000140)=@assoc_value={r4}, 0x8)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0xc98, 0x4)
recvmmsg(r3, &(0x7f00000009c0)=[{{&(0x7f0000000440)=@ax25, 0x80, &(0x7f0000000580)}}], 0x4000000000002cb, 0x22, &(0x7f0000000a80)={0x0, 0x1c9c380})

06:45:14 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socketpair$nbd(0x2, 0x1, 0x0, &(0x7f0000000000))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  672.875824] *** Guest State ***
[  672.879240] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  672.888529] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  672.897600] CR3 = 0x0000000000000000
[  672.901444] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  672.907687] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  672.914694] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  672.921608] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  672.929847] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  672.938076] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  672.946280] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  672.954480] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  672.962690] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  672.970753] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  672.978980] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  672.987341] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  672.995579] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  673.003781] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  673.010258] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  673.017986] Interruptibility = 00000000  ActivityState = 00000000
[  673.024415] *** Host State ***
[  673.027683] RIP = 0xffffffff812cf768  RSP = 0xffff888196c0f378
[  673.033874] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  673.040393] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  673.048432] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  673.054542] CR0=0000000080050033 CR3=00000000a51ca000 CR4=00000000001426e0
[  673.056455] *** Guest State ***
[  673.061662] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  673.065252] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  673.071829] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  673.081020] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  673.087104] *** Control State ***
[  673.087135] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  673.087160] EntryControls=0000d1ff ExitControls=002fefff
[  673.087204] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  673.096288] CR3 = 0x0000000000000000
[  673.099682] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  673.106592] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  673.112151] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  673.119137] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  673.123029]         reason=80000021 qualification=0000000000000000
[  673.123053] IDTVectoring: info=00000000 errcode=00000000
[  673.123089] TSC Offset = 0xfffffe91d3152ed0
06:45:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000180)={0x101, 0xfffffffffffffffe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f00000000c0)={0x100, 0x80000000, 0x9, 0x9, 0x3}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  673.129807] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  673.135944] TPR Threshold = 0x00
[  673.135986] EPT pointer = 0x00000000b09b901e
[  673.142761] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.142804] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.142844] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  673.142890] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.142930] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.142971] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.143002] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  673.143059] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.143136] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  673.261372] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.269665] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  673.276301] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  673.284074] Interruptibility = 00000000  ActivityState = 00000000
[  673.290371] *** Host State ***
[  673.293865] RIP = 0xffffffff812cf768  RSP = 0xffff8880a6a3f378
[  673.299953] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  673.306695] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  673.314740] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  673.320710] CR0=0000000080050033 CR3=00000000a6c37000 CR4=00000000001426f0
[  673.328196] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  673.335096] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  673.341214] *** Control State ***
[  673.344983] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  673.351732] EntryControls=0000d1ff ExitControls=002fefff
[  673.357537] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  673.364724] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  673.367077] *** Guest State ***
[  673.371568] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  673.375136] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  673.381699]         reason=80000021 qualification=0000000000000000
[  673.390815] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  673.397212] IDTVectoring: info=00000000 errcode=00000000
[  673.397250] TSC Offset = 0xfffffe91d1fba693
[  673.406275] CR3 = 0x0000000000000000
[  673.411751] EPT pointer = 0x00000000a51f801e
[  673.416252] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  673.430547] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  673.437508] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  673.444421] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  673.452643] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  673.460708] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  673.468998] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  673.477202] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  673.485450] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  673.493646] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  673.501710] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  673.509904] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  673.518117] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  673.526294] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  673.532899] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  673.540424] Interruptibility = 00000000  ActivityState = 00000000
[  673.546904] *** Host State ***
[  673.550162] RIP = 0xffffffff812cf768  RSP = 0xffff8880a687f378
[  673.556353] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  673.562971] FSBase=00007fe867925700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  673.570843] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  673.576979] CR0=0000000080050033 CR3=00000000a5684000 CR4=00000000001426e0
[  673.584221] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  673.590956] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  673.597219] *** Control State ***
[  673.600744] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  673.607633] EntryControls=0000d1ff ExitControls=002fefff
[  673.613352] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  673.620355] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  673.627255] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  673.634030]         reason=80000021 qualification=0000000000000000
[  673.640421] IDTVectoring: info=00000000 errcode=00000000
[  673.646075] TSC Offset = 0xfffffe919febcbf5
[  673.650454] TPR Threshold = 0x00
[  673.654020] EPT pointer = 0x0000000196c4a01e
06:45:15 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x80000000})
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="d013c19f603b0a497e258416d3e915f4", 0x10)
epoll_pwait(r1, &(0x7f0000dc7fc4)=[{}], 0x1500, 0x0, &(0x7f0000dc7000), 0x8)

[  673.732642] *** Guest State ***
[  673.736234] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  673.745349] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  673.754394] CR3 = 0x0000000000000000
[  673.758177] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  673.764345] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  673.770439] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  673.777323] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.785529] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.793718] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  673.801780] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.810030] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.818226] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.826428] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  673.834627] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  673.842808] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  673.850873] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  673.859056] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  673.865689] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  673.873333] Interruptibility = 00000000  ActivityState = 00000000
[  673.879640] *** Host State ***
[  673.883051] RIP = 0xffffffff812cf768  RSP = 0xffff8880a9cbf378
[  673.889144] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  673.895781] FSBase=00007fb09ecb7700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  673.903796] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  673.909758] CR0=0000000080050033 CR3=00000000a6c37000 CR4=00000000001426e0
[  673.916979] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  673.923868] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  673.929995] *** Control State ***
[  673.933647] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  673.940379] EntryControls=0000d1ff ExitControls=002fefff
[  673.946073] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  673.953187] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  673.959956] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  673.966747]         reason=80000021 qualification=0000000000000000
[  673.973247] IDTVectoring: info=00000000 errcode=00000000
[  673.978770] TSC Offset = 0xfffffe91d1fb6227
[  673.983274] EPT pointer = 0x00000000a51f801e
[  674.012645] *** Guest State ***
[  674.016019] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  674.025281] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  674.034377] CR3 = 0x0000000000000000
[  674.038171] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  674.044344] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  674.050451] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  674.057409] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.065648] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.073849] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  674.082062] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.090125] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.098341] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.106557] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  674.114774] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.122989] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  674.131056] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.139246] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  674.145875] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  674.153529] Interruptibility = 00000000  ActivityState = 00000000
[  674.159815] *** Host State ***
[  674.163259] RIP = 0xffffffff812cf768  RSP = 0xffff8880a69bf378
[  674.169328] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  674.175958] FSBase=00007fb09ecd8700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  674.184010] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  674.189972] CR0=0000000080050033 CR3=00000000a6c37000 CR4=00000000001426e0
[  674.197206] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  674.204073] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  674.210186] *** Control State ***
[  674.213843] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  674.220845] EntryControls=0000d1ff ExitControls=002fefff
[  674.226509] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  674.233654] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  674.240398] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  674.247192]         reason=80000021 qualification=0000000000000000
[  674.253721] IDTVectoring: info=00000000 errcode=00000000
[  674.259232] TSC Offset = 0xfffffe91d1fb4ac9
06:45:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x0, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000180)={0x101, 0xfffffffffffffffe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f00000000c0)={0x100, 0x80000000, 0x9, 0x9, 0x3}, 0x14)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:45:16 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x20000, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1, 0x420000)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x2, 0x1ff, 0x4, 0x1, 0xfffffffffffffffc, 0x3, 0x4, 0xb2, <r2=>0x0}, &(0x7f00000000c0)=0x20)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400})
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={<r4=>0xffffffffffffffff}, 0x13f, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f00000003c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000640), r4}}, 0x18)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000040)={'veth0_to_bridge\x00', 0x602})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f00000001c0)=0x84)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000100)={{}, 0x20})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000540)='IPVS\x00')
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000580)=""/131)
sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x21}, 0xc, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="000228bd7000fbdbdf250f0000002c000200080008000600000008000600000000000800070003000000080009000600000008000300000000000c00e700080004004e20000008000500be020000080005000800000008000600030000006000010008000b007369700008000b00736970ff0000000000000000000000000c0007001a00000000000000080008000200000008000800d13a000014000300fe8000000000000000000000000000bb080005000000000050000300080008000000000008000100010000000800080014000000080007004e220020000014000600fe8000000000000000000000000000bb08000800ff00000008000600070000000000000000000000eb063932a7d9b2f53194b96d05d61bc53efeceeb5fea59d2fb8bc397ce8d2771c9f8d140d4010391fa6991821b9e5f8edf9c8fd7ac12"], 0x1}}, 0x40)
connect$inet6(r1, &(0x7f0000000840)={0xa, 0x4e20, 0x3, @loopback, 0x7}, 0x1c)
r5 = socket(0x10, 0x802, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000a00)={'raw\x00', 0x1000, "34225a9e3f0465d5f72e307b31b7828d31ac1da47e35d5aa1d5e795386ef5bcfe81d2d90b47f0d2612468d2dc6668797ffb719728884aa34b869fa16100338e34b915d3d80cd6bbef8363844a8f10271ee4b28dd96ac6f9f62928834b74f6e3cd1f7d7517cfa83a6064e617ee39f09fc463bdffae0acc0fa80861ea15ed4d02fab1a36f6e32379a787a1484668e64b44090e8715f9ffe1ee026b9e10d612113c333f512fa07d140cbbc2f11cddde0e523d21b23fb33465d253c0abe7a10383648063306357282a4463b363eb80f794a38a4154f6d44d9bfb26031cae882e983b54dc81384c431d043157fbca5b8110519add2f22ea5f3112ee8fe19aa769efd754ff5f578f08c75bfb1eee4289012e35fbd3fa36aa5d06f02303c2d9d3ef3393f307e860c8154b920be44fc706847b5f64c455251cbe805b26291cac0eb60e2ac9e1535da93b47567687ddc0652e731337097c755279e7a8eda412929135163ccb3beda822f9b65c5a56da1779147510a2e90b993adbdd7b6ac44c4a7d7132699fb02c3d2cc5cf4caaa931198ce27b3007583f3f7cfb3d681667f3cd5890430c756842e14414c817fa885fbc2c2e1ac75868ee0c49724f4a782e6355247a3e1bff527312fddfcb3ab0fb47fa684eb18912da889ada99a5149bb32abb64e78b3704566fc5659114a04682be3bdfde183c5d97c262beca177666e76fef19c856999aeb7231db54a58635dab12d748794833f65a3fecb26a807dad8074925c73e640c6074a2c13cf03c854db0253b937e94b8a6063b443cffcca2694d1dbc10c1dbf36b6a90f814f9fed1943c0c225789085d29da28a26d527e6f2ce36352e7f7a83692a7bb7ab84fded61d20434a13c248e9e9e06bdef8a4d4bad4aa6106d4e35e2ecf7ac0194801efc2f7f212b005083221b923b4c2d7f988b5a5bf421dc5c5c7c26596c00ce8ba359f4fac9bbf5b0131589d45d88db3b32aaa82bc160c9b6becbe30ba6b07cc195598daad47f52d768557de4d54bebed94cc0ce9ca6ce387e5ca448d16cbd53402cb5e4f992a2b02b94468b6b69c4477f170ce492944ef11b4b7baec663e0d2d7d23958034ccd281b94bb4c2a25664027f946e1c25331f8ec15e770c8fa27f66b0cba3dc48841b96bc9a5615649ef5c371640a1fb3954d4cfd37039df537e624031249e34a99fcd625bb8238d54ef2926e88eb32fe375122fde07bc806a3069c84e9d5e6e6c64801df27c30c9511880a873e299f7f3337ea7b54fd249a981298aafb80a9cb0e68134472384f4977f99a42818dea400c9be2fd1137416ccf00a2d70109366257091d9fcd13edae93af490a7dab1e13dd0d697cd6d454668d244100e818599362a82ab0dd6c9caf446e448831ae4242bb928971635841c791a8e0a84f6f1e829884a6985b5e3884e67fbbc5794a8b15223e6bda1fc886caf7d8c5e7aa06ca1bfc368b873b36abb0fd62f1c50019cae27c70c431ae62f5f2804317ad7f58edb2ba1e281feef700aa293cc0a07bfe4f9296fccf16f1f1526bcdb04fd7e99fedddb176c102c6a339c9d1e95d8a619938d4d71f567fc462b5468a895b05bc340e0a36a0a956e44aabb4b91d870a326a4a79334a2e52952f0d38a8d08bd2ec093bf3386b2125f5c550d8ee581f52d19062858c0a75d27b28d14edab789876bc54ebc75853c68dfbee9cb83a43889d9cf3f6b80d68390f8f78fa54a189d367c5fbf52c51931e80b74eb125607618cbe22be6a00a0ee0dadd508ae33d48d30a7b0cf7d530c25ab8cf5938de501417c029b63406ef4d112ceb4ba4943622315ba6404371ad2518163f4261fa6231b708fc5d83ad5a2e5577a46dd6c2dbef85b52baee4a3553e919bf933831de6de7e3aa69134aa631f3f2546c0dcc7f6d4f9bfebb8779cda9b6038fa8a7eea045a1c09622c932bcd32b78bda30967c70f66812ff1de05a758d8a22497150bba8cf8ff63d8594119b561f7dde0ca5e241fce52ae0eb2de84d9f6c8b8ba93ac3e6c51ffdd0bbcc1307558583983ca88bf025b319cb4dafc7262302164a40e20417d2602729eb3860d98732ce4a7b59cd21039125fb0b605b382b5ab54058ca12d54afdb501bdee29aaf8486d5301f7334eeb26d1d57edbcc213f56045ed2e8097de270ece9200dc09460946e2ce52629e97e8427538fdca597c84ae26ac534de89c7ca0b0d887e144845f2855c86ab333e723f388d9693ae2f053c2b406e621da72373a0994fda9eccec54c71f16ad9dacf163742c8fbabcf4cda5f409ce0f44c3b22b8d679d0a9a82983c5dc06739fb7762d5bc7504eb569485a66bf595406cac8d466aafad45a766b9a87051a89955ed23a7848518b035f41d550fede9af39af4b03a40fda159cb53f0f8ba0b16615c8e343b8fbad97e47f1782f0b634d9c621c9ccccad589a21bd8d2049419fa88b9ac72e2367098fa36a6ff6767905c7eaa692a6b8caa29e95fd1e55ada513e2581b9279bd49c0f075dbbd58a5c3608fddb444183fd8fdd79c747f67099173c0948215582d40d4e766135aee8f5dc99e606c711b211b4948e90dd0d8da5b641ad5675c2f8f0603b4cfa766c6aad30dab0ba9563e226474369ebc10e0197ccb51a0657a2eefad90240a6026a4232058f4fdb1c3b18d2a6196aa0a06f9903fad634567f40ed2ceab0eb7bf9aae7b9f21619c2d2f6bd219f9b14585e9fc4bd9cb581b5b3142721893519ae5f754a2a4d5c680346b5e4e16b9c2145533429cd0cab0a50da80aee5c8676ef38157709151f9c6a70e4eda6e48ed9641737a35c214cb14abc89dbcce98db310af47af6aba925b515a29be6ba9fb1b2bfa8aecd5821ee808e78bbc87a4f78bec346aa9e056dfd7c91d3a90497915d4f7cb6140f0e16ceb8002675ee48c88c5fdbf7795b2497478d767e23d81197934c1ed4529380ab696bf63fe97162c7ba48115678519322577f0206512314cf52c5fc8f0d419abcb40faf7d02813a13f4158dd12143fec64d5cf82d666170fba51b86bf495d1084681dd7b36eb041d06062d7255e96456748bed0d31001c5a4dc056fcb2200b014a559f0f6d68f968ada7e14bc1143db93ce8ff3fcfd1dbc1f3311e873abf73b85172737197df8bded076b7e2fb284c6adf0f74583936728b6620f988747337714f1b14cd45a162aacfe56deabea299f261b95dd703f38a7a2e351aca57b8011353e7487502ae43845a310f484f99dabe32589754eb2fcb61b994402b44f54a92bdf49fac61f38bf710f9530f4d52f625bb330c4acf340b3d27a9828ae0c0d651f1ff129f9506a58ba91c9f30e3bba23ed2a13c510ab761b8cb10a29f6b142b2d157e928399225cf23d6a081d209698793ba8f53e100f001078dcb5d7441ba6b2acf857e5db04a7ebf62165135983f29aa7a7ee4f9657064e65f013fd4a2f44c9714af34a3dc0071f0f1c67bdc25cf418ad56fff64d8fcc6e9f4b63f12bdb90090bdc4e7a6dbe7e6ce6fd91442b5ddfccad4f2437232509ec747b81bedc8b68face257668670b051e9a1ee09436f01259d2ec48433917bb5b5c146a57e7097c644a7d158e19750c1eccc91b111ef95cd6d9d41cb3d351c4fd476e87438beb6aa56fd865405fd98b52d8a9cc56a24e0b692e2765839908d71ad075118ab2a97343d605f096259b1e99f03859ca3a4a7b68ac425a3c5d01afa1a6d4162a1db93ec126db88c70e915b5944b8450c494b6b0a04de9ccd13e29c71c634356a5d11770464bbab5d9cf49c88d6759c2c6df6641a2a845f3a225c1e2120b80eaa3d918ea930670aede6ad8481f3e6057b8364626a41616a585d6e0dfd4c6fe55891db08bf59a74ecf1e60300baff72976066ac8f5deda5f25e085cd39be9f6986dafc66264d8bcb5a2228420ff2a1edd6a740e2dc85bc33a769836552def11b93b441f25dae72fbb5ab328068033d5f2c6c25c3b84d49bde460f537ff50ea5055d192b2ae494d46b4925e309573fe51826bd85649b4e3319e77d265f273d13140c9dabf5b8442f5aa25fcb2a7003e5fcf2d4b9bd5fc33ddf489b0154ccf0a02b0823c5dcf50f5b85ceba18609d2b61c65c4f8777119be2f73f6daf215ed84e3890294de28ffa38bfdc09fd9ad6b194482bc5436333771067a91a831c33258007ced434856193d23f540c7e7c73dc0e8f266e0d0604a6db915a44865509296867090ae9177e9d4e5047bb9614a67558c05ee2a5543684fe55ede1f71a9e865cf6d92ad1d74ee36bf3a2a8871c45a23b3c209cc970dcd3cda61b22877a8ff069f3806ec0a53267906706870a3756e46afddf0a85a9fb4ad69494577a11fb4662f8b08fc2ece959cc32ba3df621efde22f7cb2b05f5ffd6e8469d99c4ba410f5bd2d0ed4d2246e2a4c98aa7cf0001053656831dc349247cd862ec2e0580ebb6a9646d8a9b0e65211c2f66a96cfe216eb1c21aadf1337a36ca88baeaf9ecd7859f9a8502e9de6497fff8f4d812ccabebadb86d70dfd0c506426250698baaa227ca4f62c2f970c3928072c16af4222fb8b223bc669acf599737981f7f0698e9b54eb06aba5a1f63bd334c7a600a2a908d8a3cfbcfbb9955685a1f8e6172b277f9dbfe916662eb9ff13ac82537aa7471e84913c64f6c748f84e70e29748a9927c69cef0549776c874d829c10f37aa6a8e0581229c68574bb591d263df756defe4549e41b9f868b446027d88aa75835017dddc35f5d0f20da9f4c2a4b0701920bd6668097919d6aceac8c8a6911cac3d46fecc646ef0b058e1a1d1b51b0fcecef22be61aaa233ae3044383316142495b4c1b97026c9b61fe3010f623eca1961fcc6640edb45c8d5c84e9203beade4512ccc9dc6580a67751c97a1e7661b3739f9ceffba4619768824f460f4b22b83fbae9824cd142c8059440161c91dc2bfc122cfe3ca5772438fcea51d064227df93b44b8b9affe2216bbb56b472aa19915902eec62a5639a24b938e1836298c0c49640c3207c3e4d99662b068d3e2b843ed9a01f007f80ad4de1851c44b1aa7f0fe752655c34d024f8c1352dedce0a74873d00157611d02ddf40209b954e1d40c0d54471598c6b0e3cd1042b615ba71c1e6bb5e64b6fe21245e043692fec2d22357443702871d61026a3e9c42a7bce08c4ac43e636d2517844d7d1e7123a26be853d14a109d7c305c2ee916e8cc8a90262fdc27ba69fff9a6af69bf43b99034ebf9301fbe3f39d13bb8bca0853fad83582550889f6ea3952cbe67c1513c8f251b483f301582c819529b050d575d12c7bc7fa257fc8247af2af57a5030d8627ac0d13fd4820e6848a5bdc6993dc7e14c14b72953e610add9b09603bb4fa95acce64d34a09733ab261a7751e5f0789fa526be713e5ba4dabd559d28e3232a3ee6ea63a65c35ac7e82ca3e655ff9d3ba1130daa3b3e6b08da721a339469f594cfac1e9015a3e4320d89c336c5c2947c6548674073045b70f299c83ce4b0aeb4d64f633df04723b065aa5b3d2eb44cc634d7b4b2de11607c094cd99b7b138639b2797353b1c508d33aa8c4fa68a44bf1af93ae6a91b3e2c2cf2bb908f10ef6373d2d5379da9fb09c6ff1a814eb5d99ec0a1c6e7dfa69055c0d74c0a65493afe5168472c953d4ee64daeaaaac884ecb2ed8c120a6afda1b0250bb782ef3d307d61375d71316bc8135c0dcf1df679b26f928bdcbda7a3e36d44312e7e0c68acfc75c59d4173b71a4e1b155edd3db5a2b5b491f6e00c345aed4d11be4f7bb2dab2942390d54695fb6fc15b0699ae9abc40fcfea80d338a168d2eb2129"}, &(0x7f0000000280)=0x1024)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r5, 0x84, 0x21, &(0x7f0000000480)=0x30, 0x4)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000440)=@sack_info={0x0, 0x800, 0xe86}, &(0x7f00000009c0)=0xc)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000400))

