432bf2442d85e032d9bc658a9e718dc5a5500009db56ea24f4ef133c48fc200000000000000e059249098833da973286a72c1185bfc16e106fd6c2e76323fc028459beb5515d8bac6ab0feb5c6b2c25957a9936f5794187f04514e26422d06958980f94047b2425ebf6a5c14151979dd891e66c648659c2a34d3ca1d51db0b55ceeb0c98a9c667f14e1d8f4b3cb262e81d817a4"], &(0x7f0000000380)=0x2e)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f00000003c0)={r5, 0xd83, 0x3, 0xf9, 0x1, 0x8000}, 0x14)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0xfffffffffffffffd)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000580)=<r6=>0x0)
perf_event_open(&(0x7f0000000500)={0x7, 0x70, 0x10000, 0x8001, 0x2, 0x7, 0x0, 0x800, 0x4501b, 0x2, 0x8ded, 0x0, 0x7552, 0x100000000, 0x9, 0xffff, 0x5, 0x0, 0x9, 0xd5, 0x7, 0xfffffffffffff001, 0x1000, 0x7fffffff, 0x4, 0x3000000000000, 0x2, 0x982d, 0x2, 0x3, 0x1, 0x1, 0x4, 0x80000001, 0x7, 0x2, 0x7, 0xbdc0, 0x0, 0x4, 0x0, @perf_config_ext={0xe4d3, 0x84}, 0x1008, 0x2, 0x92, 0x0, 0x1, 0x1, 0x1}, r6, 0xf, 0xffffffffffffff9c, 0x1)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x430642, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1846.003339] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.011437] CR3 = 0x0000000000000000
[ 1846.015709] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1846.018946] *** Control State ***
[ 1846.023358] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1846.031403] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1846.038848] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.040849] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1846.055467] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.058882] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.068022] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.080186] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.088434] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.099702] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
03:49:24 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x400000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000140)={0x2, 0x3, {0x8e0777b6cf9c64a6, 0x3, 0x4, 0x2, 0x40}})
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000040)="d2d8352f17c552c122ac62d15501fa10", 0x10, 0x40000cb, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1846.106830] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.115548] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1846.131922] CR3 = 0x0000000000000000
[ 1846.133878] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.138044] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.148369] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.159750] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1846.159760] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1846.159773] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1846.159784] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.159802] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.159821] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.159837] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.159856] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.182982] EntryControls=0000d1ff ExitControls=002fefff
[ 1846.216581] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.233614] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.248392] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.252561] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.270602] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.271726] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.286164] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.301347] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.316605] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.324791] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.328345] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1846.333258] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.351819] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1846.353229] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1846.370247] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1846.370288] Interruptibility = 00000000  ActivityState = 00000000
[ 1846.377602] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1846.383604] *** Host State ***
[ 1846.391241] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.393728] RIP = 0xffffffff811fa113  RSP = 0xffff88018a91f390
[ 1846.402052] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1846.408147] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1846.416355] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1846.429168] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1846.435792] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1846.435810] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1846.443737] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1846.456571] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1846.456642]         reason=80000021 qualification=0000000000000000
[ 1846.464149] Interruptibility = 00000000  ActivityState = 00000000
[ 1846.470822] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1846.484724] Interruptibility = 00000000  ActivityState = 00000000
[ 1846.491119] IDTVectoring: info=00000000 errcode=00000000
[ 1846.491350] CR0=0000000080050033 CR3=000000017dae7000 CR4=00000000001426f0
[ 1846.503964] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1846.504287] *** Host State ***
[ 1846.510822] *** Host State ***
[ 1846.514346] TSC Offset = 0xfffffc21c48e52fa
[ 1846.521608] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1846.522180] RIP = 0xffffffff811fa113  RSP = 0xffff8801bf2a7390
[ 1846.527835] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
[ 1846.534059] TPR Threshold = 0x00
[ 1846.543626] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1846.545289] *** Control State ***
[ 1846.553468] EPT pointer = 0x00000001baa4f01e
[ 1846.558246] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1846.565215] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1846.572843] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1846.579722] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1846.579870] EntryControls=0000d1ff ExitControls=002fefff
[ 1846.591247] CR0=0000000080050033 CR3=00000001c8fa2000 CR4=00000000001426e0
[ 1846.592118] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
03:49:24 executing program 1:
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000180)='./file0\x00', 0x1ff, 0x6, &(0x7f0000001700)=[{&(0x7f0000000340)="79d77a18523b3353dc783974a8893dc30bc43aa94bd0abd3953fdcba8c21cef655d5029a616bf730cdb828bc6aeb7e8fe7aa2d8bd6db72216529e1f320bec1f708e2fd9e", 0x44, 0xe844}, {&(0x7f00000003c0)="1a0aeef461bb3a2e653b48086a5c923742f839f367000dc22a177cf271764a619bcd56822204b586973bd1d1c6883c2ea0d8609a3cb8fc7413eb6ed05f97ac32f9e43198d31cf785b8243fbac319bb14390c8d1aa55e462139b4c627787bcd673eeebef2709bc0b44e8e796795aa34ee53843df2ba1ea41902f5f222e256c3bbe1c30fac208eca560337edc6c28e6b8d673ab2de9388ba51c3ae2c1fbdd17fa4ec3ee11ffbf3209ecbc362171390b0e78ea914d9c591377ecf070d1770202e83511a5475cfdada41c20eeca2129fb8db052831b7b8475bae1350d0e5cb927819c11fa14beec7f3b9a5b052bc9d6fbc9eced17f05cce227b1c72d8420116a93b3195347c00fdd83fca324ea1155e6aa9527759951c842df6e9e03ae980a52b943ff2192e29264f51e1daa4db563adce2cee1ca6d14e33c77560ca17480aa30fb5e5503e6d1401bb883d1775e14946bf4389d036f907ce665286a11a8c3140969ead5a8738c6a8a11a6aed10220ac8dfd54d2493ab964badbe7bac13a2f165a22782fbb7d96c616205698208059620454797ddea3c23ef7bdeef90b96e06e7eda11fc51c7c9efae3f0689b7062bc58afbc728ba5636e0f03c253617a3292eb43c193cea701eb92d7361567cb0a899279fc3c2ff5ee42c6bfd76b5236487de6ee414aee2176bc0682253c8583230ad201b6235e107bf9b5bf803066f44e2b61d6eafcfc34505995102a9217b44f547d9cd72cf1ce5f124b10d6d91b5e5eb9de236ea0ebaf439d99eeb203dde069242c20b099d4232c43fd5c26ecd5d30a204f2c5d14984a31a82aa6e9da8aab0a69c86507bec74ddc0e14aa001f8dc9f9035ec6d94e78c497b542fccb8ecfa984e9c478d996e64eee38d36acc31e6e08299542a7aa2a4a7b6af4cd245f94c7dda2b2e9342ffe295f49169d676f1d752679c42523e2bc876be581a7534022e4b7d88c1fb27aeaddfc2dbe41b1ca42ec2e8de89c0eeaa307d16fe2fc35151ccc80fdcc6da9745d0c062208fabda2c0889ae614d4e5ac04cdb167c0c1cc30e5918f8d6e973567cfdcdb4ff775746d368a441f48977edf4047d0c6f1a538b43937d07dedb49659311d6fae19013e032a02e246f8300edf281669d3aec8cd3e5c5be70fe72ba2996d2a3678af9470202d4c2abfb9c45e2cf3a2012f336b701d63f927079ddedfa2f939e1714cfdc6e175faabc75fc7b7e5b05875dba91114d25099e1edfaef3ed4ee7ca8dda94b09bcf3c67b4d7a30878fa29c8e1532ef288777f9c442f678018974975f5ea77c1330f1095877e3ae378923e50aaf54df2138d66b99bae5b86dc0f61c27d8dbf6dfcd51cba7dbe1f60a88235e5a56b7cff860ab451ccb0bd5f0d133edc1461aced3efe646fb9747fee5c92fdaa2dc38395145c340d20cea694e637ab88ff06f7ea0b53c8c81fe0c48b931b99796cafe267bfe143cb6199a445e9799a68ec1b73dca6ecbec510f3229ddc333b13c18cb9c72947fdaab8b7e9803d1ce76fa963f9c4f8261b0e3b57ecb40518b848606d0d1e838886f8cc7dfd536941e0b519c7b3b7e767ca8dbed150c7eaf763e3f7ac25f96e85cbaeff3a11d3a870296599a8ca68ea69836858fc031d94d9fd2b6726c946b478afa58ce0f853a14c1e560cdfb054de5e4a89bc935cc494b1e27b1d2090619cbdbb1bfe50e342a23fe01b5ebf9f4d12a15660bcf97435d454d3f977bf898afbcc7ea1a44136f8f68fd1241d79d648306dea36ea20da3802b1baf48c6034f2e78b7b3e9ae708c1ed3f27f13b979af986ecaf9ca96320e5c0aeae69e11a7b2ced3a9f4550e0dbec3940fa5c5551cbff0beea42caaea5a92f01af6b0671bdec42d73b5cea2d6cdb9e3adf49d33513893f431d1ab0c0605434089f8feecb680bcd3513f14e425ca433102e56c47d7c553f1ec2dc7ed56f5eb486ebfec25331a3ffb7ae5d26b991bb55bfcce5dc588c0052b0eb4ef1e833affc629d7c69f86359e4eb027f466cbb62cb3667c65b5616dcb49883b5aa12825db23db6d31494396b22b1df1ba03998157f3284ff990edfcfe78fb687890facc629da8c63ed5f0d0ed721c40753f6bed6283bc1e61d40c6f255a38343279474aaef31f58b3774b6b5fbfaf092f6651a1f3cf4c27b0de03216801f82003bcd5cb80542c8fd2e7888aae86eda54a4a05e9fdf422712bf6a087780109f51c047040846e6e26a0c8d1505109c04070dc674a68a62ef60a1213091dc392e36e4221c5294be0572261b6e64cf0283ff279b29aeb7beb11f804e4a18b109c195ef4a9b05e5eca7c511b2a3e853535b88e61929bde64e3d7ab079810c12bb940f5c58d36f8e9960f90ea7e50ea4d29b96ca60703781cad998029984b2ec469be634b5380bc446cafdcd3c27ff153d08107d89e7c8f1c039186f8fdfa7e1af5aaaf8c53616c4f570b47a6b5e66b8443aa68b2a2ce74d2c60d60e6a059bb57f68499714288813b81e786879e53239d09dec012729bebfb1275649228a049bd0939c6c2c31636a4b2c745d06f64be26bd131f53a0176ec03547ee9187d69c4fdd4d6244bf3abd52c81be9eb802a82447faa995e3a693713409243199e1a80bef4f72a91b79f4c1a6023826b4705f0a93ed07e564be3b26873d293bafbb06c399fc5e8559a985b9a2955f31280108ec5b0e26a3fd095e99e5927d1a2e72a4a74d9616279bb258bf95a933ec7e65d3e35e188e3cc934619a5de3443e12211441b1fd4c572ac4b440115ab8536a9551f80037ea3881696b1be2ad8f7b4981671dd80986f5ece89c4fedcf0b7ba133cf6f9ffc81648a709bd681db5d1d067ba12793833c9eceda1949ea98cace61c3ea76b7feaeb64286f3ce8b8e69ce7f4699cacd9647fe9384dbec76843bfa829dacb67afc43c60431a0a5ef4ab5832cc6eddba8e35a4192002b41686731dde617549b88f528cce3121be797029f0f55aa584ba78b223e1a8e85c576bf30a8f85fed930c8235e7c33aa6f98411001868daf07e8ca428d5322cb38dff846b91c44a9375adeea0fed3e988c7d0b544b9399f81197bacce6db80540357c4f9efa2f238340ab44a3ecac323cbbaf065a652d00420d0184fca0591bc92fafd0095fac86f016d5a114e780d98c62f130db069d73566bb9a62724c3874f57c3a7cf422f31e4ba7960efa01f9adeda7d587f74fcad468b03af48da37f9ff25477ae9f4f2051083b33a4dad1f065bd42382ab645324b03112ae2353fe5e4b4a89895b95f67e5bd6d2de03d1e65c86ac259ee3bbda3a7f4c1125e5090c1b06a626a3c520d1937f22064f7e847e895d57b23e65abd381ccc3f3d29c4cf56b35d3f61f7b08e487e438e9839c5957c93e36eccd0853230cebce3698ee62193694f216087e171eb4bd5c4fce9962d6b908b6d26e6d741f2e1f914a7412ece28fcea5499f440ccbe1c3c9142542a2044b76843e908138ebc73f72802dedbf569103d2cdd73d0ed57c1ad5ea197a615e9442505cc90bb91aa35a8a1324366e9106832f0840620307966fb169e05a143e122134ea40c1fdb4c3d922408f888b52685a6483b134fdeac090a4a381ec120ea9945d088ba90c161656d270ff917861c3467d2eebd60609b51cb078fce6b4bd697a3de8190495275d9c33e069c3f0ba72ac646b210a84ffa99a0f38928a7f8997f1888173b0cb9c82bb12b542ee3d6e97c337f08d0cd76fce0884b29298ded3e939c1626fddfa5f8e52b1cf21822fee33b5b4cb28c78af0cfb366ba8a6ee2a3c9dc744cdb9baaedfc80563faa103b63020a612e043c539b63b998966330f60f0e6765a7e89ea9b7143d6b5446636d309a10ed336f398988c96a3bf4c605b0fa0d8a87f3ddff95d9c5faa78a12eebc8e121231e4b86acff3be18f878b4231a5819de53e44d099b9288bfeb6e384e02197e579d84793ae12148048466e46c34bd9f13f96aee16520e2ccd92399032352dd7d9342d11eb4583162d2c8385e71241fe3647ae09e273896020c6569021ba4c0cb14de5a76b23d70c0805a4d009e38b895d19cceaa5f73246349dae817cc26988cd39036b68a2d0ad066e5d02effd33ca6bf6ba9be16ffc2fff1b32e5f6873d2f23b34abdf5c478bb55259fd303688c74efdb43aee4a1b5600bd48c9f936b0daa6ff31801fc6d3e5d2e96a5be3e8eb4b069bcaf93a01fd56827ad7b22a0266144d25d7522f183219b4d16fee09fcb267ed10dba4bc25c967497a0d4d3281ee78f0fa09071e50e5a97124a761375c56586d8f4a0423c89fe034f536c9b91059a16bf17f33859c57d6651d400b0ea524d9002963e15a216b850ba94a254a3c2c5b171e1c097fcfbde1902b7bba40190d97038360d28caf5f8dd904040b9f47828d51d3e98000cfa19e9219ab6a0b45fdc6d319b8ea7a52fe7a03e48853d5b5c4be5ede0daf1d880b7c2ead81f9a938b7bfdd5c5c4bc678eb9277f876dee7b51b07a379ad290a1fb1518d07808299ab3e0a75d0bdc4f532d2204ef358f63c3bdeb28d94afc4e33d44b5f7f3467171f1cf2ff22e176d8dd88fff97fd3e983eb9d1687f85a39ac7b1fddddfcea400401741f9b0634bd431d4101744d1c4871108e0eec239c2681c6b32c59db423b33c5dbe8c4034c7c2c1cc2fadaed51f4865ed8c77ff7f708ec95c7eda7abd5c6ad81a013f17c670081d200e9bad1b61a741e1afc6e8d3605679f3ae0229cbf5aa8159dc0504965bfb03dd6b1d8c09ccaaa509fa2fba21cfe77f8cea411d618f473d45c81f739018b91abaf82c9c48fc304a2ddde240ab614b998c667fc34a52cf16208fb6fdf58cee153e6bd8565247851cfc163453202e7a001fa94e653f30d4500cd4fe6b1d5a4c5042b5b45ef371839d3d6b091e532b337632a392a0a940589475f373842a6359235761a7fed2dc5e3d97895c038365cef7bae360657ccd6c9711f67827eb2e62b1c773fdce92fc0368b3e93335e40f2b31785fc56a9ecef4bd99cf2eeb7674b0b238c23282e67e1ce9ec37648b72b5e68994b201971931023150399213c978aa8fc7b30155516f876d3e2e4f65ef189f215039c36c1c096ba4f4499cd6c4771c7c435af77d3618282c6fd2ccff0e9d7a4ce886dd41336a0306fc6267be0526f2af1e6d1f36532a485897e63411f2c49d5672905d49dd530bd56f07dd0ba38cbc6d051172280d6f9d0b427ca6d41afe0cbed31ffc04d10c879e2a9319b7b3f2ba2a5fac8352694bd01cd29926d2549e5a1bf1e147cd095e7cc99a043f23d63ea58575ada67729fc150e5933525291d981e22fd4905580cb8696f45767b85fce2c46e34d5b58dc5bb422b31999f2d5143981631801054f1595aea7be5f04f2a9045d0499aeb9c3940a2f9b4b5dc39a3a57edf7edb926c957ef0eb91c2a93a2df42bf18934afed5b16fbc03b9b818b7643f5c8da492cff952b09eae38deb3b1c44a7331687e9431a41b7384e20bd6982c9488af08f8aca0e95586eafb1201c6d05f477c9635b3607bd0f1937461e72e93ef4f2ef8e7dc93be026359d6fefa81fbe2bd650d3e79ab8495ed8535efb16cfa06af1c083b3d1eb8f0f6e847803d301601e929f0ab05d07cb290985a4e3b869b724615a0c9e4e1b18915e4f10cb7ea0eb815131e7d90ca39a8aaa67d44ea8422d732ecf570f0c9f812369e0f3147de80efbf4e082ae29c05e882ac29ab87e6dace4bf032b29a89b0abc0f6b285b64c21657c371776f476d3b2d31ab1dcb33025203701963a57fa1c287f230fd08727f45eaf4f9eeb8c0227958797151fadf970", 0x1000, 0x7}, {&(0x7f00000013c0)="424981b27ce1a347191606d08a7325cbfdbb6388e26dc3c2dcf5c3d3f7d31c632562b443b3ce814a49dfcc4be18ade2abdd341be4f8784b7ac5af4f97d2e4ee463ad202a26872b60d923b6022f4e394c1a2b4191a83ced13201c32f7287a5a8316298936210bb4298977490a1385725647e460c8b5478edbaa63ea6f0732df70d482aff200185361794a90b334d71d0f2a0920fc1803fe7b87652aa571685be4d50f18b18489e777408fdc445e1d7e60660454b245e44c46eb3ec3df4a0cfcef24a31216c6e05f7aa1042df7", 0xcc, 0x31d5}, {&(0x7f00000014c0)="55a73d575d7ee47f52f39c4dd759d4b3f1d6ab95e4a80d63530f2b81b376616161a8d78d83dff46c5788be89dfffce7f7c25b7bb4bfdd1d5228164fd9b4b6eb6b8809b791fd190c33a61ac6221e7e65f6dc73af95d82b096b06d55fe00a07668bca237d6b90507543519cb8d5de8e32a64f96b7388447c03ff5420b0dae23e3e909f35b05b94ff488cfcb8da79705cedb25d944d9b75bdabfe9e8aad6c41f8a4e0bd11265202bf265babcdcf5cdbb60d5f3af1df80a4bb935b40c5152354e747e650c879889b116adb128e62f6fb1384f95d44ca38e3ea13e079", 0xda, 0xaa7}, {&(0x7f00000015c0)="7f9c3c36515dec9c3382156248d468b48b50dc78a1b53c6c640167faece719cec15966cd6f6fb17066d46ee90dbc5076db0faeb8fb9d43ca1c4459d5c808978b5498d75c6546c991e4be40e251682596adc29072400b6bb38a86b5594a70a8edfd985a86ce425baf2002bbd81dfcd39095c60696ec34c613fe9a17858dfe3b9097daaab2d9ed790dd0289e5d1a518675a5910a7ccaa163a27d96dc9b3bf70eec810b494649d6d22dbb868558a6a6053bcfbaca45476041bce7341ec9a72167456e9221d16152cd603ac342eec08a5d07dce0eae42fed8b1ee3606dbaba2feb5caff2a0f7", 0xe4}, {&(0x7f00000016c0)="07caa8d7d55d84075420", 0xa, 0x6}], 0x800000, &(0x7f00000017c0)={[{@space_cache_v1='space_cache=v1'}, {@flushoncommit='flushoncommit'}], [{@obj_role={'obj_role', 0x3d, '/dev/kvm\x00'}}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001800)='/proc/self/net/pfkey\x00', 0x800, 0x0)
ioctl$RTC_UIE_ON(r1, 0x7003)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:24 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={<r1=>0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000002c0)={r1, @in6={{0xa, 0x4e22, 0x2, @loopback, 0x4}}}, 0x84)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r2, 0x0)
bind$inet(r2, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x3, 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r2, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
setns(r3, 0x58000000)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prctl$getreaper(0x1f, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xfffffffffffffffd], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1846.611061] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1846.614958] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1846.627034] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1846.638870] *** Control State ***
[ 1846.639934] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1846.642428] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1846.662697] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1846.679275] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1846.683432] EntryControls=0000d1ff ExitControls=002fefff
[ 1846.687889]         reason=80000021 qualification=0000000000000000
[ 1846.697095] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1846.700574] CR0=0000000080050033 CR3=00000001bb72c000 CR4=00000000001426e0
[ 1846.715235] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1846.722105] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1846.729811] IDTVectoring: info=00000000 errcode=00000000
[ 1846.730556]         reason=80000021 qualification=0000000000000000
[ 1846.742110] IDTVectoring: info=00000000 errcode=00000000
[ 1846.745259] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1846.748054] TSC Offset = 0xfffffc21564548f0
[ 1846.759007] TPR Threshold = 0x00
03:49:24 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:24 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x3)
setxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='security.capability\x00', &(0x7f00000001c0)=@v2={0x2000000, [{0x0, 0x3}, {0x9, 0x6}]}, 0x14, 0x2)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1846.762514] EPT pointer = 0x00000001d33e101e
[ 1846.764915] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1846.773100] *** Control State ***
[ 1846.781862] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1846.791899] TSC Offset = 0xfffffc2162088d1c
[ 1846.810700] EntryControls=0000d1ff ExitControls=002fefff
[ 1846.819171] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1846.826878] TPR Threshold = 0x00
[ 1846.830261] EPT pointer = 0x00000001c1d6901e
[ 1846.847313] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1846.854576] *** Guest State ***
[ 1846.878809] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1846.892315] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1846.910492]         reason=80000021 qualification=0000000000000000
[ 1846.917809] IDTVectoring: info=00000000 errcode=00000000
[ 1846.923345] TSC Offset = 0xfffffc2172ff2bb4
03:49:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000340)={[0x3000, 0x0, 0x6, 0x10d000], 0x400, 0xca, 0x5})
ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000000)={0x3, [0x0, 0x0, 0x0]})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x0, 0x10}, {}, {}, {}, 0x40040010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x0, 0x2000000000000000]})

03:49:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x1, 0x2, &(0x7f0000000600), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:24 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
userfaultfd(0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000740)={<r1=>0x0, <r2=>0x0})
recvmmsg(r0, &(0x7f0000000680)=[{{&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)=""/147, 0x93}], 0x1, &(0x7f00000002c0)=""/148, 0x94, 0x4f8f7ae8}, 0x20}, {{&(0x7f0000000380)=@in, 0x80, &(0x7f0000000240)=[{&(0x7f0000000400)=""/193, 0xc1}], 0x1, 0x0, 0x0, 0x80}, 0x8}, {{&(0x7f0000000500)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000580)=""/95, 0x5f}], 0x1, &(0x7f0000000640)=""/38, 0x26, 0xffffffff}, 0x3}], 0x3, 0x0, &(0x7f0000000780)={r1, r2+30000000})
sendmsg$alg(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000d40)="a7339a6de9215e0196bea87485891dd2be41c200006e9442123764d7febfd939a07427ba8f7f59f040819af6b0c722b1cfac8b506a02628e1a8604026f567e577d9604bc2486f032daf7f0b8e8707ba98abc825d341f8d16fde103ab5997106b75d1cc201185b7021f73a43204ecc306453ac04be668b1b19f4bc83807037818f4144c03d14b8b65f5d6e9e7fafd7339af4b61637d1da3b25c7a89f30f47e4c9739034cca3537586dfeff0c789918f3979e7e9c62dc88fe0f7a0a75de3c032b2b7692c8843aa80c2720044a71d", 0xcd}, {&(0x7f0000000800)="d3e17525ccaaf09772fd32d59c8d98fdf432534643e85ad7fb36e13fa29b0c3eb47aa339976cfe0c1e5ce8f876c542388d2fd6773e755285e607cf3be393f081b3949b214d12141ff21bfdddd56fb3fed0ca5c9ee7390d9358c917bd17c17cddc837b63014df52fcf2b7cc30a4beb9a9b7ca0c115fa9ef54b85a4e63e0644e999406a492d90263eb1a2eaf82fa4ae987a29f3abab8203768ce74fca26cecca0629f7351f3e408a68690885e5f26668d1da4e2c934fd058fef0c309bbc2a8b17e93f33343d6f244e424e0bc340c", 0xcd}, {&(0x7f0000000c80)="edebe0ce099754fa3b9b54355a48987e0ef2d042c5e073da652aa4233fba14c55043ca8dd73929784aa891ae103780621d39c7f1b1a5b4d0c6b2bf3e91055ff8da124acb4681c00000f74ac161c17aad1237734feaa7d53d2b016d91022ef2a539c38804886c77b972c16ef3b88fa3beffa4f32bd69e34b82bde1b8543ea3c5d5289b351cf91f3df3a8431988d2159b758411378d9c9d0c5c2bf6b3b821c485f8c46dd88344524e6f5634bdff9c1ea0861c6098ded", 0xb5}], 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000018000020000000001701000004000000850000000000000020000000000000001701000002000000000000b8000000000000001701000002000000000000008fc91b29aa559ac3978e970b730fbf1bbc87b938f6b184ec6eceb66e3bc1be91be5ce3b59e1af4b06a5d8c5c1cdc5593ccdcb66165f52ff8ab509a753c0a5e52547a1490fb04c8901304721dba1056fc16af9173862ceedde8d2e112432e1a6dfb0c5ae7dc98612753929ea5bb97e19ac8002406ef36f13890c5b718d142e46e485240495d72509d255ef57506c2f6d89ff48a6513c71f1d36695cf614377fb0f94772001800000000000000170100000370de52d8ad9637f8572f000000010000000000000018000000000000001701000004000000008000000000000008010000000080001701000002000000ed000000046923dbfd869acc0eb464ae5b1ffc038785520af093a48cfb9b6c055398ef4714ce4b2ebcf13e65494a6773731d32bba5bc4bf97ed2805ab30a8402c97764b577eadc4d7654590fb6fc09958661dee9c9705950b820502025cdd84d3146cc9e8f7e43f3e48b2fcae67ad27188457e29877339e0a68f91733482b0608fb166ae9c3228eab4da49c61f22f949c0cd2b2e8d8f3d11494912cdf8b4abfbfce8e3fc48e42ced26cfe8d8b1d5e5b70ec5a53302972da8f9f1b75343506f74156e96b264259e0c3ffdc94901a782cfda4d3faca6fe835528af6e4254f18f9934c06baea3ab06ea0e030000000000000018000000000000001701000003000000000000"], 0x258, 0x800}, 0x800)
bind$inet(0xffffffffffffffff, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1846.927904] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1846.942331] TPR Threshold = 0x00
[ 1846.945915] EPT pointer = 0x000000018a9a501e
[ 1846.966582] CR3 = 0x0000000000000000
[ 1846.970426] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1847.010181] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1847.026217] *** Guest State ***
[ 1847.029735] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1847.039203] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1847.040964] *** Guest State ***
[ 1847.046356] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.057394] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1847.058512] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1847.076032] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.077844] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1847.084608] CR3 = 0x0000000000000000
[ 1847.097167] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.105565] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.114528] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1847.121083] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.129828] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1847.133365] CR3 = 0x0000000000000000
[ 1847.140272] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1847.144289] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1847.147400] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.162774] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.168859] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1847.172397] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.180008] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1847.185188] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.191668] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.201346] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.222516] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.236337] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.244525] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.246757] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.261306] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.269693] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.278176] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.284064] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.287512] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.299872] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1847.303324] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.319879] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.328354] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.343292] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.346579] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x88000, 0x20)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000340)={0x200, 0x3, 'client0\x00', 0x0, "8f78a98b13ba359d", "04eb86058fdb7bce36bf0d8ace938f47c989dd4582c955d93aebfd3adc3afcae", 0x17, 0xe14})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x2000, &(0x7f0000016000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1847.351850] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1847.367086] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.387114] *** Guest State ***
[ 1847.390464] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.391685] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1847.403571] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.407284] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1847.413529] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.430042] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1847.430058] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1847.445547] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1847.445907] Interruptibility = 00000000  ActivityState = 00000000
[ 1847.452110] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1847.459007] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1847.466173] Interruptibility = 00000000  ActivityState = 00000000
[ 1847.475704] *** Host State ***
[ 1847.487095] RIP = 0xffffffff811fa113  RSP = 0xffff8801844ff390
[ 1847.487226] Interruptibility = 00000000  ActivityState = 00000000
[ 1847.493643] CR3 = 0x0000000000000000
[ 1847.499611] *** Host State ***
[ 1847.503544] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1847.506526] RIP = 0xffffffff811fa113  RSP = 0xffff8801d2947390
[ 1847.519017] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1847.525417] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1847.533341] *** Host State ***
[ 1847.536901] RIP = 0xffffffff811fa113  RSP = 0xffff88017e78f390
[ 1847.543003] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1847.545773] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1847.549365] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1847.561647] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1847.569069] CR0=0000000080050033 CR3=00000001ccb0e000 CR4=00000000001426e0
[ 1847.576287] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1847.577544] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1847.591271] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1847.599219] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1847.604293] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1847.606275] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1847.617970] CR0=0000000080050033 CR3=00000001c2ed9000 CR4=00000000001426f0
[ 1847.618114] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1847.631477] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.639789] *** Control State ***
[ 1847.643327] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1847.644958] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1847.657046] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.665357] EntryControls=0000d1ff ExitControls=002fefff
[ 1847.671243] CR0=0000000080050033 CR3=00000001c0258000 CR4=00000000001426f0
[ 1847.674922] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1847.678736] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1847.691760] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1847.693518] *** Control State ***
[ 1847.698761] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.710271] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1847.717931] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1847.726021] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1847.730324] EntryControls=0000d1ff ExitControls=002fefff
[ 1847.738368] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.746448] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1847.746967] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1847.760162] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.768587] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.769135]         reason=80000021 qualification=0000000000000000
[ 1847.779641] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.783104] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1847.791231] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.808157] IDTVectoring: info=00000000 errcode=00000000
03:49:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f00000001c0)=0xe8)
mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x8000, &(0x7f00000004c0)={[{@mode={'mode', 0x3d, 0x5}}, {@mode={'mode', 0x3d, 0x1ff}}, {@mode={'mode', 0x3d, 0x81}}, {@mode={'mode', 0x3d, 0x5}}, {@mode={'mode', 0x3d, 0x686}}, {@mode={'mode', 0x3d, 0x8}}], [{@fowner_gt={'fowner>', r3}}, {@obj_role={'obj_role', 0x3d, '/dev/kvm\x00'}}]})
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1847.814322] *** Control State ***
[ 1847.822318] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1847.830521] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1847.842390] TSC Offset = 0xfffffc20c976586f
[ 1847.857466] EntryControls=0000d1ff ExitControls=002fefff
[ 1847.863129] TPR Threshold = 0x00
03:49:25 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0xfffffffffffffffe, 0x21011, r1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r2=>0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000040)='(}cpuset\x00'}, 0x30)
fcntl$lock(r1, 0x6, &(0x7f0000000140)={0x0, 0x4, 0xc000000000000, 0x9, r2})
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1847.868885] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1847.870087] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1847.884523] EPT pointer = 0x00000001baf8a01e
[ 1847.894693] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1847.903113] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1847.910353] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1847.917725] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1847.924029]         reason=80000021 qualification=0000000000000000
[ 1847.934772]         reason=80000021 qualification=0000000000000000
[ 1847.944753] IDTVectoring: info=00000000 errcode=00000000
[ 1847.947975] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1847.955369] TSC Offset = 0xfffffc20e1deb7cf
[ 1847.963136] IDTVectoring: info=00000000 errcode=00000000
03:49:26 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x80)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r0, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x24, &(0x7f0000000080)=0x2, 0x4)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
r2 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x5, 0x2000)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0x0, @remote, 0xfffffffffffffffa}, @in6={0xa, 0x4e21, 0x3ff, @mcast2}, @in={0x2, 0x4e20, @multicast1}], 0x48)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1847.971592] TPR Threshold = 0x00
[ 1847.975185] Interruptibility = 00000000  ActivityState = 00000000
[ 1847.981722] TSC Offset = 0xfffffc20c7657328
[ 1847.985351] EPT pointer = 0x000000017d82201e
[ 1847.987463] TPR Threshold = 0x00
[ 1847.992931] *** Host State ***
[ 1847.994602] EPT pointer = 0x00000001c6f4901e
[ 1848.003882] RIP = 0xffffffff811fa113  RSP = 0xffff88017f927390
[ 1848.010214] *** Guest State ***
[ 1848.014757] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:26 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0xf}, {}, {0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x4, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000180)={<r4=>0x0, 0x80, 0x4}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000380)={r4, 0x10, &(0x7f0000000340)=[@in={0x2, 0x4e20, @rand_addr=0x200}]}, &(0x7f00000003c0)=0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0xfffffffffffffffd)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1848.057798] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1848.089214] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1848.099349] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1848.107528] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1848.113976] CR3 = 0x0000000000000000
[ 1848.118546] CR0=0000000080050033 CR3=00000001bd16e000 CR4=00000000001426e0
[ 1848.126882] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1848.139600] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1848.146254] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
03:49:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1848.153055] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1848.159889] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.173565] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1848.184913] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.196193] *** Control State ***
[ 1848.200327] *** Guest State ***
[ 1848.200341] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1848.200353] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1848.200358] CR3 = 0x0000000000000000
[ 1848.200365] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1848.200386] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1848.200401] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1848.200413] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200432] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200452] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200469] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200489] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200506] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200519] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1848.200538] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200551] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1848.200569] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.200579] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1848.200590] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1848.200599] Interruptibility = 00000000  ActivityState = 00000000
[ 1848.200603] *** Host State ***
[ 1848.200615] RIP = 0xffffffff811fa113  RSP = 0xffff8801d7d5f390
[ 1848.200639] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1848.200650] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1848.200666] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1848.200753] CR0=0000000080050033 CR3=00000001beded000 CR4=00000000001426e0
[ 1848.200769] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1848.200780] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1848.200784] *** Control State ***
[ 1848.200793] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1848.200800] EntryControls=0000d1ff ExitControls=002fefff
[ 1848.200813] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1848.200822] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1848.200830] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1848.200838]         reason=80000021 qualification=0000000000000000
[ 1848.200845] IDTVectoring: info=00000000 errcode=00000000
[ 1848.200851] TSC Offset = 0xfffffc20286fca1a
[ 1848.200856] TPR Threshold = 0x00
[ 1848.200865] EPT pointer = 0x00000001bca3601e
[ 1848.224442] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1848.232391] EntryControls=0000d1ff ExitControls=002fefff
[ 1848.245048] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.285587] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1848.294039] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.301809] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1848.309988] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.339336] *** Guest State ***
[ 1848.351615] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.384925] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1848.395969] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1848.405234] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1848.435426] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.437873]         reason=80000021 qualification=0000000000000000
[ 1848.455020] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1848.466779] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1848.494911] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.497161] IDTVectoring: info=00000000 errcode=00000000
[ 1848.524555] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1848.531541] TSC Offset = 0xfffffc20981f44ab
[ 1848.539596] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1848.584088] Interruptibility = 00000000  ActivityState = 00000000
[ 1848.594943] TPR Threshold = 0x00
[ 1848.605797] *** Host State ***
[ 1848.615078] CR3 = 0x0000000000000000
[ 1848.615087] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1848.615097] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1848.615111] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1848.615122] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615139] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615163] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615176] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615191] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615206] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615216] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x4f8, 0x102)
recvfrom$llc(r3, &(0x7f0000000340)=""/208, 0xd0, 0x12040, &(0x7f0000000180)={0x1a, 0xf, 0x4, 0x9, 0xfffffffffffffff8, 0x1, @link_local}, 0x10)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {0x100000}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:26 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x10, &(0x7f0000000040), &(0x7f0000000080)=0x4)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:26 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:26 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x10000, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r3, 0x40045731, &(0x7f0000000180)=0xe907)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
openat$cgroup_ro(r3, &(0x7f0000000340)='pids.events\x00', 0x0, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1848.615231] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615242] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1848.615258] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1848.615267] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1848.615276] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1848.615284] Interruptibility = 00000000  ActivityState = 00000000
[ 1848.615287] *** Host State ***
[ 1848.615298] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1848.615320] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1848.615332] FSBase=00007f1e5f216700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1848.615341] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1848.615353] CR0=0000000080050033 CR3=00000001beded000 CR4=00000000001426f0
[ 1848.615366] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1848.615402] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1848.615405] *** Control State ***
[ 1848.615413] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1848.615434] EntryControls=0000d1ff ExitControls=002fefff
[ 1848.615460] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1848.615468] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1848.615476] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1848.615497]         reason=80000021 qualification=0000000000000000
[ 1848.615517] IDTVectoring: info=00000000 errcode=00000000
[ 1848.615522] TSC Offset = 0xfffffc20286fca1a
[ 1848.615526] TPR Threshold = 0x00
[ 1848.615533] EPT pointer = 0x00000001bca3601e
[ 1848.619863] RIP = 0xffffffff811fa113  RSP = 0xffff880180457390
[ 1848.619886] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1848.619898] FSBase=00007ff4ae3a9700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1848.619910] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1848.619924] CR0=0000000080050033 CR3=00000001ccb0e000 CR4=00000000001426e0
[ 1848.619938] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1848.619949] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1848.619953] *** Control State ***
[ 1848.619961] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1848.619968] EntryControls=0000d1ff ExitControls=002fefff
[ 1848.619980] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1848.619989] VMEntry: intr_info=8000007d errcode=00000000 ilen=00000000
[ 1848.619997] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1848.620004]         reason=80000021 qualification=0000000000000000
[ 1848.620011] IDTVectoring: info=00000000 errcode=00000000
[ 1848.620017] TSC Offset = 0xfffffc20c976586f
03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x2, {{0x2, 0x4e20}}}, 0x88)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000080)=0x2, &(0x7f0000000200)=0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r2, 0x0)
bind$inet(r2, &(0x7f0000942000)={0x2, 0x4e20, @rand_addr=0x9}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r2, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1848.620022] TPR Threshold = 0x00
[ 1848.620029] EPT pointer = 0x00000001baf8a01e
[ 1848.628953] EPT pointer = 0x00000001cdf6901e
03:49:27 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r1, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:27 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0xfffffffffffffffe, 0x0)
syz_mount_image$f2fs(&(0x7f0000000180)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0xa9c, 0x1, &(0x7f00000004c0)=[{&(0x7f0000000400)="a5e63a37f105f60336da1e1084ee74c989fd1e74b0286363c2a160a97e4e66392405cfdaea521b16ad602cbb1b4c339d5c8ed46c77dda42058e1f32e81809910eb8e85349c1628969763164c9aef75727d97a2e6a3d9596308c9fc8270", 0x5d, 0x6}], 0x10, &(0x7f0000000500)={[{@lazytime='lazytime'}, {@grpquota={'grpquota', 0x3d, '/dev/dsp#\x00'}}, {@inline_xattr_size={'inline_xattr_size', 0x3d, 0xefbf}}, {@alloc_mode_def='alloc_mode=default'}, {@jqfmt_vfsold='jqfmt=vfsold'}, {@discard='discard'}, {@background_gc_sync='background_gc=sync'}, {@inline_dentry='inline_dentry'}], [{@smackfsroot={'smackfsroot'}}, {@dont_measure='dont_measure'}]})
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_extract_tcp_res(&(0x7f00000006c0), 0x400, 0x8001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000640)={0xe, 0xfb1, {0x57, 0x9, 0x4, {0xd88, 0xfffffffffffffffa}, {0x8001, 0x2}, @period={0x59, 0x2, 0x80, 0x7d3c, 0x3ff, {0x7, 0x80, 0x2, 0x85}, 0x4, &(0x7f00000005c0)=[0x4, 0x7, 0x19, 0x7fff]}}, {0x53, 0x87, 0x4, {0xaa74, 0x7fff}, {0x9, 0x10}, @period={0x59, 0x3, 0x80000001, 0x401, 0x40, {0x1, 0x3ff, 0xda66, 0x8}, 0x2, &(0x7f0000000600)=[0x3, 0xff]}}})
readlinkat(r3, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)=""/140, 0x8c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x10000, 0x1000})