[  674.263764] EPT pointer = 0x00000000a51f801e
06:45:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f00000001c0)="153f6234488dd25d766070")
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000080)='memory.high\x00', 0x2, 0x0)
r4 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x100000001, 0x200000)
r5 = fcntl$getown(r0, 0x9)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000280)={{0x8, 0x3, 0x3ff, 0x8000, 'syz0\x00', 0x4}, 0x3, 0x204, 0x7, r5, 0x3, 0x878, 'syz0\x00', &(0x7f0000000240)=['cgroup.events\x00', '\'bdev\x00', '*em0!]\x00'], 0x1b, [], [0x6, 0x8, 0x5, 0x1]})
r6 = openat$cgroup_ro(r2, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0)
sendfile(r3, r6, 0x0, 0x1)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040), &(0x7f0000000140)=0x10)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40046337}], 0x0, 0x0, &(0x7f0000000080)})
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000000)=ANY=[@ANYBLOB="01000400ffffffffffff0000001955f251c5c900002bec898eddb6f0"])

[  674.564062] *** Guest State ***
[  674.567555] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  674.576885] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  674.586002] CR3 = 0x0000000000000000
[  674.589793] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  674.596110] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  674.602345] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  674.609224] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.617538] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.625915] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  674.634144] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.642470] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.650541] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:45:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x418182, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r4, 0x80386433, &(0x7f00000000c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  674.658944] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  674.667152] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.675434] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  674.683671] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  674.691730] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  674.698465] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  674.706138] Interruptibility = 00000000  ActivityState = 00000000
[  674.712647] *** Host State ***
[  674.715955] RIP = 0xffffffff812cf768  RSP = 0xffff8880a696f378
[  674.722249] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  674.728763] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  674.736899] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  674.743083] CR0=0000000080050033 CR3=00000001970d5000 CR4=00000000001426f0
[  674.750193] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  674.757200] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  674.763476] *** Control State ***
[  674.767013] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  674.773969] EntryControls=0000d1ff ExitControls=002fefff
[  674.779501] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  674.786774] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  674.793681] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  674.800329]         reason=80000021 qualification=0000000000000000
[  674.806967] IDTVectoring: info=00000000 errcode=00000000
06:45:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x1, 0x0, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  674.812651] TSC Offset = 0xfffffe90eeb4f6e3
[  674.817036] EPT pointer = 0x000000019718001e
06:45:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x0, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  674.934958] binder: 16424:16426 unknown command 1074029367
[  674.940833] binder: 16424:16426 ioctl c0306201 200000c0 returned -22
[  674.984495] binder: 16431:16433 unknown command 1074029367
[  674.990419] binder: 16431:16433 ioctl c0306201 200000c0 returned -22
06:45:17 executing program 2:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x2, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000600)=""/246)
write$P9_RRENAMEAT(r0, &(0x7f0000000040)={0x7}, 0x7)
setsockopt$inet_mreqsrc(r0, 0x0, 0x2f, &(0x7f0000000000)={@rand_addr=0x10000, @dev={0xac, 0x14, 0x14, 0x18}, @broadcast}, 0xc)
socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000080))

06:45:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000180)={0x101, 0xfffffffffffffffe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f00000000c0)={0x100, 0x80000000, 0x9, 0x9, 0x3}, 0x14)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  675.313599] *** Guest State ***
[  675.317156] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  675.326968] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  675.336026] CR3 = 0x0000000000000000
[  675.339807] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  675.346009] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  675.352928] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  675.359686] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  675.367889] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  675.376079] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  675.384266] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  675.392455] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  675.400518] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  675.408714] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  675.416916] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  675.425092] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  675.433303] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  675.441358] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  675.447983] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  675.455642] Interruptibility = 00000000  ActivityState = 00000000
[  675.462127] *** Host State ***
[  675.465403] RIP = 0xffffffff812cf768  RSP = 0xffff8880a696f378
[  675.471466] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  675.478179] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  675.486241] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  675.492379] CR0=0000000080050033 CR3=00000000a7464000 CR4=00000000001426e0
[  675.499497] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  675.506462] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x1, 0x38}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  675.512721] *** Control State ***
[  675.516244] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  675.523140] EntryControls=0000d1ff ExitControls=002fefff
[  675.528667] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  675.535835] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  675.542781] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  675.549439]         reason=80000021 qualification=0000000000000000
[  675.556042] IDTVectoring: info=00000000 errcode=00000000
06:45:17 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=<r4=>0x0)
r5 = getpid()
kcmp(r4, r5, 0x5, r3, r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000000)={0x7, 0x200, 0x101, 0x6, 0x4})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  675.561561] TSC Offset = 0xfffffe9083ea7a97
[  675.566164] TPR Threshold = 0x00
[  675.569597] EPT pointer = 0x00000000a412e01e
06:45:17 executing program 4:
r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x105082)
syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
prctl$setmm(0x23, 0x0, &(0x7f0000ffd000/0x1000)=nil)
r2 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)

[  675.612976] *** Guest State ***
[  675.616452] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  675.626322] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  675.635370] CR3 = 0x0000000000000000
[  675.639172] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  675.645455] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  675.651509] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  675.658602] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.666827] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.675119] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  675.683353] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.691436] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.699772] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.707966] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  675.716226] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.724413] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  675.732668] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  675.740725] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  675.747424] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  675.755098] Interruptibility = 00000000  ActivityState = 00000000
[  675.761395] *** Host State ***
[  675.764877] RIP = 0xffffffff812cf768  RSP = 0xffff8881838ef378
[  675.770944] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  675.777660] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  675.785692] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  675.791672] CR0=0000000080050033 CR3=00000000a52cf000 CR4=00000000001426e0
[  675.798963] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  675.805840] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  675.812142] *** Control State ***
[  675.815678] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  675.822631] EntryControls=0000d1ff ExitControls=002fefff
[  675.828159] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  675.835422] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  675.842299] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  675.848968]         reason=80000021 qualification=0000000000000000
[  675.855561] IDTVectoring: info=00000000 errcode=00000000
[  675.861089] TSC Offset = 0xfffffe905941ab31
[  675.865718] EPT pointer = 0x000000016bfb501e
[  675.953484] *** Guest State ***
[  675.957015] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  675.966158] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  675.975235] CR3 = 0x0000000000000000
[  675.979021] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  675.985283] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  675.992209] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  675.998969] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  676.007263] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.015483] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.023813] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.031888] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.040088] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.048381] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  676.056599] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  676.064854] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  676.073072] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  676.081121] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  676.087769] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  676.095441] Interruptibility = 00000000  ActivityState = 00000000
[  676.101763] *** Host State ***
[  676.105160] RIP = 0xffffffff812cf768  RSP = 0xffff8880a418f378
[  676.111223] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  676.117858] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  676.125907] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  676.131877] CR0=0000000080050033 CR3=000000010980e000 CR4=00000000001426e0
[  676.139117] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  676.146028] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  676.152266] *** Control State ***
[  676.155784] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  676.162657] EntryControls=0000d1ff ExitControls=002fefff
[  676.168185] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  676.175329] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  676.182205] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  676.188855]         reason=80000021 qualification=0000000000000000
[  676.195538] IDTVectoring: info=00000000 errcode=00000000
[  676.201070] TSC Offset = 0xfffffe902c0b4f24
[  676.205661] TPR Threshold = 0x00
[  676.209090] EPT pointer = 0x00000000a486f01e
[  676.351620] *** Guest State ***
[  676.355370] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  676.364527] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  676.373594] CR3 = 0x0000000000000000
[  676.377386] RSP = 0x0000000000000f82  RIP = 0x000000000000003f
[  676.383665] RFLAGS=0x00010092         DR7 = 0x0000000000000400
[  676.389719] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  676.396706] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.404947] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.413156] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  676.421229] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.429618] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.437908] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:45:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x0, [], 0x2e9}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  676.446266] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  676.454499] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.462789] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  676.470858] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  676.479176] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  676.485846] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  676.493547] Interruptibility = 00000000  ActivityState = 00000000
[  676.499855] *** Host State ***
[  676.503370] RIP = 0xffffffff812cf768  RSP = 0xffff8880a467f378
[  676.509434] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  676.516159] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  676.524351] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  676.530327] CR0=0000000080050033 CR3=0000000197289000 CR4=00000000001426f0
[  676.537721] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  676.544647] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  676.550766] *** Control State ***
[  676.554570] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  676.561311] EntryControls=0000d1ff ExitControls=002fefff
[  676.567109] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  676.574274] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  676.581014] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  676.588018]         reason=80000021 qualification=0000000000000000
[  676.594629] IDTVectoring: info=00000000 errcode=00000000
06:45:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000180)={0x101, 0xfffffffffffffffe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:45:18 executing program 2:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x7, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x3)

[  676.600150] TSC Offset = 0xfffffe8ffbf823f2
[  676.604770] EPT pointer = 0x00000000a53da01e
06:45:18 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x800000800000001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x6, 0xfffffffffffffffe}, 0x2c)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0xa, 0x0, 0x80000001, 0x7ff, 0x1d, r1}, 0x2c)

[  676.845482] *** Guest State ***
[  676.849031] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  676.858172] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  676.867223] CR3 = 0x0000000000000000
[  676.871001] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  676.877242] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  676.884187] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  676.890943] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  676.899155] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.907466] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.915671] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.923857] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.932089] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  676.940157] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  676.948401] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  676.956602] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  676.964865] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  676.973072] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  676.979549] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  676.987301] Interruptibility = 00000000  ActivityState = 00000000
[  676.993734] *** Host State ***
[  676.997016] RIP = 0xffffffff812cf768  RSP = 0xffff8880a696f378
[  677.003546] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  677.010049] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  677.018121] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  677.024220] CR0=0000000080050033 CR3=00000000a51f2000 CR4=00000000001426e0
[  677.031315] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  677.038303] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  677.044557] *** Control State ***
[  677.048094] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  677.055060] EntryControls=0000d1ff ExitControls=002fefff
[  677.060588] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  677.067873] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  677.074806] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  677.081463]         reason=80000021 qualification=0000000000000000
[  677.088101] IDTVectoring: info=00000000 errcode=00000000
06:45:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x0, 0x8, 0xd8, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  677.093763] TSC Offset = 0xfffffe8fb202ddda
[  677.098144] TPR Threshold = 0x00
[  677.101574] EPT pointer = 0x00000000a52e101e
[  677.148166] *** Guest State ***
[  677.151803] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  677.161004] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  677.170087] CR3 = 0x0000000000000000
[  677.174006] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  677.180056] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  677.186275] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  677.193484] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.201555] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.209894] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  677.218257] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.226470] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.234718] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:45:19 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
sendto$inet6(r1, &(0x7f0000000280), 0xfffffffffffffedd, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x15000000]}}, 0x1c)

[  677.242928] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  677.250995] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.259226] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  677.267448] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  677.275672] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  677.282339] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  677.289867] Interruptibility = 00000000  ActivityState = 00000000
[  677.296328] *** Host State ***
[  677.299595] RIP = 0xffffffff812cf768  RSP = 0xffff8880a6a6f378
[  677.305835] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  677.312477] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  677.320351] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  677.326491] CR0=0000000080050033 CR3=00000000a9ec3000 CR4=00000000001426f0
[  677.333760] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  677.340501] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="420f78a0000800002e653e6467400f01cff2f3ddc9b8010000000f01d9b95d0b00000f320f01f8440f01cb48b800800000000000000f23d80f21f835400000c00f23f8420f2296db00", 0x49}], 0x1, 0xfffffffffffffffc, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  677.346908] *** Control State ***
[  677.350447] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  677.357378] EntryControls=0000d1ff ExitControls=002fefff
[  677.363136] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  677.370143] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  677.377131] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  677.383945]         reason=80000021 qualification=0000000000000000
[  677.390334] IDTVectoring: info=00000000 errcode=00000000
[  677.396107] TSC Offset = 0xfffffe8f9473ced9
[  677.400517] EPT pointer = 0x00000000a6e4101e
06:45:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:19 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000")
sendfile(r1, r2, &(0x7f0000000180), 0x100000001)
ioctl$EXT4_IOC_MIGRATE(r1, 0x6609)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)

[  677.645683] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  677.732405] *** Guest State ***
[  677.735952] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  677.745239] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  677.754391] CR3 = 0x0000000000000000
[  677.758195] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  677.764472] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  677.771323] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  677.778374] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  677.786604] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  677.795019] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  677.803314] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  677.811383] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  677.819723] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  677.827980] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  677.836319] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  677.844546] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  677.852861] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  677.861043] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  677.867850] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  677.875551] Interruptibility = 00000000  ActivityState = 00000000
[  677.881856] *** Host State ***
[  677.885384] RIP = 0xffffffff812cf768  RSP = 0xffff8880a463f378
[  677.891440] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  677.898196] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  677.906273] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  677.912520] CR0=0000000080050033 CR3=00000001973ad000 CR4=00000000001426f0
[  677.919640] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  677.926667] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  677.933016] *** Control State ***
[  677.936552] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  677.943542] EntryControls=0000d1ff ExitControls=002fefff
[  677.949087] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  677.956367] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  677.963733] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  677.970419]         reason=80000021 qualification=0000000000000000
[  677.977102] IDTVectoring: info=00000000 errcode=00000000
[  677.982793] TSC Offset = 0xfffffe8f38dde4bc
[  677.987181] TPR Threshold = 0x00
[  677.990603] EPT pointer = 0x00000000a40f601e
06:45:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000180)={0x101, 0xfffffffffffffffe})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  678.102958] *** Guest State ***
[  678.106335] CR0: actual=0x0000000000000021, shadow=0x0000000000000021, gh_mask=fffffffffffffff7
[  678.115573] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871
[  678.124668] CR3 = 0x0000000000002000
[  678.128462] PDPTR0 = 0x00000000000000e7  PDPTR1 = 0x0000000000000000
[  678.135293] PDPTR2 = 0x0000000000000000  PDPTR3 = 0x0000000000000000
[  678.141851] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  678.148118] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  678.154442] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
[  678.161201] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[  678.169556] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  678.177905] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  678.186119] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  678.194427] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  678.202710] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  678.210769] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  678.219098] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  678.227309] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[  678.235654] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  678.243867] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[  678.250366] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  678.258074] Interruptibility = 00000000  ActivityState = 00000000
[  678.264516] *** Host State ***
[  678.267811] RIP = 0xffffffff812cf768  RSP = 0xffff8880a419f378
[  678.274037] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  678.280523] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  678.288565] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  678.294695] CR0=0000000080050033 CR3=000000016cc1a000 CR4=00000000001426f0
[  678.301796] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  678.308720] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  678.314978] *** Control State ***
[  678.318719] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  678.325648] EntryControls=0000d1ff ExitControls=002fefff
[  678.331172] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  678.338352] VMEntry: intr_info=00000306 errcode=00000000 ilen=00000000
[  678.345848] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  678.352663]         reason=80000021 qualification=0000000000000000
[  678.359058] IDTVectoring: info=00000000 errcode=00000000
[  678.364751] TSC Offset = 0xfffffe8f37f4d8f6
[  678.369136] EPT pointer = 0x00000000a462901e
06:45:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:20 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff})
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket$kcm(0xa, 0x1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0x80}, &(0x7f0000000140)=0x8)
pread64(r2, &(0x7f0000000240)=""/69, 0x45, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000100)={0x10000, 0x20a, 0x2, 0x0, r4}, 0x10)
sendmsg$kcm(r2, &(0x7f0000000700)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @dev, 0xc}, 0x80, &(0x7f0000000480), 0x0, &(0x7f0000000740)}, 0x20004040)
r5 = dup3(r1, r2, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000180)={'ip6gretap0\x00', @random="01003a1e2410"})
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f00000002c0)={r4, 0x81}, &(0x7f0000000300)=0x8)
r6 = semget(0x0, 0x7e40267ab83bfdf8, 0x208)
semctl$IPC_STAT(r6, 0x0, 0x2, &(0x7f0000000340)=""/103)
r7 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x3, 0x2)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

06:45:20 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x800000000000008)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x0})
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000000)={0x2})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_dgram(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
shutdown(r2, 0x0)
ppoll(&(0x7f0000000080)=[{r2}], 0x1, &(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f0000000140), 0x8)

[  678.607307] *** Guest State ***
[  678.610790] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  678.620042] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  678.629141] CR3 = 0x0000000000000000
[  678.633122] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  678.639163] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  678.646164] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  678.653173] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  678.661243] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  678.669559] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  678.677816] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  678.686082] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  678.694332] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  678.702586] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  678.710675] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  678.718916] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  678.727155] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  678.735384] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  678.741871] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  678.749578] Interruptibility = 00000000  ActivityState = 00000000
[  678.756065] *** Host State ***
[  678.759335] RIP = 0xffffffff812cf768  RSP = 0xffff8880a550f378
[  678.765582] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  678.772422] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  678.780298] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  678.786571] CR0=0000000080050033 CR3=00000000a6a2f000 CR4=00000000001426f0
[  678.793873] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  678.800651] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  678.807040] *** Control State ***
[  678.810569] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  678.817549] EntryControls=0000d1ff ExitControls=002fefff
[  678.824034] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  678.831055] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  678.838053] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  678.844854]         reason=80000021 qualification=0000000000000000
[  678.851250] IDTVectoring: info=00000000 errcode=00000000
[  678.857065] TSC Offset = 0xfffffe8ebf37cc89
[  678.861484] TPR Threshold = 0x00
[  678.865204] EPT pointer = 0x00000000a530101e
06:45:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:45:21 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x0, 0xd8, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:21 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f00000000c0)={0x0, 0x5, 0xfffffffffffffffd})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:45:21 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x400000, 0x0)
getsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000000)={&(0x7f00000001c0)={0x48, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}]}]}, 0x48}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clock_gettime(0x0, &(0x7f0000000200))
sendmsg$nl_generic(r1, &(0x7f00003cefe4)={&(0x7f0000000300)={0x10, 0x36200}, 0xc, &(0x7f0000007ff0)={&(0x7f0000000180)={0xffce, 0x2e, 0x6fd, 0x0, 0x0, {0x2004}, [@nested={0xc, 0x0, [@typed={0x62, 0x0, @ipv4}]}]}, 0xffce}}, 0x0)

[  679.367520] *** Guest State ***
[  679.370767] *** Guest State ***
[  679.371110] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  679.374593] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  679.383718] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  679.392687] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  679.401545] CR3 = 0x0000000000000000
[  679.401584] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  679.410630] CR3 = 0x0000000000000000
[  679.410656] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  679.410684] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  679.410737] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  679.414712] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  679.420693] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.424465] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  679.430465] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.436661] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.443514] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  679.449517] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.457661] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.457703] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.457742] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.457783] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  679.464652] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  679.464693] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.464739] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.472911] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.480930] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.489120] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  679.497274] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  679.505481] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.513607] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.521595] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  679.529790] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  679.537948] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  679.546170] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  679.554307] Interruptibility = 00000000  ActivityState = 00000000
[  679.562486] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  679.570455] *** Host State ***
[  679.570499] RIP = 0xffffffff812cf768  RSP = 0xffff8880a408f378
[  679.578688] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  679.586873] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  679.595072] Interruptibility = 00000000  ActivityState = 00000000
[  679.603259] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  679.609682] *** Host State ***
[  679.617862] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  679.625526] RIP = 0xffffffff812cf768  RSP = 0xffff8880a515f378
[  679.633725] CR0=0000000080050033 CR3=00000000a41f0000 CR4=00000000001426e0
[  679.639984] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  679.646586] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  679.649801] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  679.655954] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  679.663594] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  679.669999] *** Control State ***
[  679.670043] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  679.676594] CR0=0000000080050033 CR3=00000000a46c3000 CR4=00000000001426f0
[  679.684476] EntryControls=0000d1ff ExitControls=002fefff
[  679.687689] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  679.693780] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  679.699774] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  679.707031] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  679.713566] *** Control State ***
[  679.720263] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  679.728256] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  679.734489]         reason=80000021 qualification=0000000000000000
[  679.740399] EntryControls=0000d1ff ExitControls=002fefff
[  679.744033] IDTVectoring: info=00000000 errcode=00000000
[  679.744055] TSC Offset = 0xfffffe8e5c5c57f2
[  679.744094] EPT pointer = 0x00000000a461b01e
[  679.750799] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  679.787508] *** Guest State ***
[  679.790522] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  679.794208] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  679.794259] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  679.800861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  679.807730] CR3 = 0x0000000000000000
[  679.814235]         reason=80000021 qualification=0000000000000000
[  679.819710] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  679.825339] IDTVectoring: info=00000000 errcode=00000000
[  679.825362] TSC Offset = 0xfffffe8e5ae6cc59
[  679.825387] EPT pointer = 0x00000000a6aac01e
[  679.907199] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
06:45:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x0, 0x1, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  679.914284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  679.921031] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  679.929235] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  679.937480] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  679.945728] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  679.953923] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  679.962199] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  679.970252] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  679.978442] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  679.986631] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  679.994817] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  680.002972] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  680.009451] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  680.017097] Interruptibility = 00000000  ActivityState = 00000000
[  680.023519] *** Host State ***
[  680.026779] RIP = 0xffffffff812cf768  RSP = 0xffff8880a513f378
[  680.032962] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  680.039443] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  680.047455] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  680.053547] CR0=0000000080050033 CR3=00000000a9ede000 CR4=00000000001426e0
[  680.060684] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  680.067567] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  680.073805] *** Control State ***
[  680.077321] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  680.084169] EntryControls=0000d1ff ExitControls=002fefff
[  680.089693] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  680.096954] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  680.103827] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  680.110482]         reason=80000021 qualification=0000000000000000
[  680.117103] IDTVectoring: info=00000000 errcode=00000000
[  680.122741] TSC Offset = 0xfffffe8e1e461a54
[  680.127123] TPR Threshold = 0x00
[  680.130548] EPT pointer = 0x00000000a742701e
06:45:22 executing program 4:
syz_execute_func(&(0x7f00000000c0)="64ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3193e66430f3a0ce397")
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000001fc0)=""/4096, &(0x7f0000002fc0)=0x1000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xff}, 0x8)
clone(0x80002102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff)
r1 = dup2(r0, r0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000600)='veth0\x00')
write$P9_RSETATTR(r1, &(0x7f0000000000)={0xfffffffffffffeb1}, 0x7)

[  680.273429] netlink: 47038 bytes leftover after parsing attributes in process `syz-executor2'.
06:45:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

06:45:22 executing program 2:
syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0xffffffff, 0x0)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x100, 0x0)
ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0x83)

06:45:22 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x8200000004)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a0676ffffff81004e220000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffefffd09000000fff5dd0000001000f7ff000c0900fcff0000040e05a5", 0x58}], 0x106c)
r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0, 0x0)
name_to_handle_at(r1, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x46, 0x20, "a746848dff6e5072b6560ba1009e860d5ca952828f94e0eefda5dbd165f4a2849413d6bbba2f4c396f4fc2f6b82c83f32d7fd0144fee30e96d3d520f2fd7"}, &(0x7f0000000240), 0x1400)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000500)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="db000000420c06003e102e3b0919f2fc7bc063dc0c768bdd1aec30718d60b7400a005cae8058f25100a8d7bd7a03c05cb405de1566a9f29ff8998e7db2364b8b829201f7f2ecdb2904824b4b01807e3855fbb92d843330d91d4dcd8027822b5c081747d16771a39f2e8c4037b155f8b8d1e39074300f6edab6c34848c93632a208ceb5dbe453d20d3355cc9edde0c822ada8340762458d9a210f5d525e9468815a6ea7b58f36a4aa80537e8a72fc68d073a0da774df226d78c3acc2b39d2b1aebe227c2a0600149bb079816fe369f760c0bddf55e4c93418faf4dc12cc09959b4fdda8fcc9318bbcf54c0138de0f088646ac6e4c10ecee97dd99d709c0c94640ccc6c21bef2a404949163a70359cc242d020c2393636bef89a5fa010be48d21eebfef9e6cf3796c9abb946884eb115899a1c8883a373cea11f5e76a5e0e26f9a409028ab1f1b39dbe62b00d73cf024040e71e906e506e7dffa85b3df1d5278758b5fa73826567f0f3108c3b3795c2d0af50b6d78080000003353296d18000000000000000000000000b0e416ef09d54bf8776ecfc1540ed910ebf47bc7554d4ee392ae40bd28b3f59ecd745d16ac0f28874e6aeb4b435441ae1ba8a4c56afa3235945bea812a68387ff4fc8c589d1ec33b8fc6ae7fd71e6e08cd4bca85e325a031746f52232b7e8978b8344007e1b8922049c43ae31d5a45112e193a03ffc134128a0f9552ffda8f2f75cb8d15e45bb4d8a17b0cf6fed2347043184ea3aedf78eee1c54066812f901c20d26a42d830fd"], &(0x7f0000000040)=0xe3)
ioctl$VT_DISALLOCATE(r1, 0x5608)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={r2, 0x7, 0x6}, &(0x7f0000000280)=0x8)

06:45:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  680.888332] *** Guest State ***
[  680.892101] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  680.901021] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  680.910187] CR3 = 0x0000000000000000
[  680.914111] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  680.920150] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  680.927141] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  680.934060] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  680.942298] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  680.950366] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  680.958634] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  680.966861] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  680.975098] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
06:45:23 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f0000000000)={@multicast1}, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x101000, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f00000000c0)=0x7f, 0x4)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)

[  680.983439] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  680.991500] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  680.999779] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  681.008021] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  681.016292] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  681.022940] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  681.030517] Interruptibility = 00000000  ActivityState = 00000000
06:45:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  681.037110] *** Host State ***
[  681.040380] RIP = 0xffffffff812cf768  RSP = 0xffff8880a409f378
[  681.046682] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  681.053330] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  681.061209] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  681.067480] CR0=0000000080050033 CR3=00000000af0c3000 CR4=00000000001426f0
[  681.074755] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  681.081495] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  681.087909] *** Control State ***
[  681.091439] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  681.098437] EntryControls=0000d1ff ExitControls=002fefff
[  681.104115] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  681.111117] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  681.118096] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  681.124918]         reason=80000021 qualification=0000000000000000
[  681.131310] IDTVectoring: info=00000000 errcode=00000000
06:45:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x2000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x2})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x8, 0x200000)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

[  681.137077] TSC Offset = 0xfffffe8d88a29d46
[  681.141470] TPR Threshold = 0x00
[  681.145218] EPT pointer = 0x00000000a764c01e
06:45:23 executing program 4:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x10008000, 0x0)
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r0, 0xc0305616, &(0x7f0000000040)={0x7ff, {0x7ff, 0x4}})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r2 = accept4(r1, 0x0, &(0x7f0000000200), 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000140)={0x2, &(0x7f0000000000)=[{0x0, 0x99f5}, {0x2, 0x8001}]})
recvmsg(r2, &(0x7f0000001740)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000001600), 0x0, &(0x7f0000001680)=""/182, 0xb6}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

06:45:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:23 executing program 2:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0xff, 0x80100)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)={@multicast1, @dev={0xac, 0x14, 0x14, 0x1c}, 0x1, 0x7, [@multicast1, @local, @rand_addr=0xffff, @multicast2, @remote, @multicast2, @rand_addr=0x37]}, 0x2c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @remote}, {0x0, @broadcast}, 0x28, {0x2, 0x0, @multicast1}, 'bridge_slave_1\x00'})

06:45:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = getuid()
quotactl(0x0, &(0x7f0000000080)='./file0\x00', r4, &(0x7f0000000180)="7bb3d6ac9ea4dbd2d7fe7f370993147bd7222af12d8354a0ddd69e5a6a0aa71b21cc3d834029375833a7f273ce37b4b1fe69423069e137b8b88f2157bafbcafa8e25ab6f13dbbadd8da69af29fd41837dc6808d272d39caa829a08f553333b2754d670dc3534a14fed0dcfc20ca18dd03f75b12c292ffd9c1939fdb512b26ab934704ba03244bfd60e59d6ab4eb7f153938428b00c6f6713b6a102fb90e1f30885513849")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