03:49:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

[ 1849.095180] *** Guest State ***
[ 1849.114608] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1849.160324] F2FS-fs (loop5): Unable to read 1th superblock
[ 1849.173732] *** Guest State ***
[ 1849.185742] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1849.199346] *** Guest State ***
03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x10000000000000, 0x21011, r0, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @empty, 0x8}, 0x1c)
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x40, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x9bf8a22df0919760)

[ 1849.211198] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1849.212746] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1849.232038] F2FS-fs (loop5): Unable to read 2th superblock
[ 1849.233802] CR3 = 0x0000000000000000
[ 1849.243650] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1849.247917] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1849.256523] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1849.278710] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1849.285144] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1849.292857] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1849.295216] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r2, 0xc0385720, &(0x7f0000000140)={0x1, {0x0, 0x989680}, 0x1000, 0x1ed8022a})
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xff, 0x4180)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1849.305555] CR3 = 0x0000000000000000
[ 1849.321687] F2FS-fs (loop5): Unable to read 2th superblock
[ 1849.328814] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1849.333896] CR3 = 0x0000000000000000
[ 1849.343532] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.351053] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1849.379715] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1849.386095] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.395067] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1849.405640] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1849.412475] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.414033] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = accept4(0xffffffffffffffff, &(0x7f0000000340)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000000)=0x80, 0x80000)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000003c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000400)={'vcan0\x00', r3})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = gettid()
r6 = gettid()
rt_tgsigqueueinfo(r5, r6, 0x3c, &(0x7f0000000440)={0x12, 0x8, 0x2, 0xfffffffffffffff9})
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x800, 0x0)
ioctl$EVIOCGUNIQ(r2, 0x80404508, &(0x7f0000000100)=""/92)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000080)=0x3c4)