06:45:24 executing program 4:
r0 = eventfd(0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffffff9, 0x2000)
ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000100)={"f2bd7a00476f3edfea2783fafc32d067e0474f093a8a3c19665b5c7c6f11f2d061e07ae078822daf8dd6aa4196ba657c8a06838df53ba3d8366eb2336673303b789d1bfc543df9de7e6da9a9667a45cd64303bf6f7b5b2243ebc07c65f244650cb56371ddaa6a30c99474853a36860cb0eb9496bf86065a95dd1702984cf145098a6b3b2c5ffd6a085fb41b42a4e205d4f7136b78217799c993fd025265d9939564a1e929dec6bd85e0ef215b39b70395600ba0d359fc8009b08a31d85943730a4ae784790d6c8393cd18f55c1ab0d77b69c81fe66bf1285490d72dc998755d2693cb5bcc50e815820f85ceb2f4de04c018b17636d209c31573f60f58cbc29947deaee59fcb6725ca1f5299634b04581b5f5bc3c345af94e743c275e892ca89cf5f62baabd132bb8265c592fb0e0540a1e048f59596663f2f0f457dad1b3da38e7cddeb48bfcad9f56dc3babafe36c08e7414ec08f7ae19914c75452dfb1d30879f99d2413b2a569a0d8bc7e789e5c7aac9094de645f34a27aeabafeaaae09606a95c6a5154ae3f43d3ebf6ecf60a079443b2a47c59cba90cfd134b104ed45d889d3646336532cc88bc9293e63786dc910fe07a8d9db63ccab92570e6d99f4ffb68cd6a65224d16ebb6779d600842028041f8211350e42e0d84017c785142532b4f6b0c9b5ae4a7946843f55ae7e8f500c692b616a74b99bac67369a45bce0abf3421f75ab8a7b6e6dbefe3cec97a4c532b5533dd2cc06f9a9a275268803c21d97b92946ba5eb98596e99e2fbe60088cb493f8fe9d4f85a43df31d9e42b117593e5cd27e821c6c7f2767f79a4b32f0be44874675dd2462bfab92cbdac2175e5ec56141952fce59cbc098c15085b019b34fc902d8af4fcc0bc4fc542c906b6ebd5a26710c60910fc178252c51b80f2a9466ed22bbe1b9231963f07125e1009b19175f387f85bf7a39fd787b9b2b49bba908c5ca5c19e9776b8492908863a9c9381f471ce24f7de7fd14f3e5fa76cd6503b800f8ce07b7cd2f3f2b91fea515d4b8ceb8d147110caec7db19f54215a57175a3ebae33e12f4ae4b917a966b347b8e59a2afbc84dd54c18aa9e7ce935b5f536abae505514738a177610dc83d124c84874abfce3149a0642ca39f737d1957a79b918b79006cde4029309c638b6133272c96a4fbd0c1fa7a59d99df4ceb23fd19e555bf409e1f4dc4be885c845674c76ea932e1422b508004b5d429008a07981453829d76ef291cce08e8f64b7c2e4c0ea97a74c0ebda08f2681e2c050de4768dc2e980cb73c484ffb6cffffe049347126245a2adb78e5879f69e9b21094e08825a6520c7f966588f0051cb5a4dfe5135a2a6eadd0fbe52174341110826bf2475c9b4258141831f61e7cef290a9802dcf987ea60d19eaac0b6dff9a605e468f19f4f80097e3cb9c7d9910caf9305a7dfb"})
keyctl$session_to_parent(0x12)
write$eventfd(r0, &(0x7f00000000c0), 0x8)

06:45:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f0000000140), 0x358)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000340)={0x1})
socketpair(0x0, 0x0, 0x0, &(0x7f00000000c0))
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000100)=0x14)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
accept4$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14, 0x80800)

[  682.169107] *** Guest State ***
[  682.172800] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  682.181731] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  682.190974] CR3 = 0x0000000000000000
[  682.194878] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  682.201082] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  682.207985] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  682.210266] *** Guest State ***
[  682.214858] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  682.214905] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.214951] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.214996] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.215042] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.215085] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.215121] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  682.215171] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  682.218475] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  682.226701] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  682.234911] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  682.242964] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  682.250951] CR3 = 0x0000000000000000
[  682.259105] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  682.259136] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  682.259188] Interruptibility = 00000000  ActivityState = 00000000
[  682.267347] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  682.275567] *** Host State ***
[  682.275605] RIP = 0xffffffff812cf768  RSP = 0xffff8880a409f378
[  682.275666] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  682.275718] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  682.283900] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  682.283941] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  682.292965] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  682.293000] CR0=0000000080050033 CR3=00000000a6964000 CR4=00000000001426e0
[  682.293055] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  682.301075] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.310113] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  682.318444] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.318487] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  682.318526] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.318567] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.318623] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.322447] *** Control State ***
[  682.322475] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  682.322512] EntryControls=0000d1ff ExitControls=002fefff
[  682.328956] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  682.336600] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  682.343099] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.349093] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  682.352466] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  682.352508] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  682.352537] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  682.352565] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  682.352607] Interruptibility = 00000000  ActivityState = 00000000
[  682.358641] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  682.365236] *** Host State ***
[  682.373232]         reason=80000021 qualification=0000000000000000
[  682.379232] RIP = 0xffffffff812cf768  RSP = 0xffff8880af02f378
[  682.386114] IDTVectoring: info=00000000 errcode=00000000
[  682.392202] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  682.399229] TSC Offset = 0xfffffe8cd87d9f20
[  682.406109] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  682.414257] TPR Threshold = 0x00
[  682.420348] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  682.428545] EPT pointer = 0x00000000a471b01e
[  682.436743] CR0=0000000080050033 CR3=00000000a52bd000 CR4=00000000001426f0
[  682.505152] *** Guest State ***
[  682.507379] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  682.515541] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  682.515579] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  682.515631] CR3 = 0x0000000000000000
[  682.523824] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  682.530257] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  682.537898] *** Control State ***
[  682.544323] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  682.550916] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  682.550942] EntryControls=0000d1ff ExitControls=002fefff
[  682.550973] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  682.550998] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  682.551023] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  682.551060]         reason=80000021 qualification=0000000000000000
[  682.554773] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  682.560780] IDTVectoring: info=00000000 errcode=00000000
[  682.566957] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  682.572578] TSC Offset = 0xfffffe8cd9c129be
[  682.579033] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.583600] EPT pointer = 0x00000000a687d01e
[  682.591360] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.752189] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.760249] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.768566] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  682.776773] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  682.785056] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  682.793231] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  682.801292] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  682.809551] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  682.816216] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  682.823924] Interruptibility = 00000000  ActivityState = 00000000
[  682.830214] *** Host State ***
[  682.833679] RIP = 0xffffffff812cf768  RSP = 0xffff8880a465f378
[  682.839752] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  682.846434] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  682.854434] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  682.860415] CR0=0000000080050033 CR3=00000000b08a3000 CR4=00000000001426e0
[  682.867720] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  682.874608] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  682.880740] *** Control State ***
[  682.884463] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  682.891197] EntryControls=0000d1ff ExitControls=002fefff
[  682.896866] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  682.904048] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  682.910799] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  682.917645]         reason=80000021 qualification=0000000000000000
[  682.924150] IDTVectoring: info=00000000 errcode=00000000
[  682.929666] TSC Offset = 0xfffffe8ca83e40e4
[  682.934232] TPR Threshold = 0x00
[  682.937688] EPT pointer = 0x00000000a775601e
06:45:25 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r0)
r2 = socket(0x200000000000011, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r3=>0x0})
io_setup(0xf09, &(0x7f0000000100))
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x10000, 0x0)
ioctl$VIDIOC_G_INPUT(r4, 0x80045626, &(0x7f0000000240))
bind$packet(r2, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x8, 0x4)
io_setup(0x7, &(0x7f00000000c0)=<r5=>0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000180), 0x0, 0x4}])

06:45:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:25 executing program 2:
r0 = add_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="f574ae27e16fa0403d2414b8976d747a40d672c210ed869e", 0x18, 0xfffffffffffffffd)
keyctl$setperm(0x5, r0, 0x30)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000000c0)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}, 0x0, @in6=@mcast2}}, &(0x7f00000001c0)=0xe8)
ioprio_get$uid(0x3, r1)

06:45:25 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x0, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  683.702449] *** Guest State ***
[  683.705967] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  683.715121] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  683.724164] CR3 = 0x0000000000000000
[  683.727947] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  683.734206] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  683.740956] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  683.748791] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  683.757007] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  683.765289] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  683.773550] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  683.781637] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  683.789963] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  683.798170] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  683.806652] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  683.814850] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  683.823166] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  683.831215] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  683.837926] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  683.845597] Interruptibility = 00000000  ActivityState = 00000000
[  683.852108] *** Host State ***
[  683.855374] RIP = 0xffffffff812cf768  RSP = 0xffff8880a771f378
[  683.861473] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  683.868232] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  683.876405] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  683.882598] CR0=0000000080050033 CR3=0000000197128000 CR4=00000000001426e0
[  683.889717] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  683.896674] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  683.902907] *** Control State ***
[  683.906433] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  683.913388] EntryControls=0000d1ff ExitControls=002fefff
[  683.918939] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  683.926153] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  683.933007] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  683.939666]         reason=80000021 qualification=0000000000000000
06:45:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:26 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00004da000), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x52}, 0x4)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f000007affc), 0x4)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000040))

[  683.948347] IDTVectoring: info=00000000 errcode=00000000
[  683.954111] TSC Offset = 0xfffffe8c03ffb982
[  683.958507] TPR Threshold = 0x00
[  683.962160] EPT pointer = 0x00000000af07401e
06:45:26 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x4400000000000003, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:26 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070")
r1 = socket(0x40000000015, 0x4, 0x0)
getsockopt$sock_int(r1, 0x1, 0x15, &(0x7f00003e9ffc), &(0x7f0000727ffc)=0x4)

06:45:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x0, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  684.653470] *** Guest State ***
[  684.657064] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  684.666372] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  684.675555] CR3 = 0x0000000000000000
[  684.679387] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  684.685605] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  684.691676] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  684.698678] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.706905] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.715143] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  684.723373] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.731430] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.739687] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:45:26 executing program 2:
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video36\x00', 0x2, 0x0)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0xc, 0x4, 0x0, {0x0, 0x7530}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "960d87e5"}, 0x0, 0x0, @offset, 0x4})
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x0)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000140)={0xd0ec, 0x4, [], {0x1, @reserved}})

[  684.747982] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  684.756197] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.764429] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  684.772670] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  684.780748] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  684.787496] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  684.795186] Interruptibility = 00000000  ActivityState = 00000000
[  684.801483] *** Host State ***
[  684.805008] RIP = 0xffffffff812cf768  RSP = 0xffff8880a55cf378
[  684.811075] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  684.817833] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  684.825945] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  684.832147] CR0=0000000080050033 CR3=00000000af05c000 CR4=00000000001426f0
[  684.839254] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  684.846234] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  684.852515] *** Control State ***
[  684.856150] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  684.863149] EntryControls=0000d1ff ExitControls=002fefff
[  684.868690] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  684.875976] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  684.882901] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  684.889553]         reason=80000021 qualification=0000000000000000
[  684.896217] IDTVectoring: info=00000000 errcode=00000000
06:45:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  684.901728] TSC Offset = 0xfffffe8b88c58b17
[  684.906421] EPT pointer = 0x00000000a53a501e
06:45:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x0, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:27 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x200000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)=ANY=[], &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000200)={0x0, @in6}, 0x90)

[  685.025801] *** Guest State ***
[  685.029358] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  685.038636] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  685.047791] CR3 = 0x0000000000000000
[  685.051582] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  685.057973] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  685.064951] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  685.071806] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  685.080257] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.088504] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.096816] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.105157] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.113512] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.121579] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  685.129949] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  685.138184] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  685.146475] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  685.154709] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  685.161207] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  685.168987] Interruptibility = 00000000  ActivityState = 00000000
[  685.175458] *** Host State ***
[  685.178723] RIP = 0xffffffff812cf768  RSP = 0xffff8880a69ef378
[  685.185024] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  685.192280] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  685.200168] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  685.206462] CR0=0000000080050033 CR3=00000000a6853000 CR4=00000000001426f0
[  685.213754] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  685.220512] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  685.226946] *** Control State ***
[  685.230481] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  685.237475] EntryControls=0000d1ff ExitControls=002fefff
[  685.243161] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  685.250184] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  685.257221] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  685.264057]         reason=80000021 qualification=0000000000000000
[  685.270463] IDTVectoring: info=00000000 errcode=00000000
[  685.276256] TSC Offset = 0xfffffe8b50fb488d
[  685.280649] TPR Threshold = 0x00
[  685.284325] EPT pointer = 0x00000000a34fc01e
06:45:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
fcntl$dupfd(r0, 0x406, r0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  685.518988] *** Guest State ***
[  685.522679] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  685.531603] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  685.540774] CR3 = 0x0000000000000000
[  685.544766] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  685.550816] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  685.557773] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  685.564767] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  685.573035] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.581115] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.589358] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.597684] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.605915] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  685.614146] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  685.622412] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  685.630468] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  685.638742] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  685.647047] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  685.653712] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  685.661243] Interruptibility = 00000000  ActivityState = 00000000
[  685.667792] *** Host State ***
[  685.671063] RIP = 0xffffffff812cf768  RSP = 0xffff8880a35cf378
[  685.677379] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  685.684043] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  685.692161] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  685.698134] CR0=0000000080050033 CR3=00000000a4724000 CR4=00000000001426f0
[  685.705485] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  685.712422] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  685.718537] *** Control State ***
[  685.722481] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  685.729232] EntryControls=0000d1ff ExitControls=002fefff
[  685.734996] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  685.742183] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  685.748934] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  685.755896]         reason=80000021 qualification=0000000000000000
[  685.762459] IDTVectoring: info=00000000 errcode=00000000
06:45:27 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x507000)
write$UHID_INPUT2(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="0c000000db00262645db186bf368a9df65cd3e18723acd1bf97aa107d62c3b382a750637c7bfb3936830273ef5d5b6ab0852030c08aad9559c592f2e002a6b2b69e1e22dd00096fea6a95049b389486e4079dd5684e9e8a562b7e8cdf7b0d2087113acc6705644265ef38b731024fb7caf9559ab7381fb205fdd966f4117678eaae6bd18d1d2b630d374051e882c5d3550a43fbb1740f088741dea04dc798042e45215be5ed29a2f4580318452a00d4cf56ed6c42892a2f642a470a380f71030da8df4e66ab07a4d8010f9609fac453d47c362075125cbee1d899ac6"], 0xe1)
ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10)
recvfrom(r0, &(0x7f0000000080)=""/101, 0x1000000bf, 0x122, 0x0, 0x4f)
read(r0, &(0x7f0000000380)=""/172, 0xffffffc7)

[  685.767977] TSC Offset = 0xfffffe8b0d58ec6f
[  685.772651] TPR Threshold = 0x00
[  685.776082] EPT pointer = 0x00000000a2f8901e
[  685.835571] *** Guest State ***
[  685.838964] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  685.848242] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  685.857365] CR3 = 0x0000000000000000
[  685.861153] RSP = 0x0000000000000f80  RIP = 0x0000000000000045
[  685.867396] RFLAGS=0x00000006         DR7 = 0x0000000000000400
[  685.873640] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  685.880518] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.888786] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.897069] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  685.905379] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.913627] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.921703] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.929997] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  685.938290] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.946507] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  685.954762] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  685.963003] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  685.969490] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  685.977220] Interruptibility = 00000000  ActivityState = 00000000
[  685.985389] *** Host State ***
[  685.988662] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2fcf378
[  685.994895] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  686.001379] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  686.009426] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  686.015538] CR0=0000000080050033 CR3=00000000a344c000 CR4=00000000001426f0
[  686.022842] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  686.029597] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  686.035924] *** Control State ***
[  686.039465] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  686.046369] EntryControls=0000d1ff ExitControls=002fefff
[  686.052117] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  686.059123] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  686.066043] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  686.072856]         reason=80000021 qualification=0000000000000000
[  686.079246] IDTVectoring: info=00000000 errcode=00000000
06:45:28 executing program 4:
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x4, @broadcast, 'yam0\x00'}}, 0x1e)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x20)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={<r2=>0x0, @in6={{0xa, 0x4e24, 0x5, @loopback, 0x10001}}, 0x800, 0x6, 0x4, 0x1, 0x7fff}, &(0x7f0000000080)=0x98)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={r2}, &(0x7f0000000200)=0x8)
r3 = dup(r0)
ioctl$TIOCLINUX5(r3, 0x541c, &(0x7f0000000000)={0x5, 0xc8, 0x4d, 0x0, 0xc0})

[  686.084938] TSC Offset = 0xfffffe8ae1c2c830
[  686.089317] EPT pointer = 0x00000000a347301e
06:45:28 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000000))

06:45:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x0, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
fcntl$dupfd(r0, 0x406, r0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  686.577514] *** Guest State ***
[  686.581158] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  686.590373] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  686.599474] CR3 = 0x0000000000000000
[  686.603473] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  686.609632] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  686.616011] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  686.622933] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.630997] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.639286] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  686.647648] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.655899] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.664207] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.672430] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  686.680492] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.688786] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  686.697022] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.705298] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  686.711785] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  686.719556] Interruptibility = 00000000  ActivityState = 00000000
[  686.726026] *** Host State ***
[  686.729289] RIP = 0xffffffff812cf768  RSP = 0xffff8880a69ef378
[  686.735650] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  686.742407] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  686.750295] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  686.756500] CR0=0000000080050033 CR3=00000000a35a6000 CR4=00000000001426f0
[  686.763779] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  686.770522] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  686.776926] *** Control State ***
[  686.780456] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  686.787435] EntryControls=0000d1ff ExitControls=002fefff
[  686.793144] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  686.800146] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  686.807205] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  686.814043]         reason=80000021 qualification=0000000000000000
[  686.820445] IDTVectoring: info=00000000 errcode=00000000
06:45:28 executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0xfffffffffffffdff, 0x200200)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000400)="8e267c7414f57d5b330410f1e8c6db6c67a4a4f13de7a01a9b0b3287d9ebf5e8981cd22df289bd6ad9fe017a9fac5adfde543104cc5e40976de443afa420df849b554272639e62cc477dc7de48850dcf25baab42bd7ddfcdc9def7846af15f8532b7161cdfc5d2a892b43e230aa9d4072235a30234cc32c1bff763fabe7bebe6cf521f03d936c20365d07c00508113eb78b2213b011d0e1e7f57765cb27365697435cd3235409e7b86ea223f681b063c4b9750fb688612243ee7e677d95f68f1161fb6fbad97002eca697dba0b99f472ecafed06ecc16ffaf59320a62cabf073262116bdbd7a469178da1d23e43682c6a672ed9584dd20a6a4e5b9c5", 0xfc}], 0x1)

06:45:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x0, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  686.826239] TSC Offset = 0xfffffe8a82edc60a
[  686.830648] EPT pointer = 0x00000000a41f401e
[  686.856210] *** Guest State ***
[  686.859760] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  686.869084] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  686.878215] CR3 = 0x0000000000000000
[  686.882204] RSP = 0x0000000000000f80  RIP = 0x0000000000000045
[  686.888247] RFLAGS=0x00000006         DR7 = 0x0000000000000400
[  686.894559] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  686.901413] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.909756] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.918019] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  686.926336] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.934576] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.942927] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.950994] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  686.959381] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.967691] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  686.976018] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  686.984267] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  686.990757] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  686.998606] Interruptibility = 00000000  ActivityState = 00000000
[  687.005108] *** Host State ***
[  687.008385] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3d4f378
[  687.014701] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  687.021198] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  687.029305] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  687.035431] CR0=0000000080050033 CR3=00000000a3426000 CR4=00000000001426f0
[  687.042776] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  687.049541] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  687.055903] *** Control State ***
[  687.059433] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  687.066466] EntryControls=0000d1ff ExitControls=002fefff
[  687.072151] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  687.079173] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  687.086218] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  687.093039]         reason=80000021 qualification=0000000000000000
[  687.099443] IDTVectoring: info=00000000 errcode=00000000
[  687.105246] TSC Offset = 0xfffffe8a54e97272
[  687.109655] EPT pointer = 0x00000000a3eb301e
06:45:29 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/82, 0x52}, {&(0x7f0000000140)=""/57, 0x39}, {&(0x7f0000000180)=""/74, 0x4a}, {&(0x7f0000000200)=""/165, 0xa5}, {&(0x7f00000002c0)=""/91, 0x5b}], 0x5, &(0x7f00000003c0)=""/162, 0xa2, 0x8}, 0x12002)
ioctl(r0, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070")
socket$key(0xf, 0x3, 0x2)
r1 = socket$key(0xf, 0x3, 0x2)
close(r1)

[  687.281665] *** Guest State ***
[  687.285520] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  687.294655] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  687.303707] CR3 = 0x0000000000000000
[  687.307483] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  687.313732] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  687.319776] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  687.326795] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.334999] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.343206] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  687.352243] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.360317] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.368798] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.377019] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  687.385288] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.393501] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  687.401578] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  687.409859] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  687.416487] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  687.424214] Interruptibility = 00000000  ActivityState = 00000000
[  687.430511] *** Host State ***
[  687.433978] RIP = 0xffffffff812cf768  RSP = 0xffff8880a46ff378
[  687.440042] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  687.446801] FSBase=00007fb09ecd8700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  687.454817] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  687.460783] CR0=0000000080050033 CR3=00000000a35a6000 CR4=00000000001426e0
[  687.468120] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  687.475030] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  687.481144] *** Control State ***
[  687.484927] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  687.491680] EntryControls=0000d1ff ExitControls=002fefff
[  687.497463] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  687.504602] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  687.511395] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  687.518250]         reason=80000021 qualification=0000000000000000
[  687.524786] IDTVectoring: info=00000000 errcode=00000000
06:45:29 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x2000000000, 0xfffffffffffffffc)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585605, &(0x7f0000000200)={0x1, 0x0, {0x0, 0x0, 0x0, 0x7}})
setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.ima\x00', &(0x7f0000000100)=@ng={0x4, 0xe, "19"}, 0x3, 0x2)

06:45:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0x0, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  687.530312] TSC Offset = 0xfffffe8a22475ee3
[  687.534929] EPT pointer = 0x00000000a354e01e
[  687.551820] *** Guest State ***
[  687.555377] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  687.564532] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  687.573588] CR3 = 0x0000000000000000
[  687.577379] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  687.583641] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  687.590399] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  687.597368] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  687.605618] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  687.613935] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  687.622261] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  687.630326] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  687.638647] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  687.646854] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  687.655167] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  687.663396] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  687.671468] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  687.679738] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  687.686367] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  687.694097] Interruptibility = 00000000  ActivityState = 00000000
[  687.700426] *** Host State ***
[  687.703907] RIP = 0xffffffff812cf768  RSP = 0xffff8880a772f378
[  687.709972] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  687.716690] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  687.724729] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  687.730710] CR0=0000000080050033 CR3=00000000a34c7000 CR4=00000000001426e0
[  687.738009] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  687.744885] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  687.750998] *** Control State ***
[  687.754821] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  687.761559] EntryControls=0000d1ff ExitControls=002fefff
[  687.767331] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  687.774501] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  687.781240] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  687.788138]         reason=80000021 qualification=0000000000000000
[  687.794687] IDTVectoring: info=00000000 errcode=00000000
[  687.800212] TSC Offset = 0xfffffe8a0c871092
[  687.804796] TPR Threshold = 0x00
[  687.808232] EPT pointer = 0x00000000a415501e
06:45:30 executing program 4:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000580)='/dev/dlm-monitor\x00', 0x400000, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f00000005c0))
read(r0, &(0x7f0000000140)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={0x77359400}})
r2 = dup(r0)
timer_create(0x7, &(0x7f0000000440)={0x0, 0x7, 0x1, @thr={&(0x7f0000000200)="3f6a2357c1e69c989abec20a5d1ab82cf2105a78899a4109dee8a8b6a8d74122b891787cdc948f3a7d8a32fb0a7baf8d2b68fdf980295a09127787e36bf1623ce75ac933d7ac92d1d7035093b115b8541c226e6af4a7a1a44a35c2d464da082c68e873fabcc8c6a8603153d6e917f2b05e46c3e66374513bc3ee3208bffef6d76ea562d63c0eae47621a5324b74cf6f43908ce4267ddc9cfdcafe07d93eb0672da0d6b", &(0x7f00000002c0)="6910e488e7ab4aba98b0"}}, &(0x7f0000000480)=<r3=>0x0)
clock_gettime(0x0, &(0x7f00000004c0)={<r4=>0x0, <r5=>0x0})
timer_settime(r3, 0x1, &(0x7f0000000500)={{r4, r5+30000000}}, &(0x7f0000000540))
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000300))
getsockname$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @rand_addr}}, &(0x7f00000001c0)=0x1c)
ioctl$VIDIOC_S_FBUF(r2, 0x4030560b, &(0x7f0000000100)={0x0, 0x40, &(0x7f0000000000)="395718fe958575dbf37bb2b7f2af55a0c49e0cd3d01eed148f43b8a9d2d042198f73801f94df3a0c6524c3bd26f438967737615706e989c51ec815c98e137a61a7341f4bab441e4ef0392a552b1bba27f559b85ea5bc9517ec0a74a9a388c07ab979768026db90a84b154f624687d14634276fcb8c0a27819e7614cd14b9b341732679c6d8d0d2234b10c8214c50f4bf8cfc47112560ffed78e6621a64c42a2bc2fb58", {0x100000000, 0x9, 0x36374f5f, 0x6, 0x5b1, 0x5, 0xc}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000380)={{}, 'port1\x00', 0x7c})

06:45:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0x0, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:30 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0x3)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x3, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r3, 0x4040ae70, &(0x7f00000002c0)={0xb7, 0xff, 0x0, 0x2})
r4 = socket(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000300)={0x10001, {{0x2, 0x14e20, @multicast2}}}, 0xfffffffffffffede)
setsockopt$inet_mtu(r1, 0x0, 0x12, &(0x7f0000000000)=0x5, 0x4)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x4400, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r5, 0xc008ae09, &(0x7f00000001c0)=""/234)
ioctl$sock_bt(r4, 0x8906, &(0x7f0000000100)="d1d343cc283782d71949125abca5506b8f533bf149526ae49cd8f227496f76d19d6bce4dcc22ac603d1e4f2f35ff6455b8c2808042eac197856563979d888d9a28ef5ed8f6a3cb912309075ca92a14b990c9ccab757e4f8d270311f626c44054ce50366030fa647a0670e0510c7aa13da6471a7cfbd81f7432af07dffbbc9de6078edaebac9a4ff1b235047adb114d78ea85a6c81b7b5f13d348681ef29b6060fafa2e74a93d92859b51879a66ab8a53064c8b6a826e269b5576acad")

[  688.303334] *** Guest State ***
[  688.306819] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  688.316011] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  688.325454] CR3 = 0x0000000000000000
[  688.329234] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  688.335455] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  688.341514] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  688.348498] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.356731] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.364972] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  688.373192] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.381258] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.389502] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.397857] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  688.406108] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.414368] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  688.422702] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  688.430748] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  688.437407] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  688.445079] Interruptibility = 00000000  ActivityState = 00000000
[  688.451369] *** Host State ***
[  688.454809] RIP = 0xffffffff812cf768  RSP = 0xffff8880a69ef378
[  688.460868] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  688.467545] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  688.475580] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  688.481559] CR0=0000000080050033 CR3=00000000a3427000 CR4=00000000001426f0
[  688.488854] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  688.495769] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  688.502047] *** Control State ***
[  688.505568] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  688.512481] EntryControls=0000d1ff ExitControls=002fefff
[  688.518012] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  688.525232] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  688.532130] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  688.538784]         reason=80000021 qualification=0000000000000000
[  688.545343] IDTVectoring: info=00000000 errcode=00000000
[  688.550855] TSC Offset = 0xfffffe8994d846d1
[  688.555415] EPT pointer = 0x00000000a503801e
[  688.614388] *** Guest State ***
[  688.617870] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  688.627285] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  688.636356] CR3 = 0x0000000000000000
[  688.640143] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  688.646357] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  688.653281] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  688.660147] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  688.668379] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  688.676588] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  688.684831] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  688.693077] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  688.701139] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  688.709358] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  688.717578] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  688.725800] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  688.734027] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  688.742229] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  688.748730] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  688.756424] Interruptibility = 00000000  ActivityState = 00000000
[  688.762855] *** Host State ***
[  688.766128] RIP = 0xffffffff812cf768  RSP = 0xffff8880a28ef378
[  688.772329] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  688.778822] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  688.786937] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  688.793059] CR0=0000000080050033 CR3=00000000a69cf000 CR4=00000000001426f0
[  688.800158] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  688.807137] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  688.813397] *** Control State ***
[  688.816921] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  688.823866] EntryControls=0000d1ff ExitControls=002fefff
[  688.829405] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  688.836647] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  688.843531] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  688.850179]         reason=80000021 qualification=0000000000000000
[  688.856814] IDTVectoring: info=00000000 errcode=00000000
[  688.862524] TSC Offset = 0xfffffe89640cbbf8
[  688.866908] TPR Threshold = 0x00
[  688.870330] EPT pointer = 0x00000000a3dce01e
06:45:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f00004e8000), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
close(r0)
r2 = accept4(r1, &(0x7f0000000240)=@hci, &(0x7f0000000200)=0x80, 0x0)
close(r2)
fcntl$notify(r1, 0x402, 0x6)

06:45:31 executing program 4:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x420242)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000040)={0x81, {{0xa, 0x4e22, 0x0, @local, 0x10001}}, {{0xa, 0x4e22, 0x9e, @empty, 0x6}}}, 0x108)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000180))
ioctl$KDSETMODE(r0, 0x4b3a, 0x7)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000001c0)={0x5, {{0xa, 0x4e24, 0x1e, @remote, 0x4}}}, 0x90)
write$input_event(r0, &(0x7f0000000280)={{}, 0x16, 0x8000, 0x7}, 0x18)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f00000002c0)={0x1, "570893f351ee9770209146cafee1561ce050e7b6242457d42104eadb9b0ac873", 0x3, 0x80000001, 0x2, 0x80800, 0x1, 0x2})
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x1)
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000340)={0x5, 0xff, 0x80000001, 0x9, 0x5})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)={0x1, {{0xa, 0x4e22, 0x0, @ipv4={[], [], @rand_addr=0x3a16}, 0x2}}, 0x1, 0x9, [{{0xa, 0x4e23, 0x7fff, @mcast1, 0x1}}, {{0xa, 0x4e22, 0x7391178a, @mcast2, 0x100000000}}, {{0xa, 0x4e23, 0x80, @dev={0xfe, 0x80, [], 0x18}, 0x3}}, {{0xa, 0x4e22, 0x3f, @mcast2, 0x3}}, {{0xa, 0x4e23, 0x0, @local, 0x3}}, {{0xa, 0x4e22, 0x6, @local, 0x5}}, {{0xa, 0x4e21, 0x5, @ipv4={[], [], @multicast1}}}, {{0xa, 0x4e22, 0xffe0000000000000, @mcast2, 0x5}}, {{0xa, 0x4e23, 0x3, @mcast2, 0x1f}}]}, 0x510)
stat(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900))
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000980)={<r1=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000009c0)={r1})
syz_open_dev$binder(&(0x7f0000000a00)='/dev/binder#\x00', 0x0, 0x800)
lsetxattr$security_ima(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)='security.ima\x00', &(0x7f0000000ac0)=@v2={0x7, 0x2, 0xf, 0x80000001, 0x2, "f4dd"}, 0xc, 0x3)
ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000b00)={0x7, 0xc, 0x4, 0x80070001, {0x77359400}, {0x3, 0x0, 0xc933, 0x2, 0x4, 0x7fffffff, 'o\aa\\'}, 0x3ff, 0x7, @userptr=0x7fffffff, 0x4})
r2 = add_key(&(0x7f0000000b80)='user\x00', &(0x7f0000000bc0)={'syz', 0x0}, &(0x7f0000000c00)="01a2ee1aab1730d868d3517ae202c8eb589126803775076155c26edf57c1e4b04e67768bf8be97a8c80bfc009d6069d9f865258886795b26992ae4646262af0660f72ebc4257a3fdca8e1aae78359bc505b1df286cac4bbed7ed48b1385bb22f3e04cef986e2fde79ce86509a6fd7f5dc44fdac58b6d361372b8e4c1c6a4c5e81749d05fe32f7380c1c8b9b0607e4186a537d4547b7a3765741c6c5996de582b35addf4fcd", 0xa5, 0xfffffffffffffffe)
open_by_handle_at(r0, &(0x7f0000000cc0)={0xee, 0x5912, "5a66420fe04307b4a578e051f732107012bd68a122c355db50bc8d096f6209a46b196eea2ed832a7e1f1b87d0a5ec0e81deab523c68ef3af7219cf3532bad4c4a07b7bb7926303066417d9f211046c456188b7de301c2b560ba356f09812640a32899d2c3b05f0fa300c457658b2fc641a70302ca24efa6ec1bc6d83cd068f78f45cf59c9834b3ca58eac85f2bf97a17250ebbc2ae751b22a89980140f54216901a2b52481fd77d4ef84aa146100d7d29c33bbb30091e68b23cd46fa42ee0eb4f5b3aeea9238f703ae27db116dab17c510a2ff284ec9999032feb487b665e5faab68306dda2b"}, 0x151000)
socket$packet(0x11, 0x3, 0x300)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000dc0)={0x1, 0x6, 0x4, 0xfffffffffffffff8, 0x78, 0xfffffffeffffffff, 0x4f, 0x4, 0xffff, 0xffffffffffff4986, 0x3f, 0x100})
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000e40)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x34, r3, 0x424, 0x70bd2a, 0x25dfdbfd, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2a3}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1f}]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x0)
keyctl$setperm(0x5, r2, 0x10000000)
lsetxattr$security_smack_transmute(&(0x7f0000000f40)='./file0\x00', &(0x7f0000000f80)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000fc0)='TRUE', 0x4, 0x1)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000001000)=0x8)
syz_emit_ethernet(0xf8, &(0x7f0000001040)={@dev={[], 0x12}, @broadcast, [], {@x25={0x805, {0x3, 0x7, 0x5, "d5fb7e16d0135d2f472e361fb9544fef09f097c229ae9d22d8db33701b58ebcbe983638603b56f89f861e28e5a38d5666c0c3d5d65705be6887671b159cbe761b1cc5f66fbe5cdc7ba2cc012332b36db5931ee558ca60e605559ae2fc19f10bda5c097a8effdfc0c1f5dfc726cd5a0ea3b902ea6ee7515973b3860a0e236ef327e6703c8c91d9f4aa1ddefb722031823d4b5ee68a4db4bef2105b91e8556ca78d31c8cdb09b36970de3ea6c681ae485ceecbd5c7560869ca49d943464d11621df28a2164e9ac9ffd52bde3d88ff39a6a91c90afa4d6b008d08f6c913a6a2aebb8f6e3fb2d334fa"}}}}, 0x0)
getsockname$unix(r0, &(0x7f0000001140)=@abs, &(0x7f00000011c0)=0x6e)
ioctl$KVM_SMI(r0, 0xaeb7)
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000001200)={'gre0\x00', @ifru_ivalue=0xfffffffffffffc01})
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000001240)={<r4=>0x0, 0x82, "c44bf69035f72707ecf577e8689b2e12ebba53ccba56c1a60d94a98bac84435e42727b77ff2a5edd6fbd650b99b5e011dd3b3038a2f1a3c1cca514743ad01baa3835129646647d3cc6728325e59e0dd43adf26d87968a3e70960ceffec2b0173fc3e68f38950718c35b6151ce582e7cb63828802924ba6b4c49007af78298843cef1"}, &(0x7f0000001300)=0x8a)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000001340)={r4, 0x401}, &(0x7f0000001380)=0x8)