[ 1849.437228] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.437351] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.459040] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.477867] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.484837] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.494093] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.504862] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.521311] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.538908] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1849.547067] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.566105] *** Guest State ***
[ 1849.569612] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.577312] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.579923] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.586617] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1849.602507] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.611079] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.619412] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.619850] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.627944] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1849.647528] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1849.656729] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.670251] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1849.678637] GDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x640480, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000300)=<r3=>0x0)
r4 = getuid()
getresgid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=<r5=>0x0)
sendmsg$unix(r2, &(0x7f0000000440)={&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)="6ef420fb8238cd3cb3c5b1c9f3adc2bc82d362d319a3dc657eeb3baad2c2a2dc062f2cd9963e26345c47fd4d8c996be316d35aeccaf613d8", 0x38}, {&(0x7f00000001c0)="ea7154d224c49c3208d7f9835be9d4fe085326607d9c8fd1ffdee40b84682b17e4a4ef961d62e5a6a3d1e2e20d449a2683e3e7762ca0396a248d6676a8b633b1461f6eee124b2143167a1f00746dc1510f813339fe7aefbdf2d2e61c605b6d1b4dab27ce9b15ca00d3f7d73ae68292b2666df0f2772f54a4048a9fc4c10fac9c829f11c111b2e4f830bc3d0b98fff013f952eb0e55c363582408f8836b9b7480882546", 0xa3}], 0x2, &(0x7f0000000400)=[@cred={0x20, 0x1, 0x2, r3, r4, r5}], 0x20, 0x80}, 0x40)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
accept$alg(r1, 0x0, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f0000000480))
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1849.683536] CR3 = 0x0000000000000000
[ 1849.690096] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1849.696416] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.706279] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1849.712621] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1849.712628] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1849.712641] Interruptibility = 00000000  ActivityState = 00000000
[ 1849.728673] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.742614] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1849.755521] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.765423] *** Host State ***
[ 1849.770016] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1849.775449] RIP = 0xffffffff811fa113  RSP = 0xffff8801d3bd7390
03:49:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = accept(0xffffffffffffffff, &(0x7f0000000400)=@ll, &(0x7f00000004c0)=0x80)
pipe2(&(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000540)={r3, 0x3, 0x3, "4b9c0f965325791f9c348880017cad4c529f3d74e540a12017fc57ada778eae9fb50a6b0bac7c66b555fbce924733ddf3a6bbc429a4631635a7188bf6faae56b1ccec8c7239ada5bc0e676c132ecac"})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
r5 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={<r6=>0x0, r5, 0x0, 0xa, &(0x7f0000000080)='/dev/dsp#\x00'}, 0x30)
mq_notify(r4, &(0x7f00000001c0)={0x0, 0x3e, 0x6, @tid=r6})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1849.777021] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1849.787361] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1849.794794] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1849.803779] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1849.811525] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.820667] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.822477] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1849.829049] Interruptibility = 00000000  ActivityState = 00000000
[ 1849.843149] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.851370] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1849.861677] *** Host State ***
[ 1849.865134] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.873946] RIP = 0xffffffff811fa113  RSP = 0xffff880185117390
[ 1849.880186] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
03:49:27 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x4000, 0x0)
readlinkat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/114, 0x72)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x5)

[ 1849.888815] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1849.895949] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.906842] Interruptibility = 00000000  ActivityState = 00000000
[ 1849.913238] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1849.921364] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.929575] *** Host State ***
[ 1849.940357] RIP = 0xffffffff811fa113  RSP = 0xffff8801b947f390
[ 1849.955508] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1849.961626] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1849.971858] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1849.984519] CR0=0000000080050033 CR3=00000001c06fe000 CR4=00000000001426f0
[ 1849.987510] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1849.991781] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1850.008937] FSBase=00007ff4ae42e700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1850.017338] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1850.024363] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.034497] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1850.041595] CR0=0000000080050033 CR3=00000001bb079000 CR4=00000000001426e0
[ 1850.043860] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1850.054990] *** Control State ***
[ 1850.058556] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1850.066755] CR0=0000000080050033 CR3=00000001b99a2000 CR4=00000000001426e0
[ 1850.075602] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1850.078812] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1850.082386] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.105971] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1850.119519] EntryControls=0000d1ff ExitControls=002fefff
[ 1850.128020] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1850.134337] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1850.135992] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1850.147516] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1850.154011] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1850.157470] *** Control State ***
[ 1850.165961] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1850.172659] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1850.173882] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1850.186188] *** Control State ***
[ 1850.189749] Interruptibility = 00000000  ActivityState = 00000000
[ 1850.196329] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1850.199394] EntryControls=0000d1ff ExitControls=002fefff
[ 1850.208664] *** Host State ***
[ 1850.211950] RIP = 0xffffffff811fa113  RSP = 0xffff880168f17390
[ 1850.218104] EntryControls=0000d1ff ExitControls=002fefff
[ 1850.218491] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1850.230666]         reason=80000021 qualification=0000000000000000
[ 1850.237254] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1850.244290] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1850.248119] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1850.253019] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1850.264279] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1850.271190] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1850.272635] IDTVectoring: info=00000000 errcode=00000000
[ 1850.284291] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1850.291119] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1850.297718] TSC Offset = 0xfffffc1fa2feea25
[ 1850.302217]         reason=80000021 qualification=0000000000000000
[ 1850.308873]         reason=80000021 qualification=0000000000000000
[ 1850.319876] TPR Threshold = 0x00
[ 1850.323416] IDTVectoring: info=00000000 errcode=00000000
[ 1850.329303] CR0=0000000080050033 CR3=00000001c7f46000 CR4=00000000001426e0
[ 1850.336521] EPT pointer = 0x00000001c349201e
[ 1850.341066] IDTVectoring: info=00000000 errcode=00000000
[ 1850.346718] TSC Offset = 0xfffffc1f9f805c1c
[ 1850.351114] TPR Threshold = 0x00
[ 1850.364849] TSC Offset = 0xfffffc1faefd524c
[ 1850.369182] TPR Threshold = 0x00
[ 1850.372560] EPT pointer = 0x0000000180c4401e
[ 1850.377192] EPT pointer = 0x00000001bca3601e
[ 1850.383190] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1850.411711] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1850.437758] *** Control State ***
[ 1850.442487] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1850.449303] EntryControls=0000d1ff ExitControls=002fefff
[ 1850.454913] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
03:49:28 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:28 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e21}, 0xfffffffffffffef6)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000080))

03:49:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getpeername(0xffffffffffffff9c, &(0x7f0000000340)=@pppol2tp={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000000)=0x80)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000003c0)={<r3=>0x0, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}}, [0x2, 0x3f, 0x3, 0x8, 0x3, 0x81, 0x0, 0x1, 0x101, 0x8, 0x80000001, 0x6, 0x94b, 0x1, 0x6]}, &(0x7f0000000180)=0x100)
setsockopt$llc_int(r2, 0x10c, 0x0, &(0x7f0000000540)=0x101, 0x4)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000004c0)={r3, 0x9}, &(0x7f0000000500)=0x8)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1850.463922] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1850.498581] *** Guest State ***
[ 1850.511081] *** Guest State ***
[ 1850.514535] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1850.527356] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1850.539948]         reason=80000021 qualification=0000000000000000
[ 1850.550079] *** Guest State ***
[ 1850.553551] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:28 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vhci\x00', 0x80000, 0x0)
getsockopt$inet_mreqn(r1, 0x0, 0x2b, &(0x7f0000000300)={@remote, @loopback}, &(0x7f00000002c0)=0xc)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r2, 0x0)
fsetxattr$security_smack_entry(r2, &(0x7f0000000080)='security.SMACK64EXEC\x00', &(0x7f0000000140)='\x00', 0x1, 0x3)
bind$inet(r2, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0xb01, 0x1, 0xba, 0x1f, 0x8}, 0xc)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r2, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x1ff, 0x4)

[ 1850.555642] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1850.565171] IDTVectoring: info=00000000 errcode=00000000
[ 1850.576945] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1850.586196] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1850.595295] TSC Offset = 0xfffffc1f6d5102c3
[ 1850.600078] CR3 = 0x0000000000000000
[ 1850.603931] CR3 = 0x0000000000000000
[ 1850.608046] TPR Threshold = 0x00
[ 1850.624939] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1850.627163] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1850.649667] EPT pointer = 0x00000001c5e4901e
[ 1850.654215] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1850.660772] CR3 = 0x0000000000000000
[ 1850.665035] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1850.671141] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1850.671154] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1850.671168] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1850.679965] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1850.697280] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1850.703515] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.703914] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f0000000080)={0x1377, 0xfffffffffffffffd, 0x0, 0x8000000000000000, 0x21, 0x6, 0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1850.713424] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1850.731992] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.736710] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.746255] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.764022] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.776156] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.783553] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.790978] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.815671] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:28 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
close(r1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/full\x00', 0x80000, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8)
fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)=<r6=>0x0)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000740)=0xe8)
r9 = getgid()
r10 = getgid()
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, <r11=>0x0}, &(0x7f00000007c0)=0xc)
lstat(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000008c0)={0x0, 0x0, <r13=>0x0}, &(0x7f0000000900)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000940)={0x0, 0x0, <r14=>0x0}, &(0x7f0000000980)=0xc)
stat(&(0x7f0000000d80)='./file0\x00', &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
lstat(&(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000c40)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32=r4, @ANYBLOB="02000100", @ANYRES32=r5, @ANYBLOB="02000600", @ANYRES32=r6, @ANYBLOB="02000300", @ANYRES32=r7, @ANYBLOB="00e3ff00", @ANYRES32=r8, @ANYBLOB, @ANYRES32=r9, @ANYBLOB="08000600", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB="08000400", @ANYRES32=r12, @ANYBLOB="08000200", @ANYRES32=r13, @ANYBLOB="08000400", @ANYRES32=r14, @ANYBLOB="945150a894771d91dc541fbc35430b1375fcddade8362675d0c41de1fcf7a23fd89169eda5823c57523da842fc676ceee5248b9e9d866158fdb1f0ef4e7dd5128cec509628f46d243900000000000000000000000000", @ANYRES32=r15, @ANYBLOB="08000400", @ANYRES32=r16, @ANYBLOB="10000100000000002000070000000000"], 0x8c, 0x3)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000009c0)={0xaa, 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$RTC_SET_TIME(r17, 0x4024700a, &(0x7f0000000a00)={0xb, 0xe, 0x13, 0x11, 0x5, 0x8, 0x1, 0x148})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:28 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000002c0)={<r2=>0x0, @in={{0x2, 0x4e20, @loopback}}}, &(0x7f0000000380)=0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000003c0)={r2, 0xd1e, 0x6}, &(0x7f0000000400)=0x8)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x1d, r4}, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=@canfd={{0x4, 0x9, 0x56a9e99, 0x4}, 0x3d, 0x3, 0x0, 0x0, "f6d9857f0ce8acceef4bf090b0f41ef18e809c3f2357b72eb49e23e4f6d5553d501d6878238f5359796bb504062ca3a0ed3136a93519f8a03a6cce019ea66b09"}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x80)

[ 1850.816110] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.836878] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.840848] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1850.855083] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.866928] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.875913] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.890033] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.905139] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1850.914862] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:28 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getresgid(&(0x7f0000000240), &(0x7f00000002c0)=<r3=>0x0, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00'})
mount$fuseblk(&(0x7f0000000040)='/dev/loop0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='fuseblk\x00', 0x88, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB="2c726f6f746d6f64653d30303030303030301630303030301b30303134303030302c757365725f69643d", @ANYRESDEC=r2, @ANYBLOB=',group_id=', @ANYRESDEC=r3, @ANYBLOB="2c616c6c6f775f6f746865722c6d61785f726561643d3078303030303030303030303030646534332c6d61785f726561643d3078303030303030303034303464303634302c616c6c6f775f6f746865722c6d61785f726561643d3078303030303030303030303030303038312c6673757569643d35390000303835002d66357f772d757339662d370034772d37626164386575772c7375626a5f747970653d2d3a2a6d696d655f747970652e6370757365745b2c66736e616d653d2b2c7063723d30303030303030303030303030303030303033312c7375626a5f747970653d766d6e6574305e2c00"])
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000004c0), &(0x7f0000000500)=0x8)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000580), &(0x7f00000005c0)=0x14)

[ 1850.922861] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1850.922881] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.931439] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.951602] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1850.976040] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1850.992640] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1851.013440] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.015898] Interruptibility = 00000000  ActivityState = 00000000
03:49:29 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x40000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000380)={0x0, 0x20, 0x20, &(0x7f0000000340)=0x9})
prctl$setfpexc(0xc, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r4, 0x2288, &(0x7f0000000000))

[ 1851.033974] *** Host State ***
[ 1851.037606] RIP = 0xffffffff811fa113  RSP = 0xffff880185117390
[ 1851.041558] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.053226] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1851.061359] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.075894] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
03:49:29 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={0x0, <r2=>0x0}, &(0x7f0000000180)=0xc)
sendmsg$nl_generic(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1078, 0x3a, 0x800, 0x70bd25, 0x25dfdbfd, {0x1}, [@typed={0x8, 0x32, @uid=r2}, @nested={0x1030, 0x75, [@generic="32d60225a58fe7609bafb3bbcc190d54ea4543bf9fa011ff95113680299da8b245280caed2e41f2aaa38d679a8ef297eb3d8833751e774f0744748d6e8c09437a48c208e6b3c51a105a5a1404636064ad5e1403f55071e0d25bf585e6fdd9aebd07509454e10400212a92e15cce0442e8a924f8f138076d9902865282220323d3b3179d70e890945abb52cb628c9be0e8d43a260f9c97e0a80fb5d845acf7633ceaf77acf9a8cc9c44e7badeff65c1c8fc912c30a0a9afabfcbba336623616fcbe3d98f52ddab44b726f54357ef929eb7a6267671e5b75bdb96c5ca5c8291c1ddcfb4925478a824945c45c5b6fc307607a99ec2967ad5abf305fbf6d3006c0338bf9586f296c011cd4caf767496a0d351cde74e5640fa371f55b5feb40dc235af5468f14cfca226c89aaaab81f0b6fdef70a74728c90b534476e30060e44a4aa7eb0f218dc6f5f1fde20150db303eaa20b730cb96a2917fb6c6be3ed3136956c97bcfc60446df060545af966562c04d269ffabae4120024924ed2e3947753ede61a47bbfe074a264a8fb5a21b72d211f7198660cf396960fab7e2d621ecc3496bd0ed0ee0230cd85f177a4b1a088b59e118ab95a63cac191d0bb0d7921708e533524290c50825e54297125d0dd3212eb44b1917f01dc3baa7104ad53305ceba38b1010dd40e026c7b46e4e5846c56a1b0b5a4c7ee948784ed610111ba7a17b1421cb6c19c7e6cb0145a3bba72833aa21ec4e8b3908df447d0369770e781f7257459d3b9a44a1d25b8389465999f8f3071f0d1800b47f59d0c1518a27510db5a9ae79d337121775ab9054c2b7692f5a2587bf52b4a08ed82090a8a261496bc31d790e98b148528ab3aa1f26af063f8a7fb2db7b9b00556d86728ada2303fedf49fa76ae7d92614bac82fb66d72970f4f2b7e5dbcda6556416abf0d243e14c65c6ac9227d14944379cb54dbe749825170978fd4d26f5213df2454ad6148f3a7486131ad0086aa4ccd43affd1da5a659f19e685b43d8dc65bef7d8e9a48f010704e1dbe88a0080a21e65f9dbad51def6b79e72e700aa7beeaa6c212f2a927bdf939cb82064527b5e4bc3590ee1080686a78a64efb0dc37791c8bce8d91edd3f2f685f8443b914bd2bb6ed589ff508a20aecbaad055af6b95e8cc8e02e0e83b616cf0269325f8b36c89f941eacfaea596d30429ba23be46dd7a60b4fc2f2be2a63e51ee02f7b21a2abadeb880feccc57a0e0fbeef3fdc1ecc3800e090b668b2a9a80c641ef4b6623c2f6301c43f92e73ddd6546fe83a0e4896921bb201741ccd1b72a3aafeb73d05754237c1fe8646cbee713ab84b91fb603fa307983af0aa2e91afc5745e9293e681924d3eb02c40930cdd85bec911296dedf0c169381950994400bd614494b12f2a04ebd7af51761230e1e783ca7c369f1acd648cffd8a151852988b71c733a7444dc1e67c39232dd5b0bc485dd6a0fe947b578430a10810fbc9f9ccf5b4b8f21cbba39e2b8b750f02b7419f00344954f679cbb9baccf52f34596fdcb8a453b1c8013fa163875d3edd2222a4ee71ba703849eafa539539c656e8ffbafb56a21b06e1c49c7f6ea25684b4f33a919375b6520ae166296880b3fafe67d3788389e934747095463a45f7f31ba8dde42a3cac0f38448bb439407e41c8c4f27a6fb5184f426e7dd6a6ba476f2a332f55f9e46162505ead92348f109e8687fd36a94e48613eac32e47413034ae438a41105fe7006cf31c2761b42b20dd0753333c5c73741a70eb2741618a448bfce5982eeaea1646d6f4bd1b909ddbd9dc730e5513c06e3bcf1b230098feb95bfe27d5de129478678a26f47b52cda6636e25948d470edbbd81b44a1e64762028a224500ce812ea114849d42ba9c7c03f4832a2900b4fb735c63a7570c9bebd6d2dc46dd5310426c24326edc06032cd279da530940fd18bc0ba2e9eb6babc06de14ddf7bc78e1b3782b0522e5d42955d0aad377632ef4861c0d06b6589e2a162c6a9382917ff1fd1f10273863e65a754f3423bf3dcdda925f87a2f4b52eee74145f27f2628b69292aff76a9d02895075b118361718041f1c3108dfac5f09f92eae45673d02b80a70621f3ce95d36bcab574857a8c7782aaf79d106021902708f631773c6e4aa409073523ed9c5d2fa5b72fa6e4506cf05f587d97f343615c8c4d1395bfa05174001242675514aac690682172856771f9160ab4c8d621bce6da84e82defa6b6b5fccc7febec636efdbb20e60468e5be183deffc20f826a1bcf7a226cbfd1ec6ab6a859a533a4e121b44e6f5e5e1e010a64902e1aae980f23d8ed8eb22829aa4f8184139fe38af37c979a57ae438434b9aad6eb20ebdd936c455caea9bd7bcf97d5c22d7a9b285aa9270ad29351ec8cc9b72111a2760ad37d42c9879820adbe5d15f310f2ddb4851935c04100edc5d843bd74573c66d94f690e0578fbb9d99cce6619fda732382d12f4e79671bdfab6fbfc8ee0f765773f4529c844253c71e5737762e3f5954f52874439546591d38bfce9830ee138d5840d32249e9250582968216644357ba3b346b45f4cce6005384d787ead571af9644df75d4f36383e44f72660a27dc2a8b4cdcc3e1d71b694b192acf6cb8a72c4dedb389b7067e3353cfd45f13e3b93c89c37d95d415352111df35e639a0be53d24ccb77420dcbc3f474890ed328d5253c4d99a0fcfe80afc9a880b69af5831c9d2557f21ccacbf1215536abf6b7863967a1f7039dfc8d2be30cb0b3225d4c197c4468ff9d71960b50cdf25eb53708e7c0e004fcca3da9171aad71911a60ade49505577170e108ca553e37b4034a96ac41be4b618b2a061ecb8e52026fa590ccc2ade85bb90deaad5e9c6dded81548da3ece6aa2d0a7029094f9ea97fed0340e82e39d89a2bc38bca8a1e8f898a697e3b6ed482f33cc4b9685c4874527f13d1daadac755294a3fb62bd32cdda9dea40683020e94e9596ef0fa67f96a031a88febab255d3f5591489b3ef23310590a543897c926bb85deacf9f442f2dddabd7fd9de650caa86ad5d67285e04729a1f6d3fe99dd3498b4933234ed8b94c39cfff7e122271d892aed26667ea44c3585e1e68a9ae078d82132b1af3a9325a816b0acdb2399992a69f9acf28e76364e76979b2c97884ef58353761cf716f5405f2088dafd6edce8ecbf44bb12c5b2cb18985c1c5f7efdec551a4b16efeca566110870e20613154c2602c31749ea75d918581676551d9584ee2bb379fa0f7ef9ff75f61112fb021b53b2de7665591ba62bac7c601640a19ab1999540e4782e6c5f132bda47ce9fbeee6ae4636c2527209b15c0efd92940bd4529ea26ea9c1aed203618fbd69e92d73c208d4731dd27a95c6f7d272ff6ea194f764c4982885320181dfe835d9edc54dd626d66225a937034651232082c44978f6a285b490cca1d9a508d17dd0eb128fb387882a75395bb9fc68b44bde609f5a4933840904e1105dcb22fd33e24987f575486818499a60961523a7058b86eaf608a0a8c2774afd70dc96ae8f80eca5cc04648eba505ea1d15855dd6749e6bda689c88ec3bc860a74e34368174529bc7b8463ba14d9be25ded4a6f11d909b012da51e5cfc8fd0dd22632d45ade55bb071af97b816c59c4b501e736d6150ec53fc56bcc8be7f7737b53104282b888b183a37befd478987c78020b55e925a959cac50c3572b56e95cdb067d76dd735e24da8f2888793c9743035fa74e666786f3ad9cdb58632c9dbf8dd6bf261c4b999a7520b1fed327b21fab7fcd4eccb8cd2a89f74e831ee678285ad5210edf95e568fd64696fc8726b6a9c2a0d48f2572f80b96ec32df7b1157b0449d813d9990dc62092e472863c253a1aa203bac66a9dcf56a26f4cbb0b17751e05ff020c02361d88436fd906c6f9d51cee0c704c52ca77feff27b367639c8861d0c6680fe912795c78f02079188fee68934bfd062ed2abcfa69f676347243f90d9a2693ab73341a0c87447346fe4b836ac15e6be22d4a3f5b91167298619924d68ac13445f2f6b1ff0926df519ac28b14b02ca101b674069eee92dec11eff8d8172ed5bfc3bf580cc89247f5c2b48ad25c7dd2c8b6cb9d1795b6c829711c374a62b0b86e16893c3ecb8441bdf4d6f07a45acb08a166544a41e84c036660e7800de3d61bba6b4bc01284d7545715881d9a6e41ea173a1b9bb9c16c8198a113d6dfda9caa2eb84a352c233364bda3bbb41fc1c5b13484aa2bd95578cab0b6e36cbfa8a4984b42feba58d78c16264322acb7f291f94c05baf043ad92479d378c38a25bf7a5137754a3b76875228a0cf5674da85124660786cc2900cf9355a38ddb98b908fdf4fa6c811181ea7a10db7ca54c470b7f4b192395a517136ce8f6d6594dd4aa567aad8a0a85a37dbc78827fafa9336036d2b0cc5f4e87f662a7b14110bf4a32a1f39c7d2d4cda90df79a37bedd8f184c765ad4ed0d1b159ec7c6afe6fdff921bc824774d4cbf5dcd8db5cc7c45cdc022095a6a8582eb8432b1252c9c318e6dd849152eaf7c630bdc49be2d9ea8b63cdfcc4143511cd48f68dc3ece2388472db191ffa88c38e4149ff4a0dd249d053c002229ef22302e1aa652d999b991f1123896bcd2cfc36f842ab45d1b09a68939470251deb9e2e40097a7ea8c8cffec8e08a57a2959136d9a9196e53e04ed876eb1d180b82eb8fea48f134e1bc3905cfe6ebb5426a90fb71283256a84437fbd4666fa7d1f0d6a8054c9a2b872d5c043c67cca2adf1a7cca2a77fdb8647a43914d86f83212d7afd00d9f4f640099cbc10b45ec7f94694ee508f87eaa698cb457e1b948e1e5978964250c552bc9d8888fe842f3b9ac75a5716259febc8ed68313e6504eacc86cf65e168753a75809d4e1e1047128c58a861559794c5d4ddde734588de3a065888e6580f7ee29b705b5c79bec938ba94019af2c853b80b9907ff629f6786d9cb011ffac4e0100e817874dcdaa26bb561dfdc46fd8ab39da140f3eb1ac4f0bf176ee583fba90c2c52be7e3fae4fdb71defe220595609006c6633e40b2f7c5733e4e53a25a42bb8229bf2874201ad66241af0fc34e0594ef95dbfbca811a6f606d44e5733bd9e9391504e09f6db1b2a58b48ae351c72de4d33e44f9536b4d25d9d34555ee944b667bee90031baebe7d7c4e5e272236300eba857450d351a664ec66f94bde4e52b788130844e7b108ffa9f6af981bc60a1ce62e9cf937ed0485e2f6c716b820e95c2223a3cdb94dfb275d60c73e39de0f7b9242ad1af54e3f7dfeca63057b73f4607e59d29a5e67b7bb833a562773889225d88484ce1412377868b66b3f3de45bdb77a7901211f21affaad97f6fcd3a03cd7d2dd5576fc7049130e8f981f720fdd7d61b926d16fac17dab7dd9fa247978be516dd214b3c73631082ac471892584c723f4ad51a59d2f14d37cc909ca2a54f8dcbfa13e97742b8c9864391ba297b9e3088b5ed1e54ece79c5ca43c281e80ab9ad47d97750f92cf9d43b989b7b09b1ba71d31ac2f208e5767efd40efe77589897b5975feb4fd2f769c353cf2a635745bc25ae272cf8ea5dd0dec1e0bcf03a8e70af7d04eabd22e27fd14770461be8e7ce2b6626375f207d3a06fb0f18eb5d94dc665b4f154b1701dfefd30c4cd793200156e03b850d1bdd3e73daf7bfdfa2e6ded32a1b453a7599d430cae7b23c8a46bfe61047d1117cbe3fe0e27cd993ca0eab1facb7672509ed35ca12785f710d15bd7521fb66be0ffca1bb70e42fb438e4bb5bd4feaeafa9b270639d36", @generic="32fc417357e015742df8121d9e0f6b4b64e67a3fac7481dfabbd4f57c6557db3b3d1063fd6ed8be2f819"]}, @nested={0x10, 0x91, [@typed={0xc, 0x4e, @str='&em0\\(\x00'}, @generic]}, @typed={0x8, 0x38, @ipv4}, @typed={0x14, 0x24, @ipv6=@mcast2}]}, 0x1078}, 0x1, 0x0, 0x0, 0x10}, 0x4000040)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r3, 0x0)
bind$inet(r3, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000d4effc)=0x1, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x1c, &(0x7f0000001340)=""/163, &(0x7f0000000240)=0xa3)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r3, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1851.089493] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1851.095629] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.103694] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.106094] *** Guest State ***
[ 1851.112160] CR0=0000000080050033 CR3=00000001d926c000 CR4=00000000001426f0
[ 1851.118089] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.122120] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1851.139175] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1851.146040] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1851.149961] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1851.152326] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1851.168563] *** Control State ***
[ 1851.172122] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1851.179603] EntryControls=0000d1ff ExitControls=002fefff
[ 1851.187908] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.190866] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1851.205918] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1851.214888] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1851.214897] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1851.214905]         reason=80000021 qualification=0000000000000000
[ 1851.214912] IDTVectoring: info=00000000 errcode=00000000
[ 1851.214918] TSC Offset = 0xfffffc1eed61ff1f
[ 1851.214923] TPR Threshold = 0x00
[ 1851.214936] EPT pointer = 0x00000001b980001e
[ 1851.228131] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1851.228863] Interruptibility = 00000000  ActivityState = 00000000
[ 1851.235585] CR3 = 0x0000000000000000
[ 1851.241533] *** Host State ***
[ 1851.252237] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1851.266850] Interruptibility = 00000000  ActivityState = 00000000
[ 1851.282290] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1851.292577] RIP = 0xffffffff811fa113  RSP = 0xffff88018066f390
[ 1851.296896] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1851.305022] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1851.305026] *** Guest State ***
[ 1851.305042] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1851.313793] *** Host State ***
[ 1851.315090] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1851.324270] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.327591] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1851.334483] RIP = 0xffffffff811fa113  RSP = 0xffff88018577f390
[ 1851.357551] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.360888] CR3 = 0x0000000000000000
[ 1851.366451] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.378370] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.378508] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1851.386615] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.400594] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1851.400760] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1851.406880] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[ 1851.413306] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.420980] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1851.439739] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1851.447719] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.455961] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.463340] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.472041] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.472758] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.488300] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1851.488717] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.494211] CR0=0000000080050033 CR3=00000001d77c7000 CR4=00000000001426f0
[ 1851.494229] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1851.502334] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1851.509591] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.530880] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1851.539248] CR0=0000000080050033 CR3=00000001c4350000 CR4=00000000001426e0
[ 1851.541110] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1851.547283] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1851.553923] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.560773] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1851.568621] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1851.580782] Interruptibility = 00000000  ActivityState = 00000000
[ 1851.580787] *** Host State ***
[ 1851.580799] RIP = 0xffffffff811fa113  RSP = 0xffff88017bc7f390
[ 1851.580821] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1851.580839] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1851.587749] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.590707] *** Control State ***
[ 1851.596519] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.603137] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1851.610817] *** Control State ***
[ 1851.618957] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1851.622305] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.630415] EntryControls=0000d1ff ExitControls=002fefff
[ 1851.636272] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1851.639853] CR0=0000000080050033 CR3=00000001c1fde000 CR4=00000000001426e0
[ 1851.646499] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.654646] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1851.660340] EntryControls=0000d1ff ExitControls=002fefff
[ 1851.666682] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1851.673743] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1851.681928] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1851.688785] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1851.694429] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1851.700960] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1851.709061] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1851.715606] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1851.722697]         reason=80000021 qualification=0000000000000000
[ 1851.728675] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1851.736838] IDTVectoring: info=00000000 errcode=00000000
[ 1851.749859] *** Control State ***
[ 1851.749873] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1851.756487] TSC Offset = 0xfffffc1ee65acca0
[ 1851.762768] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1851.768389] TPR Threshold = 0x00
[ 1851.771628] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1851.782716] EntryControls=0000d1ff ExitControls=002fefff
[ 1851.790131] Interruptibility = 00000000  ActivityState = 00000000
[ 1851.793533] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1851.800628] *** Host State ***
[ 1851.805878] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1851.818842] EPT pointer = 0x00000001c234b01e
[ 1851.822422] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1851.828868] RIP = 0xffffffff811fa113  RSP = 0xffff88017f007390
[ 1851.833531]         reason=80000021 qualification=0000000000000000
[ 1851.839906] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1851.852158]         reason=80000021 qualification=0000000000000000
[ 1851.865036] FSBase=00007ff4ae40c700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1851.865290] IDTVectoring: info=00000000 errcode=00000000
[ 1851.878605] IDTVectoring: info=00000000 errcode=00000000
[ 1851.878821] TSC Offset = 0xfffffc1e9b8cc0fd
[ 1851.884110] TSC Offset = 0xfffffc1eedca8664
[ 1851.884116] TPR Threshold = 0x00
[ 1851.884124] EPT pointer = 0x00000001d86e901e
[ 1851.893014] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1851.900784] CR0=0000000080050033 CR3=00000001d926c000 CR4=00000000001426f0
[ 1851.907839] TPR Threshold = 0x00
[ 1851.916704] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1851.918296] EPT pointer = 0x00000001bab7e01e
[ 1851.929166] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1851.936126] *** Control State ***
03:49:29 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe(&(0x7f0000000380))
r2 = syz_open_dev$mouse(&(0x7f0000000400)='/dev/input/mouse#\x00', 0x7fffffff, 0x80)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/rtc0\x00', 0x100, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000180)="0f0666b90b02000066b81e3d869866ba28d29b2e0f30f36c66b9800000c00f326635000800000f30b8ff0f8ed0d2836e900f201166b9800000c00f326635000100000f300f4b912f1abaf80c66b8bc31fd8e66efbafc0cb8df69ef", 0x5b}], 0x1, 0x67, &(0x7f0000000600), 0x1000000000000047)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