[  689.239556] *** Guest State ***
[  689.243370] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  689.243474] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  689.252481] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  689.271864] CR3 = 0x0000000000000000
[  689.275791] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  689.282057] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  689.288102] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  689.294986] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.303175] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.311231] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  689.320058] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.328260] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.336477] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.344693] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  689.352930] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.360982] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  689.369235] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  689.377460] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  689.384193] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  689.391725] Interruptibility = 00000000  ActivityState = 00000000
[  689.398236] *** Host State ***
[  689.401494] RIP = 0xffffffff812cf768  RSP = 0xffff888196d4f378
[  689.407769] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  689.414467] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  689.422543] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  689.428510] CR0=0000000080050033 CR3=00000000a2c0a000 CR4=00000000001426e0
[  689.435830] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  689.442765] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  689.448871] *** Control State ***
[  689.452620] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  689.459348] EntryControls=0000d1ff ExitControls=002fefff
[  689.465135] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  689.472358] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  689.479093] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  689.485950]         reason=80000021 qualification=0000000000000000
[  689.492484] IDTVectoring: info=00000000 errcode=00000000
[  689.497991] TSC Offset = 0xfffffe891493df90
[  689.502584] EPT pointer = 0x00000000a534101e
06:45:31 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:31 executing program 2:
clock_getres(0xfffffefffffffff0, &(0x7f0000000000))
r0 = accept$inet(0xffffffffffffff9c, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000140)={{0x0, @empty, 0x4e24, 0x5, 'wrr\x00', 0x3a, 0x9, 0x15}, {@loopback, 0x4e20, 0x3, 0x10001, 0x3, 0x3f}}, 0x44)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pause()
ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000080))
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x4)

06:45:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x0, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  689.841262] *** Guest State ***
[  689.844963] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  689.854228] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  689.863469] CR3 = 0x0000000000000000
[  689.867248] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  689.873486] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  689.880341] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  689.887236] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  689.895535] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  689.903809] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  689.911897] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  689.920163] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  689.928450] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  689.936643] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  689.944942] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  689.953144] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  689.961208] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  689.969472] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  689.976092] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  689.983879] Interruptibility = 00000000  ActivityState = 00000000
06:45:32 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
ioctl$TIOCLINUX2(r4, 0x541c, &(0x7f00000000c0)={0x2, 0xffffffffffffff81, 0x9, 0x2, 0xc5ec, 0x2})

[  689.990168] *** Host State ***
[  689.993646] RIP = 0xffffffff812cf768  RSP = 0xffff8880a771f378
[  689.999712] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  690.006439] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  690.014529] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  690.020498] CR0=0000000080050033 CR3=00000000a281a000 CR4=00000000001426e0
[  690.027785] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  690.034657] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  690.040779] *** Control State ***
[  690.044497] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  690.051230] EntryControls=0000d1ff ExitControls=002fefff
[  690.056939] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  690.064064] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  690.070795] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  690.077650]         reason=80000021 qualification=0000000000000000
[  690.084157] IDTVectoring: info=00000000 errcode=00000000
[  690.089674] TSC Offset = 0xfffffe88bc6dab1f
[  690.094239] TPR Threshold = 0x00
[  690.097670] EPT pointer = 0x00000000a46f901e
[  690.118259] *** Guest State ***
[  690.121729] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  690.131100] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  690.140148] CR3 = 0x0000000000000000
[  690.144257] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  690.150310] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  690.157288] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  690.164170] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  690.172410] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.180496] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.188753] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.196955] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.205267] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.213446] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  690.221510] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  690.229763] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  690.237954] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  690.246183] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  690.252793] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  690.260310] Interruptibility = 00000000  ActivityState = 00000000
[  690.266788] *** Host State ***
[  690.270054] RIP = 0xffffffff812cf768  RSP = 0xffff8880a47df378
[  690.276347] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  690.282967] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
06:45:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x0, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  690.290851] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  690.297017] CR0=0000000080050033 CR3=00000000a46e6000 CR4=00000000001426e0
[  690.304269] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  690.311005] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  690.317313] *** Control State ***
[  690.321340] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  690.328219] EntryControls=0000d1ff ExitControls=002fefff
[  690.333856] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  690.340856] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  690.347749] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  690.354525]         reason=80000021 qualification=0000000000000000
[  690.360911] IDTVectoring: info=00000000 errcode=00000000
[  690.366558] TSC Offset = 0xfffffe88953e666c
[  690.370949] TPR Threshold = 0x00
[  690.374500] EPT pointer = 0x0000000196c0f01e
06:45:32 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070")
r1 = socket$inet6_sctp(0xa, 0x200000000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x14, &(0x7f0000ad2000), &(0x7f0000000080)=0xfdd2)

06:45:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  690.727745] *** Guest State ***
[  690.731331] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  690.740663] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  690.742372] *** Guest State ***
[  690.749814] CR3 = 0x0000000000000000
[  690.749859] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  690.753296] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  690.753333] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  690.753360] CR3 = 0x0000000000000000
[  690.753392] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  690.753420] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  690.753454] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  690.753496] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  690.753542] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.753591] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.757333] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  690.763545] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.772631] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  690.781507] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.785404] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.785467] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.791474] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  690.798348] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  690.805205] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  690.813380] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.821387] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  690.829711] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.835775] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  690.843915] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.850606] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  690.858844] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  690.866965] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  690.875169] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.883329] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  690.891336] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  690.899628] Interruptibility = 00000000  ActivityState = 00000000
[  690.907897] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  690.916062] *** Host State ***
[  690.924181] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  690.932348] RIP = 0xffffffff812cf768  RSP = 0xffff8880af0ef378
[  690.940351] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  690.948562] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  690.956741] Interruptibility = 00000000  ActivityState = 00000000
[  690.963314] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  690.971286] *** Host State ***
[  690.971331] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2d6f378
[  690.978994] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  690.987166] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  690.987211] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  690.987240] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  690.987273] CR0=0000000080050033 CR3=00000000a4600000 CR4=00000000001426f0
[  690.987316] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  690.993751] CR0=0000000080050033 CR3=0000000196cb4000 CR4=00000000001426e0
[  691.001758] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  691.005161] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  691.011555] *** Control State ***
[  691.011600] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  691.017785] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  691.025398] EntryControls=0000d1ff ExitControls=002fefff
[  691.025438] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  691.031873] *** Control State ***
[  691.038321] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  691.046131] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  691.049341] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  691.055509] EntryControls=0000d1ff ExitControls=002fefff
[  691.061431]         reason=80000021 qualification=0000000000000000
[  691.068026] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  691.068055] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  691.068081] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  691.068120]         reason=80000021 qualification=0000000000000000
[  691.076115] IDTVectoring: info=00000000 errcode=00000000
[  691.082164] IDTVectoring: info=00000000 errcode=00000000
[  691.082188] TSC Offset = 0xfffffe8841b8bda3
[  691.082223] TPR Threshold = 0x00
[  691.089276] TSC Offset = 0xfffffe8843e258d2
[  691.096145] EPT pointer = 0x00000000a686e01e
[  691.103350] EPT pointer = 0x00000000a28d501e
06:45:33 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x1, 0x0)
ioctl$TIOCSSOFTCAR(r2, 0x541a, &(0x7f0000000080)=0xfd)
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f00000000c0)=0x2)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
dup3(r1, r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x35, &(0x7f0000fb6ffc)=0x1, 0x4)