03:49:29 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8914, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = dup(r0)
ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
poll(&(0x7f0000000040)=[{r2, 0x2000}, {r2, 0x2}, {r0, 0x240}, {r1, 0x1}], 0x4, 0x8)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1851.940193] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1851.947170] EntryControls=0000d1ff ExitControls=002fefff
[ 1851.953519] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1851.960896] *** Guest State ***
[ 1851.988014] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1852.014917] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1852.029660] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1852.044245] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1852.051244]         reason=80000021 qualification=0000000000000000
[ 1852.070739] CR3 = 0x0000000000000000
[ 1852.078110] IDTVectoring: info=00000000 errcode=00000000
[ 1852.086011] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1852.092826] *** Guest State ***
[ 1852.096528] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1852.122165] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1852.129343] TSC Offset = 0xfffffc1eed61ff1f
[ 1852.133884] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1852.141204] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1852.150614] TPR Threshold = 0x00
[ 1852.154121] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.163261] EPT pointer = 0x00000001b980001e
[ 1852.179759] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.188062] CR3 = 0x0000000000000000
[ 1852.194980] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1852.204985] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.210717] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1852.222945] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.235002] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000003c0)={<r3=>0xffffffffffffff9c})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000400)={<r4=>0x0, @in6={{0xa, 0x4e22, 0x9, @empty, 0x6}}, 0x7fff, 0x3, 0x6, 0x40, 0xde4f}, &(0x7f00000004c0)=0x98)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000500)=@assoc_value={r4, 0x3}, 0x8)
signalfd(r2, &(0x7f0000000580)={0xffffffffffff3dcb}, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
r5 = syz_open_dev$dspn(&(0x7f0000000340)='/dev/dsp#\x00', 0x0, 0x1)
ioctl$BLKFLSBUF(r5, 0x1261, &(0x7f0000000380)=0x80)
r6 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x5, 0x4002)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r6, 0x40045402, &(0x7f0000000180)=0x1)
openat(r6, &(0x7f0000000540)='./file0\x00', 0x400000, 0x1)

03:49:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:30 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x890e, &(0x7f0000000140)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
open_by_handle_at(r0, &(0x7f0000000180)={0x66, 0x0, "d5f507a94081fd9d225a7af9974d0fb4fb2063dca9e46fcf5d10c4db7b9ef9ba28fb865ae37e517765b3e12bdf76cb311833396147df190f90c0a5bc6ac883c2beeebb7caa8c4099cf29cf90863fcd952e04a86f51ed539d417448210c05"}, 0x101000)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='lp\x00', 0x3)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sysfs$3(0x3)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)

03:49:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1852.242866] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.246366] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.255575] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.267696] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.275946] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.299964] *** Guest State ***
[ 1852.303276] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1852.321552] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.333064] *** Guest State ***
[ 1852.336787] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:30 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
r2 = fcntl$getown(r0, 0x9)
syz_open_procfs(r2, &(0x7f0000000040)='projid_map\x00')
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1852.345635] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1852.354780] CR3 = 0x0000000000000000
[ 1852.354987] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1852.361236] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.377193] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1852.388136] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.398018] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.408759] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1852.414968] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1852.421575] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1852.427287] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1852.428547] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1852.445487] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.453661] Interruptibility = 00000000  ActivityState = 00000000
[ 1852.460114] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.468272] *** Host State ***
[ 1852.471606] RIP = 0xffffffff811fa113  RSP = 0xffff88017bc7f390
[ 1852.477851] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.477930] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.486013] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:49:30 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
writev(r1, &(0x7f0000000240)=[{&(0x7f0000000040)="648ec58816337acae5134236ba384a4181b070678dfaac830ecfed04e61f94e0e8bb6b395c7d05f38c3671d26348b76e974e8acdaa606b1c1a23ccde6b26f363c340aba73f56d913f4", 0x49}, {&(0x7f0000000140)="5ac4ff92b0fd7851f87d026fcc8c5e6615c2cbdb9bdba0a44763d4218b18e386d58266a46bcda5c6a60a7800a8abc274e35a77b1778e70363581ddb54ff845fdb9676b83011358059a025a5138325bb36de7200ea3f8f3e99cdb4b2d20d854f8abddd58290289c5cccc361c7e593585465bad8971d0738d11cb20f9a4b308e2313422d0fea968abf7d4a3ecd9bde53ca17081aaa71e6714f6dcbb4acb0bebfd101edd950b067e69b032bb79059f8a559021231b585", 0xb5}, {&(0x7f0000000200)="a2cfd12dc6f0280e4ea6c8590d98aa5b628ad6ef5b0285dfa782a612c1fe3d2861c4155ffd0a2cd936653b033b", 0x2d}, {&(0x7f00000002c0)="db20d0cb5919407205530f7b40dd7f3aa52a29c4b807946c51d6c9a16b5b1c50b259bee86b6d0b207fcafd3fbcfba28b2e5026aa25715200c0f0b0772de9d988ccd493ba7d13642b5d5546a8e161e4e52f6d44604779fb0c2ad243bf9d3f2be030764b353acadd6f281b4d81481581904823be9fdf8dcb5f4068a07fd4b47548129fbbacaa81a4e929853529c8e5c29116574911239c66b6295bc182d79f05d6f3762d09319940431e33a50ab9ce065a1d8e0f194839d80df3128f748eef38e8b420ace08c278af1", 0xc8}], 0x4)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1852.500510] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.507441] CR3 = 0x0000000000000000
[ 1852.509246] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.514473] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1852.530778] FSBase=00007f1e5f238700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1852.540373] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.555246] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.560575] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.571547] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1852.577767] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.585954] CR0=0000000080050033 CR3=00000001c1fde000 CR4=00000000001426e0
[ 1852.588480] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.593177] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.612737] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1852.615897] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1852.631182] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.638591] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1852.645499] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.645838] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1852.653638] *** Control State ***
[ 1852.664136] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1852.670800] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1852.670910] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.678456] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1852.693165] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.698164] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.704580] Interruptibility = 00000000  ActivityState = 00000000
[ 1852.715537] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.723564] EntryControls=0000d1ff ExitControls=002fefff
[ 1852.729258] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1852.729458] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1852.736441] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.751030] *** Host State ***
[ 1852.751666] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1852.754360] RIP = 0xffffffff811fa113  RSP = 0xffff88017fd87390
[ 1852.767906] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.767926] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1852.776261] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1852.782482] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1852.789590] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.797064] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1852.805261] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1852.810962] CR0=0000000080050033 CR3=00000001bb079000 CR4=00000000001426f0
[ 1852.817916] Interruptibility = 00000000  ActivityState = 00000000
[ 1852.824619] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1852.831100]         reason=80000021 qualification=0000000000000000
[ 1852.843930] IDTVectoring: info=00000000 errcode=00000000
[ 1852.848846] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1852.850360] TSC Offset = 0xfffffc1e9b8cc0fd
[ 1852.855628] *** Control State ***
[ 1852.860239] *** Host State ***
[ 1852.863447] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1852.867355] TPR Threshold = 0x00
[ 1852.873333] EntryControls=0000d1ff ExitControls=002fefff
[ 1852.876894] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.882251] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1852.890427] EPT pointer = 0x00000001bab7e01e
03:49:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
write$P9_RATTACH(r2, &(0x7f0000000180)={0x14, 0x69, 0x2, {0x83, 0x0, 0x6}}, 0x14)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = getpid()
ptrace$setopts(0x4200, r3, 0x0, 0x40)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0))
getpeername$inet(r2, &(0x7f0000000340)={0x2, 0x0, @local}, &(0x7f0000000380)=0x10)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000040)={{}, {}, {0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x24c)

03:49:30 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0xe)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1852.902502] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.910597] RIP = 0xffffffff811fa113  RSP = 0xffff880185117390
[ 1852.916792] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1852.923612] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1852.930778] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1852.932282] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1852.946022] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1852.953963] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1852.960186] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1852.962672]         reason=80000021 qualification=0000000000000000
[ 1852.974895] CR0=0000000080050033 CR3=00000001812d2000 CR4=00000000001426e0
[ 1852.982097] IDTVectoring: info=00000000 errcode=00000000
[ 1852.982787] spurious APIC interrupt through vector ff on CPU#0, should never happen.
[ 1852.988202] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1853.002280] TSC Offset = 0xfffffc1df6670662
[ 1853.006756] TPR Threshold = 0x00
[ 1853.007216] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.010229] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1853.022267] *** Guest State ***
[ 1853.024349] EPT pointer = 0x00000001baada01e
[ 1853.032088] *** Control State ***
[ 1853.036422] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1853.040083] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1853.051715] EntryControls=0000d1ff ExitControls=002fefff
[ 1853.057681] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1853.058823] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1853.065264] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1853.071230] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1853.081712] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1853.095386] CR3 = 0x0000000000000000
[ 1853.102599] *** Guest State ***
[ 1853.106012] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1853.106783] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1853.112592]         reason=80000021 qualification=0000000000000000
[ 1853.112599] IDTVectoring: info=00000000 errcode=00000000
[ 1853.112605] TSC Offset = 0xfffffc1e13aa690d
[ 1853.112610] TPR Threshold = 0x00
[ 1853.112619] EPT pointer = 0x00000001bf52d01e
[ 1853.119293] Interruptibility = 00000000  ActivityState = 00000000
[ 1853.126276] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1853.131149] *** Host State ***
[ 1853.134947] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1853.138733] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1853.142712] CR3 = 0x0000000000000000
[ 1853.149368] RIP = 0xffffffff811fa113  RSP = 0xffff88017d22f390
[ 1853.161569] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1853.176716] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.189957] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
03:49:31 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:31 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
lookup_dcookie(0x100, &(0x7f0000000080)=""/16, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x2, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:31 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
socket$inet(0x2, 0x6, 0x7)

[ 1853.207482] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1853.210903] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.213542] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1853.221910] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.229784] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1853.242560] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.264549] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.272758] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.277014] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.298647] FSBase=00007ff4ae42e700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1853.305327] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.307446] *** Guest State ***
[ 1853.317896] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.326021] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1853.327919] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.332205] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.348336] CR0=0000000080050033 CR3=0000000184880000 CR4=00000000001426f0
[ 1853.355703] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.365419] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1853.374401] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1853.381332] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.389547] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.397693] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1853.403862] *** Control State ***
03:49:31 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
sendto$inet(r1, &(0x7f0000000380)="57d69d21393162eb1b839004bb76a6d4b96f5e43661880a93cfcbfa2621c9a9ac3f4f2f4acb525ff0231676af9214c95ca34f5b7fc7e3eb4d1d283712634fd26913fa13e5a28b965cfb3380b01db52dbd6e1ef9f6bb7f23b1d5560ab793c2805b1a3066746dfe7bf15f80bffbc9ea11cc31b16bfd518032dae9593f5e8e1caeb7480adf84e5dca48bb04e97f9c26c502a4039eae526e0a9f3de4735f89bb6ed5052b149784d2854805a6751b07d58fd7f8a2f4eca8ae5b1f5823d9ededeebffcb9de913bf1ab70635d2b31b612125d5ddb03eaa01630fe1de8fd4bb59ccc0c67f676641a9c502bcc8fe56b9a28b222291d905218e0d40dd900d5cd42c5a8", 0xfe, 0x4004040, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
sendmsg(r1, &(0x7f0000000340)={&(0x7f0000000040)=@ipx={0x4, 0x8001, 0x200, "d02c7c017797", 0xf7}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000200)="e0474ca3ed45f51420336c81d8d5c4004ecdb8e01f36cebfb7b76333eb4cb98d8bb6075475e122f088eab598e28efd0b66eb924129d1006a6238cf35ba6992dba46ed64e2b4593655ffeb5d6479931b0afca207f792804f61f83926731163275a4f4b49605f72f9d568b5ac16b2ad7036796916d8f3c96", 0x77}], 0x1, &(0x7f0000000300)=[{0x10, 0x6, 0x100}], 0x10, 0x40}, 0x8085)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1b, 0xa, 0x12, 0x1c, "80edef6a961f2d2f31e432832d24a3fcaea4c558ca0b7eef2c623086dbd3347a1275391f54d0983398223605d2c71ff0efe6c87415c3def76b2e8e459a8a5e84", "321e36070049e76a360a893fa9057f383328adfd7fc066790e4a928b2b3ef3e1", [0xa467, 0x7]})

[ 1853.408616] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.416721] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1853.416733] CR3 = 0x0000000000000000
[ 1853.430934] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.444207] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1853.451081] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.461097] EntryControls=0000d1ff ExitControls=002fefff
[ 1853.467966] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1853.475531] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.483821] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1853.492237] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1853.499330] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.507581] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.516794] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1853.523060] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1853.523429] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[ 1853.536686] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1853.541473] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1853.543094] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1853.543104] Interruptibility = 00000000  ActivityState = 00000000
[ 1853.543108] *** Host State ***
[ 1853.543120] RIP = 0xffffffff811fa113  RSP = 0xffff880182ecf390
[ 1853.543141] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1853.554915] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1853.557807] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.566758] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1853.566770] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1853.566785] CR0=0000000080050033 CR3=0000000183b0c000 CR4=00000000001426f0
[ 1853.566799] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1853.566810] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1853.566814] *** Control State ***
[ 1853.566823] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1853.566830] EntryControls=0000d1ff ExitControls=002fefff
[ 1853.566843] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1853.566856] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1853.594940]         reason=80000021 qualification=0000000000000000
[ 1853.602688] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.622686] Interruptibility = 00000000  ActivityState = 00000000
[ 1853.630936] IDTVectoring: info=00000000 errcode=00000000
[ 1853.632343] *** Host State ***
[ 1853.644089] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.657836] VMExit: intr_info=800000ef errcode=00000000 ilen=00000002
[ 1853.664419] RIP = 0xffffffff811fa113  RSP = 0xffff88017fd87390
[ 1853.680290] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1853.684989] TSC Offset = 0xfffffc1df1e7606e
[ 1853.701619]         reason=80000021 qualification=0000000000000000
[ 1853.714032] FSBase=00007fe075105700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1853.718860] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.742676] TPR Threshold = 0x00
[ 1853.746564] EPT pointer = 0x00000001c281b01e
[ 1853.749572] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.751159] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
03:49:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xa36, 0x800)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000180)={0x1, 0x4c2bd287})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {0x0, 0x5002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {}, {0x2, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x518b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)

03:49:31 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
socket$inet6(0xa, 0xe, 0x7)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
socketpair(0x7, 0x2, 0xff, &(0x7f0000000500)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f00000005c0))
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
r3 = syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0xfff, 0x200000)
clock_gettime(0x0, &(0x7f0000000480)={<r4=>0x0, <r5=>0x0})
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r3, 0x28, 0x6, &(0x7f00000004c0)={r4, r5/1000+10000}, 0x10)
r6 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x1, 0x60000)
execveat(r6, &(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=[&(0x7f0000000140)='\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)='md5sumproc,\x00', &(0x7f0000000200)='$cpuset,\\{/nodevtrustedeth1\\\x00'], &(0x7f0000000440)=[&(0x7f00000002c0), &(0x7f0000000300)='nodevproc\x00', &(0x7f0000000340)='GPL/vboxnet1\x00', &(0x7f0000000380)='security$vmnet1/\x00', &(0x7f00000003c0)='*}+#vboxnet1eth1\x00', &(0x7f0000000400)='%em1^]ppp0-/&selinuxloppp1}\x00'], 0x400)

03:49:31 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = add_key(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000340)="3882409e7911bbf4cfc11a991444c4f6e8069582a7280551b28791399737a688b7af8377354be73289ad6783af91373e19f1652756452794ecfc50e6ce305f9addcd4cd2a488d5e06a4c8805b13966dd0006e32d1d2e80ca7cbeda888525eceb72ae622c87d1a3886ec14050538c6fe6e6617425887b88e5a2e93ab1b1760a7f40ed0613c5d9c82cbfac17099e4489328f4311e3ffe89616e1143e509b3c007cb41257eb6e355ad24776b12817f5839749a54f0954cce576d1b6d3d6c48396d56a323e5e0398a81dae61fd52a0ab80aa6cc5cf80e22b", 0xd6, 0xfffffffffffffffa)
keyctl$revoke(0x3, r3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r4 = dup(r0)
ioctl$NBD_DO_IT(r4, 0xab03)
r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xffffffff, 0x343fc)
ioctl$SCSI_IOCTL_STOP_UNIT(r5, 0x6)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$EVIOCSKEYCODE(r5, 0x40084504, &(0x7f00000001c0)=[0x401, 0x7])
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1853.771827] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.784894] CR0=0000000080050033 CR3=00000001bb079000 CR4=00000000001426e0
[ 1853.790683] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.792013] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1853.804541] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.821019] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1853.831015] IDTVectoring: info=00000000 errcode=00000000
[ 1853.842856] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1853.851751] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1853.863159] TSC Offset = 0xfffffc1d98d28080
[ 1853.868706] *** Control State ***
[ 1853.869071] TPR Threshold = 0x00
[ 1853.876846] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1853.879018] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1853.883684] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1853.893545] EntryControls=0000d1ff ExitControls=002fefff
[ 1853.906640] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1853.914235] EPT pointer = 0x00000001d2b4501e
[ 1853.931512] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1853.947856] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1853.955399] Interruptibility = 00000000  ActivityState = 00000000
[ 1853.975040] *** Host State ***
[ 1853.978631] RIP = 0xffffffff811fa113  RSP = 0xffff88018eb1f390
[ 1853.985903]         reason=80000021 qualification=0000000000000000
[ 1854.000387] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1854.008367] IDTVectoring: info=00000000 errcode=00000000
[ 1854.020085] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1854.028538] TSC Offset = 0xfffffc1df6670662
[ 1854.036951] TPR Threshold = 0x00
[ 1854.040492] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1854.050056] EPT pointer = 0x00000001baada01e
[ 1854.054610] CR0=0000000080050033 CR3=00000001c46a1000 CR4=00000000001426e0
[ 1854.073720] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
03:49:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:32 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000004080)='/proc/self/net/pfkey\x00', 0x88000, 0x0)
ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f00000040c0))
mmap(&(0x7f000007a000/0x2000)=nil, 0x2000, 0x0, 0xd6d296ac4967625d, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
getpeername$netlink(r2, &(0x7f0000004100), &(0x7f0000004140)=0xc)
recvmmsg(r1, &(0x7f0000003f80)=[{{&(0x7f00000002c0)=@can, 0x80, &(0x7f0000000880)=[{&(0x7f0000000180)=""/9, 0x9}, {&(0x7f0000000340)=""/148, 0x94}, {&(0x7f0000000400)=""/201, 0xc9}, {&(0x7f0000000500)=""/234, 0xea}, {&(0x7f0000000600)=""/81, 0x51}, {&(0x7f0000000680)=""/157, 0x9d}, {&(0x7f0000000740)=""/37, 0x25}, {&(0x7f0000000780)=""/253, 0xfd}], 0x8, &(0x7f0000000900)=""/15, 0xf, 0x1}, 0x7}, {{&(0x7f0000000940)=@ax25, 0x80, &(0x7f0000002c80)=[{&(0x7f00000009c0)=""/201, 0xc9}, {&(0x7f0000000ac0)=""/236, 0xec}, {&(0x7f0000000bc0)=""/4096, 0x1000}, {&(0x7f0000001bc0)=""/4096, 0x1000}, {&(0x7f0000002bc0)=""/8, 0x8}, {&(0x7f0000002c00)=""/75, 0x4b}], 0x6, &(0x7f0000002d00)=""/24, 0x18, 0x5}, 0x4}, {{&(0x7f0000002d40)=@in={0x2, 0x0, @rand_addr}, 0x80, &(0x7f0000003e80)=[{&(0x7f0000002dc0)=""/4096, 0x1000}, {&(0x7f0000003dc0)=""/37, 0x25}, {&(0x7f0000003e00)=""/18, 0x12}, {&(0x7f0000003e40)=""/47, 0x2f}], 0x4, &(0x7f0000003ec0)=""/144, 0x90, 0x78f}, 0x8}], 0x3, 0x2040, &(0x7f0000004040)={0x0, 0x1c9c380})
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x1)
ioctl$SG_SET_COMMAND_Q(r3, 0x2271, &(0x7f0000000080))
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000001c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000140)=<r4=>0x0)
ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000200)=""/18)
write$cgroup_pid(r3, &(0x7f0000000240)=r4, 0xb2)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:32 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000180)=0xc)
r3 = getpgrp(0xffffffffffffffff)
r4 = socket(0x11, 0xa, 0x81)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000380)={0xb}, 0x4)
syz_open_procfs(r3, &(0x7f0000000340)='attr\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r2=>0x0)
capset(&(0x7f0000000180)={0x0, r2}, &(0x7f00000001c0)={0x43b800000000, 0x6, 0x5, 0x9, 0x80000000, 0xff})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1854.080653] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1854.087055] *** Control State ***
[ 1854.096227] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1854.131502] EntryControls=0000d1ff ExitControls=002fefff
[ 1854.138904] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1854.147624] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1854.154533] *** Guest State ***
[ 1854.154588] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1854.169107]         reason=80000021 qualification=0000000000000000
[ 1854.176234] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1854.177402] *** Guest State ***
[ 1854.185364] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1854.197602] IDTVectoring: info=00000000 errcode=00000000
[ 1854.203445] TSC Offset = 0xfffffc1d6da9a7c5
[ 1854.203502] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1854.208035] TPR Threshold = 0x00
[ 1854.222368] CR3 = 0x0000000000000000
[ 1854.230928] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1854.237635] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1854.240679] EPT pointer = 0x00000001d8af701e
[ 1854.253479] CR3 = 0x0000000000000000
[ 1854.254738] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1854.270915] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:32 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x10000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f00000002c0)={0x1b3, 0x2, 'client1\x00', 0xffffffff80000002, "b92861007da38e37", "b16a474dd5f0f4e18c31cd55e51caa12db894d44f604aecb338c982040d2c8e7", 0xfffffffffffffffe, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r2, 0x0)
setsockopt$inet6_dccp_int(r1, 0x21, 0xb, &(0x7f0000000240)=0xde, 0x4)
bind$inet(r2, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000140)={<r3=>0x0, 0x7d, "5f8faea6968853b9fc96b9b4d980c5b1856eca1c88507f1c3183e8ed80c74a1392ff0fe4a96f191b6a9b230779cfb383fb91dd9e03019612e0e31f3f3901854b09ed403a3e3dcc135eeb1b5dbd89345b060350ddcedbab297affcfc63b058ab41c47df724b898a44008063b9e6c92d7788c02c37ed8214675611a1c399"}, &(0x7f0000000040)=0x85)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={r3, 0x1f4, 0x9, 0x8, 0x89e, 0x1}, 0x14)
sendto$inet(r2, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:32 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1854.274930] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1854.296114] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.320618] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1854.323936] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.343772] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.355239] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.363247] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.371784] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:49:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
write$P9_RWRITE(r1, &(0x7f00000003c0)={0xb, 0x77, 0x2, 0x3}, 0xb)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
clock_gettime(0x0, &(0x7f0000000080)={<r4=>0x0, <r5=>0x0})
clock_gettime(0x0, &(0x7f0000000180)={<r6=>0x0, <r7=>0x0})
clock_gettime(0x0, &(0x7f00000001c0)={<r8=>0x0, <r9=>0x0})
clock_gettime(0x0, &(0x7f0000000340)={<r10=>0x0, <r11=>0x0})
clock_gettime(0x0, &(0x7f0000000380)={<r12=>0x0, <r13=>0x0})
write$evdev(r3, &(0x7f00000004c0)=[{{0x77359400}, 0x4, 0x3, 0x1}, {{r4, r5/1000+10000}, 0x15, 0x5, 0x7}, {{r6, r7/1000+10000}, 0x12, 0x4601}, {{r8, r9/1000+30000}, 0x5, 0x3, 0xfffffffffffffff9}, {{}, 0x15, 0x8000, 0x100000000}, {{0x77359400}, 0x0, 0x2c56, 0x1}, {{0x0, 0x7530}, 0x5, 0x4, 0x1000}, {{0x77359400}, 0x4, 0x2, 0x6}, {{r10, r11/1000+30000}, 0x0, 0x1f}, {{r12, r13/1000+30000}, 0x16, 0x5, 0x5}], 0xf0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1854.378602] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.394340] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.404444] *** Guest State ***
[ 1854.405723] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.416165] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.419200] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
03:49:32 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r2 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0xffffffff7fffffff, 0x10800)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={<r3=>0x0, 0x3ff}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000380)={r3, 0xb34}, 0x8)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)
bind(r1, &(0x7f0000000040)=@l2={0x1f, 0x7, {0x7a864649, 0x400, 0x1, 0xffffffff7fffffff, 0xffffffff80000000, 0xff}, 0x100000000, 0x8}, 0x80)

[ 1854.424232] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.441772] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1854.449940] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.464930] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.465270] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.485169] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1854.505442] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1854.514692] CR3 = 0x0000000000000000
[ 1854.521830] IDTR:                           limit=0x00000000, base=0x0000000000000000
03:49:32 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r2, 0x0)
bind$inet(r2, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000080), 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r2, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1854.522416] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1854.541091] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.554135] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1854.558519] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.561757] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1854.580297] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1854.588531] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1854.592155] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.612053] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.617016] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1854.624276] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.639746] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.639941] Interruptibility = 00000000  ActivityState = 00000000
[ 1854.662814] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.671224] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1854.671334] *** Host State ***
[ 1854.678031] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.689210] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1854.692136] RIP = 0xffffffff811fa113  RSP = 0xffff88016be4f390
[ 1854.696987] Interruptibility = 00000000  ActivityState = 00000000
[ 1854.705389] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1854.715825] FSBase=00007f1e5f238700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1854.723731] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1854.730116] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.749621] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1854.755733] CR0=0000000080050033 CR3=0000000182d0f000 CR4=00000000001426f0
[ 1854.768285] *** Host State ***
[ 1854.772059] RIP = 0xffffffff811fa113  RSP = 0xffff88018f8f7390
[ 1854.775033] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[ 1854.779005] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
03:49:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffe)
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000480)={<r4=>0xffffffffffffffff})
setsockopt$inet6_MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000340)={{0xa, 0x4e21, 0x100, @local, 0x7}, {0xa, 0x4e20, 0x83, @dev={0xfe, 0x80, [], 0x13}, 0x6}, 0xcd1, [0xa46f, 0x7, 0x0, 0x9, 0x10, 0x9916, 0x4, 0x890]}, 0x5c)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0))
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x800, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r5, 0xc008551a, &(0x7f00000004c0)={0x9, 0x14, [0x6, 0x10000, 0x3, 0x9, 0x4]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000040)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/hwrng\x00', 0x80, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r6, 0xc0385720, &(0x7f0000000400)={0x0, {}, 0x0, 0x8001})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000000)=<r7=>0x0)
prctl$setptracer(0x59616d61, r7)