[  691.522781] *** Guest State ***
[  691.526266] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  691.535502] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  691.544685] CR3 = 0x0000000000000000
[  691.548461] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  691.554842] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  691.560892] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  691.567892] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.576127] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.584505] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  691.592837] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.600919] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.609235] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.617479] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  691.625784] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  691.634092] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  691.642382] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  691.650431] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  691.657179] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  691.664975] Interruptibility = 00000000  ActivityState = 00000000
[  691.671267] *** Host State ***
[  691.674770] RIP = 0xffffffff812cf768  RSP = 0xffff8880a403f378
[  691.680831] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  691.687553] FSBase=00007fb09ecf9700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  691.695590] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  691.701566] CR0=0000000080050033 CR3=00000000a4600000 CR4=00000000001426f0
[  691.709007] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  691.715916] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  691.722255] *** Control State ***
[  691.725775] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  691.732834] EntryControls=0000d1ff ExitControls=002fefff
[  691.738365] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  691.745589] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  691.752511] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  691.759155]         reason=80000021 qualification=0000000000000000
[  691.765792] IDTVectoring: info=00000000 errcode=00000000
06:45:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:33 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r0=>0x0}, &(0x7f00000003c0)=0xb)
r1 = getuid()
[  691.771303] TSC Offset = 0xfffffe8843e1f01f
[  691.776009] EPT pointer = 0x00000000a28d501e
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x140020}, 0xc, &(0x7f00000023c0)={&(0x7f0000003940)=ANY=[@ANYBLOB="d02000002d0020062abd70e6fbdbdf251e00000008001d0064cf0c9bf2f6bcfbf6906552dbaef62b42", @ANYRES32=r0, @ANYBLOB="c98fccb5e7a754e335f1362e20e8034140cc0ab1df32abdd03d9f14cb7b9cbf9ef5341a745d041c127d1d2e1944f53d8a925d8642d46c1414467f25932f13b9a5876a496040000007f74742fe8c962f7e20570610de537a892cb78a5f33d774d9617c11862511b978c7626062f81a61e03da5072259070d830207a00d2a8a9718ba5adc2aa62f93a7412e74ce3f80a56ff5708000800a6817be2ee11e14d75847898f1fb66bb66128e5c238ac8b581adfc64854238d03e908ada", @ANYRES32, @ANYBLOB="04103c00c086b8bafeac0fb81b0efcd6ff081c26113f21d16ccecec7a69169c9e8bfbd68ca3b5325c2bd3377b6f43f148d189148aecedefb3393423c258c3d990ad08d4b2856d11f7777e7ff6b6bd1f14a20d5a2caadd55707c9fa600066a9fa4cc857726853793b40bd3ac2d1a97572357dbb2548d607d7bb352df66c1e5ac6257034307836c3ff1a0be1f09c39bdec67878ceea90b441461dd4f86180110abca8a37e52954317350886ae2378658f53a5e19a2063d53552972948f8f0df51fddb3a2cf94fd72dd9da10594728c6089f4cd9caf38d2787a1185e8da11faad2a781eb4aca8dcf078246652341d10e80b051dde703a9f70c4bca05e16efb537878ec9eb113911e18d78ecab70b90a498a66862083d62403f580702f349eb91cd111df2ef49f7ae208dbcd9ccdb3d193dcc52628b0f21aacdf5a79d24f5c38db0b770fa093dbf97592c0c39bf2b44f158167fb467227f39d5b2b176e2246540235322543f3bee2fc1ecf03f7b8ad3d7360044a21b488e750b5c16e173f37106e36fa1462402a01c34d08943ec8a9e4c441a8d19c3844b4d5abf37f0dbbf88489905609c432cd38fe666b142227c1d39a04ce4254c6b2df3cd8c733be5b1865a641f97b9fe6adb71d850106756e80dcc4afead7a2f5103c43431e5ec8d7675421b0dccd76c1879d00bf3c52ca4fcc6a2d9f6512772b513f67213b8ae5c7a94df8b26dfdffe4e09cad5dfb65332a8e95a875fedc5f03d2517437a810792197c03aca308589fad34949946572198eb4b5458032f2cdb5237190b5b1843e277360943e3fbf609dc3d96690d865d0d1a7d2ea69c650a6c1d1a7a5bd28bb43d520957d658f548c07f9dfae9b073ad08931422a023e4e4b5533dfb468ec9dcb9d4916065b20c1b2ecefdc0d1372f4e6ce337725fb4f8b5d110f08fcf7e04bd06455e77dce11351dc48f16d34d22da7e7926c975d4b12cab8ee0a38f05306675228d6bcde6cd25b5bc1a2c1a7c9601f690058ed8dcbfb4a0e8bcb48ed8bb2ffde28cdba2ea201f071a2cd33b5d4fff4f65102540893869bb20cccbb1629c8bd8e250dd16f7299df8a17f82b2b7aaa56c1c4e01423211879f052234f1d6cf90f5c33883b48528a0abf400442e11d8ada5ebaef74a2e98cc34c2cc4cc45b194e4d2a8861dfbe9fe79f769113eab41b04b85b385b6c995b1e2f9b3d349d2330377bc087de597832b262dfd2b2341ea9d32cfde06920e4ebafd7632bfdd42f0c376f6f424d143be26c43ebcf16e88f35896b7e6fddf3cc814872a5069cbc678c444443070f839c0af01f390b849abdbb7b3e85b46a69e5ca58a844b82c71fe6591fcc5cd29fea8f9f4206971dcc25e09271e225f01ccd131efd93ea46be1dbebae402ea173c4d2f021f4cae97f02976cf9f7a7c6511c4abbbc574bcf027f2edc5cba47e99ab59792fc9b8858cb321d76beb29ab6ebe2e43a7e64aa80bb5b7aea68018582f4433baeb06d4dbd3fb9f2dc45fe769ffc339f5ccb96bb3043884d70a1840c3fd0a826fb0e8ebb5fcd0b00aee49d1a95b60045d01712f0b6f834263f00cc62a8310eda965b021037ea919988646209552f53585592b5353146e9dd2e22f5c3bd1a34516975aaabad75913aa225c5232488ce462db021675c60cb9a1374b1dedf031b328be2e6357e6d2c94cd5d16eb15f17849edb0b1f0e0b142c379fe505e1b31d0f839575fa12367c77938361b2d07f82b3cf7454954482545aefcd4c56839665cec93e3dbc91ab17e53d0d17c74a5c66f145e4e3203d3e677e2e33d5d4d8e43202e80d881e762a24fa2095bd5e1105f6f66c33d8b7b2ce8d16283ebe1400683d2af0af03a7ed69b37f27ce1f806135ad102f04f982a024c177422d9288b5142e754be64e6c38f6ca1d74cbf0695318059e08fb72f5b86102fa78b87c7eef7acad2ae2c9b8917369afdfcbab1d1a63eb631f613661244529c0612a7d279a8d0ab57cf90186b57a6058c28bd30ea4bb0849cc1e9d3777f771d1ab88ef504e8504466e2ecd26b37a4714e79ecccfe93a4b9c7751bb7e236a1c905dcc491d9ec96f6aabfc509083a215cfec97a5fb31c73c15bca810ba8b9ef896d4b0a8a55e7b1b330ea93b30186a31b57b37685334452d32de350589e166d6190b9815148383296279047d873d886ea3325e21c311b8f728ea86281c3a13d4a1b5330620a30b0f08695ae4a6fc58ee47db8aa10e4141d355039ee32edeeab77723a0bd0f9979d82dc224e41982aa04e3846e1a80eedc6d8ca21016b0b5c50f9a7e330706f030e717ecdc2b408726b82da5663e217dd9d990e8a94773384dcfe39a47cc30a00fa62612d0cf831e63fe1c9da728f4c697c1a912478fbdb7f902adc86310e04e74632e45dbad58964402727f8f2609e5048649178641bedcacaf6e54e86a2e781a492533d254ccb50efbb619c12e5373cd1dc7bf3db185c2ca8cf2fd0e8c69b94bfb8d7e3152bb68012f3238f976cbcae74a6261becba28d7836cbc8efe94632376060bdc11c3a074e926be668af002a75fc73502ab56e68efcb311d30af7fdf4388f06241e6ca40a1db4ddaec4f34289b364cffaea438ef229d9d43b04f0947a89ebfe8e779ad4890680b47f41c31b55fe8ec8c1056e8ed6921e7c7c2cc670f31fd9b0d7b92fd125815b1a4d909e91750a04eda2a67a76c70f81bb190487f2801ab889bd8e3c54ad484c15f7b3fd244fae0a9166169f9866a7b733e77cfb445087e1568762d524c239ad9fa886aa512cece43befc0a08dfa773aafe0656150092b2b12ce03ed331455c8e39ff058592637e688769337811dfcf5de097e8c8e07d8399c1c1c466ff22224e7dd11d3024c195c8ab1c68c9b3d9d2dbbb274ac450ce2eb9912ee47e1cd58d1d6a95bfd2817ed4d8b1793f40a424dff03730864dca99dfa86fa1bb39107dbeb7c8c22ce0471b58449873fc72683838affe8291adaf44cf45f63bdfbca320d718d5ac03844e74da7df5ed705b131ea973a45c08a0b5dec262f00a9894715b0d5345e885de20075ae7223697cd11e6f9cae5aafaadf4275809a9bed164ff5bb7d3a5529e89c1fb56af277e06c2af024ba7621c8bd84c1c28a3cdfb7beba38b4effe258f8bd91b29520267f26e2185bbe190c028f5ad6f9e5ba20e93c912f98d518103c28d4eeda229a5a735477200129f6d50630a594388a903857ed51dc0ffb6d05098baf5fa22796e1507e7c6001d0ebb18db16ca588f0daa35874fe0eb54c526ae23130c9d717453fd2ecc12acc43e105d5c337edcaa407aa0545f54ea0daf9b16583f91be8619fe620267d039d6fbcc6552ce62c42a8d775eb2e6474986b70a8744e5b94faa73103c1dd6c35d9eca007bef336bbafd4983e112877aaa68990db535d3215b251138da67800833c8c2a84f4686521a8f7bc290900d86eec34d3b734de22482b7358b84df7c1869df8fb83f55ce6315fbb3f96a12c4f52180e939c7f4e22383508b5b324e46854c57215c1aec007ef8e4ea29cb97d393a2d0d62f316eca6ab7648c0e58791a90127b386a959bc50d59a63be733d399f4ba5c3897215d975a074e2a1f2a25074bc588339e4d4bdd0b7deb8900c0ea3cb9ffbdacb731b33c33a73ccaed7ad6154a681604a58c1f732c27b8844267ea51e07875a7de10b5a559b6b332b71de7e56d41dfebb909a2e64779e812260aa8725a026ebed8de38650a8c10b54f3deb5e23e47732798f3399e2ac3b4385fe83ffa42c2f75635c69174b4908886117e52cd9c8996c1c061a127ccf45ac1b449df897d42f355edb1d4af807aed9030257c6810a79b325649e28e6718706993970a9ae15eb5cda78779aa5b0cdcb02c06fc406efc8bb2f0a41f041ffa98f9bf4cb855c36119b8fd478ce00f4a7670d833868e1f34f8f20cedc3e0cd0380f27fb6ec9104b9fa59d848e27d4c2c498a3c7a00e9a1974d25a5fded2591c917afa96d8df4ff0a576592dd924f834dfedf0f33f1bb275e14e7ce027609bd202eec98143f90ed7b9970878095e60ce516e2b77bf5c520307d308312b1ee8e25fc6c825e305b66cf8b03c41c498e069e346273de26e72771119d7a3e4f2cd9989caead68ddc3978a99de09ca2302764208f30a4ca96ac685a4fd2cf9fe7e3f5897328b5673a06e77824826445bbc0f2e9340e1dac6e326edfeb9ab199701f12951637c5f8af0017c1744a6a4a577880e49732a70043f74cefebd8c9abd355a30a41bc2557ea6e6f78d67064dd735b6700d269f374c3c92508c9dac65acae8907079f7ad80cf57a5307af27eb100c0c415b383f7677722efcb47e4e342e14dc076bdf2b69c95301b02ae9a4f43e255b9a7ecbd381d5e2ba721f181453e482ddd2ef9a988c6d2be934c007fdbaa9218005e113742abd41b7a10143c943d16b816fa38920f11b416ae3b9f0455d87516370c7ee0ed3d3ecb3e9096fd782ed016cbf2f417117a9c6e3013c85b9ae018a9fa547735b0ebd8344f7d4f29f01fce57efe862f71b06bb1f121028609864f9ae9728409110aac48be6c3213e255a8d25b9150f4ea6900670a12da8b9d326a40c2fc7e45413141c83774a3b037df43cf3a3d46a95b6a6b46026c2534841d0f72c5e2b6b69914221a307cb94dc9a775a3291032c16f7fc1c97f85a5794f81142c28779837c5f6411d9c16865ef8097977247cabeed04a1059d0e4ca5b05c7df8a20b9b898e628a9374f8d621a8ec4f85d20f4943d178cd79944d32a1d5fa134f4cc5443c8ce1f1b8c5fe127cdf5c19b762400f760ca60bbc1fab2fad98bacc01d97cbfae00420dabcd8b7095fee3383191a7a20645b9cc8d2f60a4f9c4c6ad2704e6b9e3e7562d2d124f7e80b872fb8bfabce91e0879a9faafede685c7235e809ca94e03eab67758be16f528698ba75dec0e5df076841651318496ff72f2ce3ae7190f4c4d2115127d81caf55caed5e43d95fab2bad1ff4d853d152ad7a5be2b911433051f605d531cca769512e839b4ecb5d15420d0db59191b3c5df91246485d2bd50139c3662e7b77d3f5092e78306567ada149650e74299b45b2c029d8002866df0d55fd4898427cfa156f6c2fd3abac5d57bed64cf8f2fe9d070d7820c4fbdfbd4f3bda1db1496e067914eb905cda7b8803937d642d3e9bdaf30490ebac19d2502ab2649ce74dc6d02a0ae542c59deb49846f3e5317e8245162364ef31ecb0433e0636cbe28ebc05e5ffe6c5305138c58ce2050a45db574bff21329f44a069786d1e012fc6a8e06f9b6097e3200cd84f87d4edda3b2e19fd21b9477a1c2e4f6ea0d265db7cd8342914a16903cc77fde820d3063a6aa239d028c3f2af774060b79773a20161b6c753cf2d73d77e1d84c14f66264cb95574fdc4c6a7353af7c01723b13b7d9c9d6cfa9109dc83fc274503d4bf1c45d7191fb73d64930c456dbb3fcc174c40ca1b8cf14d0426730535c21c717b6e90107f000ce82abe10de0923bf00ef89b3372d48ee8e4abf5997397735930bb9b4e3f8b0ad66c68a57327df124636f0981e7f5a90d6b1229730f0cba9ca3ce880a3611ed44e157dd9b914ef205c369cf1d2e724c8a79d248d65d7fbdcac2556f3383052325b9048607d555e76fed9d2cb3f4a760a77639bdecac66c606d60a46d9addf5f613834724d22220a83809878fb4ecb663a26536feb2f89a30e25234cbe05b14c8d7dbb0cdf47c7ae4dfd2b121f2998bb8b22cc79015ba1da15a0173984362797800af598d51e0977ed9836a555c62d4c5c98898966da55348f6dbd08008a0020000000c9e13f00a5ae006d3b3ab06cf00aebdfeeefff7efe701e0d5115fce8335a9e32a90f53001f32b3887b45a111b3d1c8bce37564dbe110148bc0151ee4c62edfdca6dc9e8ff210a7a2099b2592640893c827d835035f1439cede0b6cc47370de01f90e27fea72c5988f61e8235a05e3886946cfb58a7ec7c4cc14826b393c647b68f54e1218df743a8b06a7d50552f7b6cfa74085ff673f4c3ef39b0c4853b8fe767a0fd863adf9896f196e6f08339264f7b2445eebf9963d1610825533b47b1ad379efcd0bbc143ab2a556a53e22bf8e55aeaf450afae7f0ca07d3160a0396c247ac701f977139a05e5b1575c34973d39e73925ac643e8e310997cbca8f76b43513026857092271c3002603ec8a2913eaa041df282178b53bd8de738194b4fc9b572e4fb61572121f6f08dc4fb761ce75b1c694145085590042d1b99fd57979fdf6db357bfe934c91275d821976d00a62d9ce22a163b12ced7a22baddcfc99ca00e949475d077607998fa985d11779652062ed04470239ae999751e8f1ecb1d49649d8fba5896762f83ef911542dd86a04ec8cc17b599b1f78ba81a2ab61bb9d29f77662cc2657d76ab8bdd7e4c9071a1d5ab825464d671e789f65a50c0a068999c059e173796f7e28e2cca7bc26fcab6d15d570056c396999299430880951fa04601602e0d9c5be5d2a6533ca67ae74b84dcff366bc536bc0f6832efd530e5089f2160781c506e17d517bcef174d7c6682a07f2363e86a39724e232ffeaa53aca62b63aba122d35615ee7e8bba19ea2333d739444feb901c965ca013f40c27fcc20ea3feb5a754c1b20f3e770c90704e16df438687e6179960ebd30ac35da4d34419cec750641f68272a8fabe7bba88b8f0d1393e5ee84b28f94e2cbb8afaa3f615a2ef07723ac162f3b86d161e78701bec87970ca6c213645a2d4574322ba2d7dec58be275d3bbb93b13a7e334ae4e1abd57ac641fc335c82184f50ee2b916aaffdaa2980bd5e67060c2cfbaff827fc05975d4504b3e2b92bb5df5e410a255a0bb37fe4f89a6c460310ea9937fb0219154e6156a102604a1f836ad87736614eeb81623a16045c2753f658b528fc80612ce41020127f22d01ffa6af836c8fbb4047f713be4a694958edca1055af790ad969a7c1359212e73d3474e1fc5263d64eb34d0b158e9f175ceeeb9d5aa31450f35e7ba083d43d95d597ed9cdeec1c683517f364da9f8a918bf63d75e34d64845142342ef3f059ff8469bab245fe35600badfc42905f80ef3ba6ce49a2c86255b06f56f7e75d024efe8e9da5c4bdbe57edcf444780416fe4894c7bb4a284d8494fb9f8dbc70544ab5dd4e8f0a48d0eaf3763f4a4b3da275cc561a7560c8857d979880421a4c1ba7f8dd249c4bc6cc428b9a9451b6db7ae366a9bdca223bc7aa7323d7ca347eaa92f8ef1d3ba0b5f1cda1907c7b24bc1e790bd5fc01b768e9d737fa6ed5c71087ece51ead46195690951c67cafc47b60962b1fcea752d67017fcd115c80c8fe7b3f262ed2e5219b7997d6aff6c889afb407011a2683f599ac72c140eb6b3c768fa600de00dd8e05903ae530965fd659ac5bae75156df11b6b284924d1a39a3513311b66e392d6088782ee7078cee312135bb4e6c527663d4a0789d7f32414149614a5505b80d9a65482e869aaf42426ca92d6ff2661e7edbc29fb5d207acb5e1bb05e3367d17ea8cc21c8aeca67de2090bc72e06dfa76c6f15b7a0189d33039c254056039e62e1072c4dff1c770b93ef932d63364f6fd324dce015413051c22fcb128087d150e44f6f528607b96f291b96526a92a9c6feb9ad279770b42bc20f07afb23254cf0e2fa538735a49756856feef2f24ba8f5127d8d9bb4c41000fa99c38e66dc48b7378d5b8a81904178636ac14237186c1d1c9e93ad25104c698c0fff268485fffb2bfbfb5e42a3268141d2b7f9f637b6068a85f167ca40b671567c7c7aa9e00da3b9161f2dc8950c8841caa9c0f808e8ecce98351889ed8c280540862ffb35e4ec8d7baff3bea8a47dfd050ce29309302a0bec64b8cf24b23268ff27eb54d9f44fa9b43f7a7b946d23c4073470c10bc50654f01136ecf0b9a7e3bf88030e8c915a5a1cf11559c6b2d82948b50f7145d312b535cecad56146e68962e81ac00ec042d917cbaaf5998b0932204546efc4c83d5cc98af0c7ed380646dc6f43743835e43fd68d48b9c156805f96bcd115998515755f91ec0777bee4712c68cc178e966fc254092730057beb7bdd006c4b31fe847fe2007f624cc5bf23f562b16072b9220eea402429a0350988051bd423863c68e40333f5cc186b37092db8d6a63c500d9720a25831c6876d7bb82d78651f0e75a438e43189485e0b0380f1d793de2a8466666fe40e51773bdd0c42a1567f2a7e99003cf0de29e51a0ca306eae3719736bb45d2944f2ffb0cdec3ae9d00c2ca0fbad1fd634c1e2ea337f6239a5353e2ce8ed7df82afbad4ccba3f746fc935f2cea462a6c9097ddac66f3eed056bf11e7a67381d3874ca856cb01b39e74121f6adfe021329ca7065ea25e37f79aec142710a7d9139bb2fcb5896034f4fb06eaffbd59a508fd18cf29042b39b1d0bfbc796883a3f83b47731fddea3039c300e8cc8bd90555e3b35229ee82d0609e9603f427b740a60fbf83e5679881b0cdbfce1a5bce064b7306b5d55f902003efa6f761e62388a6899646ef1a7f820aa224f32628b25bb561d42c682063e469454aed6460200c365c1cac1c176c5c328f0fffb4622f91394f45bbb034bdc33c626557a5679945e7f9405ab26edc49dfc229a7822bbadac9cd505a151885a3e577e0e658326dafec6f959a66f6de0b61ba33c3fb167c3ef68703be3d90c406e70a5ae21804953556471adfbd8cc7b20810f9b1c2967cbf0ed5d27fced6cd8078dc035719f613e7d8ebe389429f15954408574c797611cb47e2975d6af181f065ddb41c80a17c6b0aa5583651bd9f8c30d62de0e7ccb560414e5fa5ebb5fc6bec4aaf05165e0893a4bf8c73f54bf2e73f5cdb29d9c0b0565d24e33ff8433e8cb904510e1207b4a291d7987ebbcecb5d416d88085ec7ef42491e05849e01d0fc43838b8bff4b6954ceb5c992e426007ab91c652325528037f25b1868ae4b7d976249baa210a31621e3c352964430866b1564c62be5e5aac892b97ff3cb454a59b433972a70f435e06de625d731d0ab6d2a3768c830abc0a0b870f5764a9f05eb849facdc0a617d6a7febae777c1e64ee1c4efd02cbb808644348d56c8087cd36604f3a7d2d76e3960401c5834dab11a7608508a452c705fa1c9acecdbcc1f15f4a7936742556e419f6338fd4190ee8c8fd092ce106d6cbd8fb9282f4ad459c7fe2eff805976b4e98f79de6a660ed698aeffe5a09e5067f3b205bb5db165383ea821b61023a7199d3f20011a8c968782387bfff50cb6bbccd9faa96b182e7087d2df129f160d26bd78d8091155278421acf446c4817c840cf488217e37176f661094f10695adca33637a1eefdd036dd2e652207d50deeb951a4ea8927f5d4608a5abc6c3812096e415238f06f0e3ac754fbd936bd53334ffb4242029df795c504a27514dd2860a7f6fcd52d119db6fb487a949f514e3a02a6b9b5976eac29d1915081a6926a54fdf05d839387db5cc19cf889e6bc98d851ad63645beaabc35ef71f417b50e6c066f259a22535c49add63097e3d318aa185daa0f9f1cd74dd15cfc347eb44e5ac1c12201672308174f7a480dca1ca9c142a5d6eca1db58d2e7de266e355640008ee581703d5086a3be8c7e2d957ea785c4ce1b6895d8c9a4b68edf13bdc8ff237d6c762e7e0f87f126349535be201ce2642bd25dd367cdb5ed42e556e4982a6105bf57ec5061d3f645e25cdd478fa2a1b32f05b2ad1d7410ec38632c63019ecb2814b293d5944f6b131a1f7d2b4bb0ff15bb76f57bd8e70ef370ad887552608bc881eb10bd4e6b408107e2107984a2fb898aa42153dcb5d0b5e6d822546b004546be67a0c5bebaf2284f6f626ad9c88152d90a9dd775edd25a675d09fa467b0deb8bf83893b8dbb4720893e8809bc0ca7611f735f287fd4da866202b65a47a3081bf5c64f616ddbd9cb321ec04aa6fcfe005f5af582f2b84eab57f3bb49cf417faa2e6f345d5b509ec5de676f97a82b05f2faf2e5d191ca6b8b3341295d8d315c663325466d668b831455e72e2ce356be10c259e5ec8e3e0b8246294b51797d1cbf3a5b1c83976a44d9c41cbf783e89254b8c4134902c60b34ed0413ed6a37bc3ff25007cd3ab3fc9224b462216fb85998010f5cfeeec2c0f3e6fa311c4258d6bd8e948007d1006b309f64f44df7cfe498bc0a0d8ef465dba6919cd4170f326d2eed04c21031e023a39b38f89fa449ebdb600d1033451c00fbcdfb3525ecfa5f6567fc99a4c8599947a925f175d079b00ca0af196273323705bd2fe5355321cb49e6df49060b636c012f0f6a2179881a5bec5bb5dae0d87bd7b2bb3c562b4fbfaee6dd2ee8d5e4f89eba3e1da77e2a7932d1d92cb2f091ebf95e51fd2c08e7892085cad281ba63c97ce94b18e6ae82ec737072d1713d243a142e7adc263028f62c030e8cc166e0325b01312db05ed8d977a2e0468c210c5d82730b772238837677d6290263d0a58598b31b9a9194effb8a5b5be6e096de6a8a7237722a219235c60e2f8d6b85dfe8f4881bb8523924bc018feb67e7d486eead16f6498c7758d5a4f0a85b6e61ebabbd026ee363b9b0e69d349fb2e08541cc5b06c89bfa3d7071008ef3e3a483b02f1b1b4b2781d5eb0f1bdc5c78728bd74d09f5329b44d55b4132f7b06c68cdb3b33fe7cea969d84eaa55ee083326bcdb1852d95264d521bfced8c28d217494d301ca461426151eaca298b884b5a4d5a73f5ffcc33964228b16042b0a6ce58da404f38c46d298ecd25e9b17babd5a7e070b2f9d14b0bc60de03accfd569e74efbc1ed361a7e87960009fc22b366bcedebcae8da3ce6c9a576d37c5d95251b422bf9ba68ea05f2a5e9e2a62704871c80765e39ccf7b07265aab55fbcb0c2bc484f10afe9e41940608c7442ebad8e554f66980d571dd0d0e90befb0a740b4a15d78d38aefe1eecc7409ad8e6804f15d356d1f99c2165b4d9b75f0d9ed3c6cec9481d4f01068e90ab29708730febf2d16743a415164c6869daaca99db05c644973f608ed6de97f9213baf4fe3d043f61cda85a45dbbbe5b89c457d975ab1196406df7fb48bd2f2091f0d9b2fe5d3c1669095cfcfc67c39120f7e12099552287efe6fefe984ed3909ddd298b6b3446ce017c5aac122727b26b9b71c457a60c1c8bdeb093b3f07352a457a39f00785b04ac0cad273a87270aad756aef0da509c3ca1e58a8426f8e364f31ea9a555894715ad2d24570b66160dd92e096870f985417f49f34884e4ac5ef5511e26d18e21ffe182643e29c60b4a6956b97850786ff53581c1993f84ce2fa9c3829190edccd5aebbfa47956604264feb8183b76b68c203bb05d3b45ca7f03c96004b34d31c03cbfe0c472882930b9de85d17a39c5778b14f382d30ce9ea18d96ae3989184439cf61a41ee4b776f6ebe95fe5a69873a04c79665db3bf1f9e6982e2b1370d919ea6d33b857c26cd307a910d2922c8774417c0b1ea1aedfd0ffe1f9aef660dc5b3564c78e41b20320f651f05906720ad3993cb059190cbdc5374640c0a4dad877da4d63de28ea4dc57ea1352fc7d29f9451dc1951987cf888f5779ee66748ff572e3e0458648605c06f00a22d4afc26e00000c000f00080074008f4b019f88ac7d", @ANYRES32=r1], 0x20d0}, 0x1, 0x0, 0x0, 0x4040}, 0x44000)
getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000200)={'filter\x00', 0x0, 0x3, 0x29, [], 0x283, &(0x7f0000000180), &(0x7f0000002480)=""/42}, &(0x7f0000000280)=0x78)
r2 = syz_open_dev$dmmidi(&(0x7f00000004c0)='/dev/dmmidi#\x00', 0x2, 0x40)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000500)=0x1)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002440)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x2b5, &(0x7f0000000480)}}], 0x2, 0x0)
r4 = dup3(0xffffffffffffffff, r3, 0x0)
ioctl$TIOCNXCL(r4, 0x540d)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000002c0)={<r5=>0x0, 0x40, 0x2, [0x2, 0x0]}, &(0x7f0000000300)=0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)={r5, 0x995, 0x7, [0x7f, 0x0, 0x39, 0x2, 0x2, 0x101, 0x100000001]}, &(0x7f0000000380)=0x16)
r6 = syz_open_dev$swradio(&(0x7f0000000400)='/dev/swradio#\x00', 0x1, 0x2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000440)=[@in6={0xa, 0x4e23, 0x6, @local}, @in6={0xa, 0x4e21, 0x9, @mcast2, 0x4}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e23, @remote}], 0x58)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f00000001c0)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4000, 0x1})