03:49:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0xfffffe29, &(0x7f0000000080)=0x4000000000000d)
syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:32 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x40000, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1854.795282] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1854.800009] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1854.803052] *** Control State ***
[ 1854.813135] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1854.832795] FSBase=00007fe075105700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[ 1854.843133] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1854.854298] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1854.855590] EntryControls=0000d1ff ExitControls=002fefff
[ 1854.867890] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1854.879468] CR0=0000000080050033 CR3=00000001bb079000 CR4=00000000001426f0
[ 1854.891866] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1854.899062] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1854.906608] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1854.915261] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1854.937760] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1854.947406] Interruptibility = 00000000  ActivityState = 00000000
[ 1854.960574] *** Control State ***
[ 1854.970248] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1854.970601] *** Host State ***
[ 1854.980444] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1854.987825] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1854.994679] RIP = 0xffffffff811fa113  RSP = 0xffff88018eb1f390
[ 1855.005470] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1855.012528] EntryControls=0000d1ff ExitControls=002fefff
[ 1855.022648] FSBase=00007faf77344700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[ 1855.032565] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1855.032921]         reason=80000021 qualification=0000000000000000
[ 1855.044931] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[ 1855.052615] CR0=0000000080050033 CR3=00000001d7e5e000 CR4=00000000001426e0
[ 1855.060998] IDTVectoring: info=00000000 errcode=00000000
[ 1855.062318] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1855.071905] TSC Offset = 0xfffffc1cf8289c5c
[ 1855.073872] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[ 1855.087065] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1855.093844] TPR Threshold = 0x00
[ 1855.094996] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[ 1855.099678] EPT pointer = 0x00000001c7fcf01e
[ 1855.103882] *** Control State ***
[ 1855.116038]         reason=80000021 qualification=0000000000000000
[ 1855.125359] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2
[ 1855.133350] IDTVectoring: info=00000000 errcode=00000000
[ 1855.134056] EntryControls=0000d1ff ExitControls=002fefff
[ 1855.144493] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1855.151537] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1855.158535] TSC Offset = 0xfffffc1cf6a7de8b
[ 1855.158560] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[ 1855.162879] TPR Threshold = 0x00
[ 1855.162888] EPT pointer = 0x00000001d8b2101e
[ 1855.177479]         reason=80000021 qualification=0000000000000000
[ 1855.186837] IDTVectoring: info=00000000 errcode=00000000
[ 1855.192946] TSC Offset = 0xfffffc1cd5ead2cb
[ 1855.197874] TPR Threshold = 0x00
[ 1855.201345] EPT pointer = 0x000000017e1ea01e
03:49:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:33 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x0, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
getsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

03:49:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x2, 0x5a92, 0x6, 0x8000})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

03:49:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="f36e0f20e06635002000000f22e00f30f20f1024660fdb03b894008ed00f20d86635200000000f22d80f35650f01c90f30", 0x31}], 0x241, 0x0, &(0x7f0000000600), 0x121e01fc02534f7f)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009)
r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x1000, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000100), &(0x7f0000000180)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:49:33 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2000, 0x0)
ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000180))
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0))
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e21, 0x1c, @mcast2, 0x20}}, 0x0, 0x6, 0x5, "66da274973cd4f3011313f06bda1b0a22ca35ba29612c56514ab21885e490a6bebb5f1bca6c7e91852e84c429be91afc8b4629a622845b17d30ed2225fbd0c39ad69637bcca61d3145fd4b72ebb48cc8"}, 0xd8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000040)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)

03:49:33 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00000000000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800})

[ 1855.287418] *** Guest State ***
[ 1855.302136] *** Guest State ***
[ 1855.308350] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1855.328899] *** Guest State ***
03:49:33 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x1, 0x21011, r1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r1, &(0x7f0000000b40), 0xfffffffffffffee3, 0x40000cb, 0x0, 0xffffffffffffff61)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000077000/0x4000)=nil, 0x4000}, &(0x7f0000000100)=0x10)

[ 1855.329519] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1855.332318] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1855.350797] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1855.351426] *** Guest State ***
[ 1855.371463] CR3 = 0x0000000000000000
[ 1855.380890] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1855.387599] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1855.399775] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1855.402702] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[ 1855.409755] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[ 1855.423839] CR3 = 0x0000000000000000
[ 1855.429353] CR3 = 0x0000000000000000
[ 1855.433470] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1855.433854] kasan: CONFIG_KASAN_INLINE enabled
[ 1855.440324] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1855.444779] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1855.444800] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 1855.444816] CPU: 0 PID: 10251 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181008+ #89
[ 1855.444829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1855.450949] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[ 1855.458163] RIP: 0010:__handle_mm_fault+0x2f94/0x5a40
[ 1855.458178] Code: df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 a5 22 00 00 49 8b 9f 30 fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 76 22 00 00 48 8b 1b 31 ff 48 83 e3 9f 48 89 de
[ 1855.458186] RSP: 0018:ffff88018577e980 EFLAGS: 00010246
[ 1855.458197] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001
[ 1855.458204] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88018577eab8
[ 1855.458211] RBP: ffff88018577ecb0 R08: ffffed0030aefd1e R09: ffffed0030aefd1d
[ 1855.458219] R10: ffffed0030aefd1d R11: 0000000000000003 R12: 000ffffffffff000
[ 1855.458227] R13: 0000000000000000 R14: ffff88018577ea68 R15: ffff88018577ec88
[ 1855.458238] FS:  00007fa709206700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[ 1855.458247] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1855.458261] CR2: 000000000072c000 CR3: 00000001d7e5e000 CR4: 00000000001426f0
[ 1855.464587] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1855.472969] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1855.472978] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1855.472982] Call Trace:
[ 1855.473007]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1855.473022]  ? rb_insert_color+0x1460/0x1460
[ 1855.473043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.482522] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.488404]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1855.488431]  ? pmd_huge+0xf4/0x140
[ 1855.488453]  ? follow_page_mask+0x18b/0x2110
[ 1855.493796] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.512543]  ? gup_pgd_range+0x3ab0/0x3ab0
[ 1855.512564]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1855.512584]  ? handle_mm_fault+0x42a/0xc70
[ 1855.512601]  ? lock_downgrade+0x900/0x900
[ 1855.512619]  ? mark_held_locks+0x130/0x130
[ 1855.518510] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[ 1855.525250]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1855.525266]  ? trace_output_call+0x60/0x100
[ 1855.525281]  ? __get_user_pages+0x806/0x1b30
[ 1855.525294]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1855.525310]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1855.525330]  ? check_preemption_disabled+0x48/0x200
[ 1855.532730] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1855.539879]  handle_mm_fault+0x54f/0xc70
[ 1855.539898]  ? __handle_mm_fault+0x5a40/0x5a40
[ 1855.539910]  ? find_vma+0x34/0x190
[ 1855.539927]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1855.539945]  __get_user_pages+0x806/0x1b30
[ 1855.547448] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1855.554504]  ? follow_page_mask+0x2110/0x2110
[ 1855.554524]  ? lock_acquire+0x1ed/0x520
[ 1855.554543]  ? get_user_pages_unlocked+0xfd/0x5d0
[ 1855.562955] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.568661]  ? lock_release+0xa10/0xa10
[ 1855.568677]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1855.568701]  ? down_read+0x8d/0x120
[ 1855.568715]  ? get_user_pages_unlocked+0xfd/0x5d0
[ 1855.568730]  ? __down_interruptible+0x700/0x700
[ 1855.568746]  ? mem_cgroup_charge_skmem+0x216/0x410
[ 1855.568764]  get_user_pages_unlocked+0x2fc/0x5d0
[ 1855.576767] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.582101]  ? get_user_pages_longterm+0x650/0x650
[ 1855.582123]  get_user_pages_fast+0x322/0x450
[ 1855.582142]  ? __get_user_pages_fast+0x3f0/0x3f0
[ 1855.589635] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.596729]  ? save_stack+0xa9/0xd0
[ 1855.596750]  iov_iter_get_pages+0x2c9/0x11e0
[ 1855.596764]  ? tcp_sendmsg_locked+0xee4/0x3fa0
[ 1855.596776]  ? tcp_sendmsg+0x2f/0x50
[ 1855.596793]  ? inet_sendmsg+0x19c/0x690
[ 1855.599540] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.604241]  ? sock_sendmsg+0xd5/0x120
[ 1855.604256]  ? __sys_sendto+0x3d7/0x670
[ 1855.604271]  ? __x64_sys_sendto+0xe1/0x1a0
[ 1855.604289]  ? iov_iter_fault_in_readable+0x450/0x450
[ 1855.608833] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.614230]  ? trace_hardirqs_on+0xbd/0x310
[ 1855.614245]  ? lock_downgrade+0x900/0x900
[ 1855.614260]  ? __sk_mem_raise_allocated+0x65f/0x17e0
[ 1855.614279]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1855.622435] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.627779]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1855.627795]  ? check_preemption_disabled+0x48/0x200
[ 1855.627815]  ? mem_cgroup_charge_skmem+0x216/0x410
[ 1855.627831]  ? mem_cgroup_sk_free+0x90/0x90
[ 1855.627847]  ? kasan_kmalloc+0xc7/0xe0
[ 1855.631545] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.635821]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1855.635839]  ? tcp_leave_memory_pressure+0x2a/0x110
[ 1855.635855]  ? tcp_enter_memory_pressure+0x120/0x120
[ 1855.635870]  ? __sk_mem_raise_allocated+0x716/0x17e0
[ 1855.635886]  ? kasan_kmalloc+0xc7/0xe0
[ 1855.643981] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.648088]  __zerocopy_sg_from_iter+0x240/0xb80
[ 1855.648107]  ? kasan_check_write+0x14/0x20
[ 1855.648123]  ? skb_copy_datagram_from_iter+0x660/0x660
[ 1855.648139]  ? netdev_alloc_frag+0x1f0/0x1f0
[ 1855.648158]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.653206] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.657327]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.657349]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1855.657366]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.657403]  ? __sk_mem_schedule+0xac/0xe0
[ 1855.657429]  skb_zerocopy_iter_stream+0x24f/0x7d0
[ 1855.661657] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1855.665811]  ? ___pskb_trim+0x1320/0x1320
[ 1855.665831]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.665848]  tcp_sendmsg_locked+0x8cc/0x3fa0
[ 1855.665866]  ? __sanitizer_cov_trace_switch+0x53/0x90
[ 1855.671941] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.676853]  ? __fget+0x4aa/0x740
[ 1855.676870]  ? lock_downgrade+0x900/0x900
[ 1855.676890]  ? tcp_sendpage+0x60/0x60
[ 1855.676908]  ? __fget+0x4d1/0x740
[ 1855.681304] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.685639]  ? ksys_dup3+0x680/0x680
[ 1855.685666]  ? lock_acquire+0x1ed/0x520
[ 1855.685681]  ? tcp_sendmsg+0x21/0x50
[ 1855.690882] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.696319]  ? trace_hardirqs_on+0xbd/0x310
[ 1855.696333]  ? lock_release+0xa10/0xa10
[ 1855.696346]  ? lock_sock_nested+0xe2/0x120
[ 1855.696362]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1855.696408]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.701581] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1855.708177]  ? check_preemption_disabled+0x48/0x200
[ 1855.708191]  ? lock_sock_nested+0x9a/0x120
[ 1855.708205]  ? lock_sock_nested+0x9a/0x120
[ 1855.708224]  ? __local_bh_enable_ip+0x160/0x260
[ 1855.712406] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.716867]  tcp_sendmsg+0x2f/0x50
[ 1855.716883]  inet_sendmsg+0x19c/0x690
[ 1855.716898]  ? ipip_gro_receive+0x100/0x100
[ 1855.716920]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1855.720567] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.725494]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.725510]  ? security_socket_sendmsg+0x94/0xc0
[ 1855.725523]  ? ipip_gro_receive+0x100/0x100
[ 1855.725540]  sock_sendmsg+0xd5/0x120
[ 1855.725558]  __sys_sendto+0x3d7/0x670
[ 1855.729874] GDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1855.736459]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1855.736475]  ? lock_release+0xa10/0xa10
[ 1855.736490]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1855.736510]  ? posix_ktime_get_ts+0x15/0x20
[ 1855.741073] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.744971]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1855.745001]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1855.745020]  ? put_timespec64+0x10f/0x1b0
[ 1855.749933] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.757825]  ? nsecs_to_jiffies+0x30/0x30
[ 1855.757846]  ? trace_hardirqs_on+0xbd/0x310
[ 1855.757860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1855.757882]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1855.761959] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.767301]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1855.767321]  __x64_sys_sendto+0xe1/0x1a0
[ 1855.767341]  do_syscall_64+0x1b9/0x820
[ 1855.767361]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1855.771068] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.775852]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1855.775867]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1855.775883]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1855.775902]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1855.780684] IDTR:                           limit=0x00000000, base=0x0000000000000000
[ 1855.785579]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1855.785599]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1855.785619]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1855.785629] RIP: 0033:0x457579
[ 1855.785646] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1855.785660] RSP: 002b:00007fa709205c78 EFLAGS: 00000246
[ 1855.790622] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1855.798463]  ORIG_RAX: 000000000000002c
[ 1855.798472] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579
[ 1855.798481] RDX: fffffffffffffee3 RSI: 0000000020000b40 RDI: 0000000000000004
[ 1855.798490] RBP: 000000000072bf00 R08: 0000000000000000 R09: ffffffffffffff61
[ 1855.798498] R10: 00000000040000cb R11: 0000000000000246 R12: 00007fa7092066d4
[ 1855.798507] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff
[ 1855.798523] Modules linked in:
[ 1855.803563] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.808153] ---[ end trace 02f61405bcf11e8f ]---
[ 1855.812901] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[ 1855.820823] RIP: 0010:__handle_mm_fault+0x2f94/0x5a40
[ 1855.820840] Code: df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 a5 22 00 00 49 8b 9f 30 fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 76 22 00 00 48 8b 1b 31 ff 48 83 e3 9f 48 89 de
[ 1855.824533] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1855.828902] RSP: 0018:ffff88018577e980 EFLAGS: 00010246
[ 1855.833595] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1855.837246] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001
[ 1855.837256] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88018577eab8
[ 1855.837265] RBP: ffff88018577ecb0 R08: ffffed0030aefd1e R09: ffffed0030aefd1d
[ 1855.837279] R10: ffffed0030aefd1d R11: 0000000000000003 R12: 000ffffffffff000
[ 1855.841335] Interruptibility = 00000000  ActivityState = 00000000
[ 1855.849244] R13: 0000000000000000 R14: ffff88018577ea68 R15: ffff88018577ec88
[ 1855.849257] FS:  00007fa709206700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[ 1855.849271] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1855.853236] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1855.857147] CR2: 000000000072c000 CR3: 00000001d7e5e000 CR4: 00000000001426f0
[ 1855.857158] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1855.857167] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1855.857177] Kernel panic - not syncing: Fatal exception
[ 1855.861540] *** Host State ***
[ 1855.867695] Kernel Offset: disabled
[ 1856.598663] Rebooting in 86400 seconds..