06:45:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  692.164073] *** Guest State ***
[  692.167659] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  692.176986] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  692.186106] CR3 = 0x0000000000000000
[  692.189897] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  692.196220] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  692.202542] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  692.209304] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.217675] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.225892] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  692.234193] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.242486] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.250552] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.258944] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  692.267178] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.275520] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  692.283771] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  692.291822] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  692.298640] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  692.306354] Interruptibility = 00000000  ActivityState = 00000000
[  692.312888] *** Host State ***
[  692.316162] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2d4f378
[  692.322874] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  692.329384] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  692.337579] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  692.343732] CR0=0000000080050033 CR3=00000000b09e8000 CR4=00000000001426f0
[  692.351486] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  692.358481] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  692.364753] *** Control State ***
[  692.368272] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  692.375278] EntryControls=0000d1ff ExitControls=002fefff
[  692.380808] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  692.388109] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  692.395016] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  692.401667]         reason=80000021 qualification=0000000000000000
[  692.408353] IDTVectoring: info=00000000 errcode=00000000
[  692.414016] TSC Offset = 0xfffffe87812b1a40
[  692.418396] EPT pointer = 0x00000000a976601e
06:45:34 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x7fffffff, 0x10001, 0x80000001, [], 0x800}, {0x1}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:34 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r0=>0x0}, &(0x7f00000003c0)=0xb)
r1 = getuid()
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x140020}, 0xc, &(0x7f00000023c0)={&(0x7f0000003940)=ANY=[@ANYBLOB="d02000002d0020062abd70e6fbdbdf251e00000008001d0064cf0c9bf2f6bcfbf6906552dbaef62b42", @ANYRES32=r0, @ANYBLOB="c98fccb5e7a754e335f1362e20e8034140cc0ab1df32abdd03d9f14cb7b9cbf9ef5341a745d041c127d1d2e1944f53d8a925d8642d46c1414467f25932f13b9a5876a496040000007f74742fe8c962f7e20570610de537a892cb78a5f33d774d9617c11862511b978c7626062f81a61e03da5072259070d830207a00d2a8a9718ba5adc2aa62f93a7412e74ce3f80a56ff5708000800a6817be2ee11e14d75847898f1fb66bb66128e5c238ac8b581adfc64854238d03e908ada", @ANYRES32, @ANYBLOB="04103c00c086b8bafeac0fb81b0efcd6ff081c26113f21d16ccecec7a69169c9e8bfbd68ca3b5325c2bd3377b6f43f148d189148aecedefb3393423c258c3d990ad08d4b2856d11f7777e7ff6b6bd1f14a20d5a2caadd55707c9fa600066a9fa4cc857726853793b40bd3ac2d1a97572357dbb2548d607d7bb352df66c1e5ac6257034307836c3ff1a0be1f09c39bdec67878ceea90b441461dd4f86180110abca8a37e52954317350886ae2378658f53a5e19a2063d53552972948f8f0df51fddb3a2cf94fd72dd9da10594728c6089f4cd9caf38d2787a1185e8da11faad2a781eb4aca8dcf078246652341d10e80b051dde703a9f70c4bca05e16efb537878ec9eb113911e18d78ecab70b90a498a66862083d62403f580702f349eb91cd111df2ef49f7ae208dbcd9ccdb3d193dcc52628b0f21aacdf5a79d24f5c38db0b770fa093dbf97592c0c39bf2b44f158167fb467227f39d5b2b176e2246540235322543f3bee2fc1ecf03f7b8ad3d7360044a21b488e750b5c16e173f37106e36fa1462402a01c34d08943ec8a9e4c441a8d19c3844b4d5abf37f0dbbf88489905609c432cd38fe666b142227c1d39a04ce4254c6b2df3cd8c733be5b1865a641f97b9fe6adb71d850106756e80dcc4afead7a2f5103c43431e5ec8d7675421b0dccd76c1879d00bf3c52ca4fcc6a2d9f6512772b513f67213b8ae5c7a94df8b26dfdffe4e09cad5dfb65332a8e95a875fedc5f03d2517437a810792197c03aca308589fad34949946572198eb4b5458032f2cdb5237190b5b1843e277360943e3fbf609dc3d96690d865d0d1a7d2ea69c650a6c1d1a7a5bd28bb43d520957d658f548c07f9dfae9b073ad08931422a023e4e4b5533dfb468ec9dcb9d4916065b20c1b2ecefdc0d1372f4e6ce337725fb4f8b5d110f08fcf7e04bd06455e77dce11351dc48f16d34d22da7e7926c975d4b12cab8ee0a38f05306675228d6bcde6cd25b5bc1a2c1a7c9601f690058ed8dcbfb4a0e8bcb48ed8bb2ffde28cdba2ea201f071a2cd33b5d4fff4f65102540893869bb20cccbb1629c8bd8e250dd16f7299df8a17f82b2b7aaa56c1c4e01423211879f052234f1d6cf90f5c33883b48528a0abf400442e11d8ada5ebaef74a2e98cc34c2cc4cc45b194e4d2a8861dfbe9fe79f769113eab41b04b85b385b6c995b1e2f9b3d349d2330377bc087de597832b262dfd2b2341ea9d32cfde06920e4ebafd7632bfdd42f0c376f6f424d143be26c43ebcf16e88f35896b7e6fddf3cc814872a5069cbc678c444443070f839c0af01f390b849abdbb7b3e85b46a69e5ca58a844b82c71fe6591fcc5cd29fea8f9f4206971dcc25e09271e225f01ccd131efd93ea46be1dbebae402ea173c4d2f021f4cae97f02976cf9f7a7c6511c4abbbc574bcf027f2edc5cba47e99ab59792fc9b8858cb321d76beb29ab6ebe2e43a7e64aa80bb5b7aea68018582f4433baeb06d4dbd3fb9f2dc45fe769ffc339f5ccb96bb3043884d70a1840c3fd0a826fb0e8ebb5fcd0b00aee49d1a95b60045d01712f0b6f834263f00cc62a8310eda965b021037ea919988646209552f53585592b5353146e9dd2e22f5c3bd1a34516975aaabad75913aa225c5232488ce462db021675c60cb9a1374b1dedf031b328be2e6357e6d2c94cd5d16eb15f17849edb0b1f0e0b142c379fe505e1b31d0f839575fa12367c77938361b2d07f82b3cf7454954482545aefcd4c56839665cec93e3dbc91ab17e53d0d17c74a5c66f145e4e3203d3e677e2e33d5d4d8e43202e80d881e762a24fa2095bd5e1105f6f66c33d8b7b2ce8d16283ebe1400683d2af0af03a7ed69b37f27ce1f806135ad102f04f982a024c177422d9288b5142e754be64e6c38f6ca1d74cbf0695318059e08fb72f5b86102fa78b87c7eef7acad2ae2c9b8917369afdfcbab1d1a63eb631f613661244529c0612a7d279a8d0ab57cf90186b57a6058c28bd30ea4bb0849cc1e9d3777f771d1ab88ef504e8504466e2ecd26b37a4714e79ecccfe93a4b9c7751bb7e236a1c905dcc491d9ec96f6aabfc509083a215cfec97a5fb31c73c15bca810ba8b9ef896d4b0a8a55e7b1b330ea93b30186a31b57b37685334452d32de350589e166d6190b9815148383296279047d873d886ea3325e21c311b8f728ea86281c3a13d4a1b5330620a30b0f08695ae4a6fc58ee47db8aa10e4141d355039ee32edeeab77723a0bd0f9979d82dc224e41982aa04e3846e1a80eedc6d8ca21016b0b5c50f9a7e330706f030e717ecdc2b408726b82da5663e217dd9d990e8a94773384dcfe39a47cc30a00fa62612d0cf831e63fe1c9da728f4c697c1a912478fbdb7f902adc86310e04e74632e45dbad58964402727f8f2609e5048649178641bedcacaf6e54e86a2e781a492533d254ccb50efbb619c12e5373cd1dc7bf3db185c2ca8cf2fd0e8c69b94bfb8d7e3152bb68012f3238f976cbcae74a6261becba28d7836cbc8efe94632376060bdc11c3a074e926be668af002a75fc73502ab56e68efcb311d30af7fdf4388f06241e6ca40a1db4ddaec4f34289b364cffaea438ef229d9d43b04f0947a89ebfe8e779ad4890680b47f41c31b55fe8ec8c1056e8ed6921e7c7c2cc670f31fd9b0d7b92fd125815b1a4d909e91750a04eda2a67a76c70f81bb190487f2801ab889bd8e3c54ad484c15f7b3fd244fae0a9166169f9866a7b733e77cfb445087e1568762d524c239ad9fa886aa512cece43befc0a08dfa773aafe0656150092b2b12ce03ed331455c8e39ff058592637e688769337811dfcf5de097e8c8e07d8399c1c1c466ff22224e7dd11d3024c195c8ab1c68c9b3d9d2dbbb274ac450ce2eb9912ee47e1cd58d1d6a95bfd2817ed4d8b1793f40a424dff03730864dca99dfa86fa1bb39107dbeb7c8c22ce0471b58449873fc72683838affe8291adaf44cf45f63bdfbca320d718d5ac03844e74da7df5ed705b131ea973a45c08a0b5dec262f00a9894715b0d5345e885de20075ae7223697cd11e6f9cae5aafaadf4275809a9bed164ff5bb7d3a5529e89c1fb56af277e06c2af024ba7621c8bd84c1c28a3cdfb7beba38b4effe258f8bd91b29520267f26e2185bbe190c028f5ad6f9e5ba20e93c912f98d518103c28d4eeda229a5a735477200129f6d50630a594388a903857ed51dc0ffb6d05098baf5fa22796e1507e7c6001d0ebb18db16ca588f0daa35874fe0eb54c526ae23130c9d717453fd2ecc12acc43e105d5c337edcaa407aa0545f54ea0daf9b16583f91be8619fe620267d039d6fbcc6552ce62c42a8d775eb2e6474986b70a8744e5b94faa73103c1dd6c35d9eca007bef336bbafd4983e112877aaa68990db535d3215b251138da67800833c8c2a84f4686521a8f7bc290900d86eec34d3b734de22482b7358b84df7c1869df8fb83f55ce6315fbb3f96a12c4f52180e939c7f4e22383508b5b324e46854c57215c1aec007ef8e4ea29cb97d393a2d0d62f316eca6ab7648c0e58791a90127b386a959bc50d59a63be733d399f4ba5c3897215d975a074e2a1f2a25074bc588339e4d4bdd0b7deb8900c0ea3cb9ffbdacb731b33c33a73ccaed7ad6154a681604a58c1f732c27b8844267ea51e07875a7de10b5a559b6b332b71de7e56d41dfebb909a2e64779e812260aa8725a026ebed8de38650a8c10b54f3deb5e23e47732798f3399e2ac3b4385fe83ffa42c2f75635c69174b4908886117e52cd9c8996c1c061a127ccf45ac1b449df897d42f355edb1d4af807aed9030257c6810a79b325649e28e6718706993970a9ae15eb5cda78779aa5b0cdcb02c06fc406efc8bb2f0a41f041ffa98f9bf4cb855c36119b8fd478ce00f4a7670d833868e1f34f8f20cedc3e0cd0380f27fb6ec9104b9fa59d848e27d4c2c498a3c7a00e9a1974d25a5fded2591c917afa96d8df4ff0a576592dd924f834dfedf0f33f1bb275e14e7ce027609bd202eec98143f90ed7b9970878095e60ce516e2b77bf5c520307d308312b1ee8e25fc6c825e305b66cf8b03c41c498e069e346273de26e72771119d7a3e4f2cd9989caead68ddc3978a99de09ca2302764208f30a4ca96ac685a4fd2cf9fe7e3f5897328b5673a06e77824826445bbc0f2e9340e1dac6e326edfeb9ab199701f12951637c5f8af0017c1744a6a4a577880e49732a70043f74cefebd8c9abd355a30a41bc2557ea6e6f78d67064dd735b6700d269f374c3c92508c9dac65acae8907079f7ad80cf57a5307af27eb100c0c415b383f7677722efcb47e4e342e14dc076bdf2b69c95301b02ae9a4f43e255b9a7ecbd381d5e2ba721f181453e482ddd2ef9a988c6d2be934c007fdbaa9218005e113742abd41b7a10143c943d16b816fa38920f11b416ae3b9f0455d87516370c7ee0ed3d3ecb3e9096fd782ed016cbf2f417117a9c6e3013c85b9ae018a9fa547735b0ebd8344f7d4f29f01fce57efe862f71b06bb1f121028609864f9ae9728409110aac48be6c3213e255a8d25b9150f4ea6900670a12da8b9d326a40c2fc7e45413141c83774a3b037df43cf3a3d46a95b6a6b46026c2534841d0f72c5e2b6b69914221a307cb94dc9a775a3291032c16f7fc1c97f85a5794f81142c28779837c5f6411d9c16865ef8097977247cabeed04a1059d0e4ca5b05c7df8a20b9b898e628a9374f8d621a8ec4f85d20f4943d178cd79944d32a1d5fa134f4cc5443c8ce1f1b8c5fe127cdf5c19b762400f760ca60bbc1fab2fad98bacc01d97cbfae00420dabcd8b7095fee3383191a7a20645b9cc8d2f60a4f9c4c6ad2704e6b9e3e7562d2d124f7e80b872fb8bfabce91e0879a9faafede685c7235e809ca94e03eab67758be16f528698ba75dec0e5df076841651318496ff72f2ce3ae7190f4c4d2115127d81caf55caed5e43d95fab2bad1ff4d853d152ad7a5be2b911433051f605d531cca769512e839b4ecb5d15420d0db59191b3c5df91246485d2bd50139c3662e7b77d3f5092e78306567ada149650e74299b45b2c029d8002866df0d55fd4898427cfa156f6c2fd3abac5d57bed64cf8f2fe9d070d7820c4fbdfbd4f3bda1db1496e067914eb905cda7b8803937d642d3e9bdaf30490ebac19d2502ab2649ce74dc6d02a0ae542c59deb49846f3e5317e8245162364ef31ecb0433e0636cbe28ebc05e5ffe6c5305138c58ce2050a45db574bff21329f44a069786d1e012fc6a8e06f9b6097e3200cd84f87d4edda3b2e19fd21b9477a1c2e4f6ea0d265db7cd8342914a16903cc77fde820d3063a6aa239d028c3f2af774060b79773a20161b6c753cf2d73d77e1d84c14f66264cb95574fdc4c6a7353af7c01723b13b7d9c9d6cfa9109dc83fc274503d4bf1c45d7191fb73d64930c456dbb3fcc174c40ca1b8cf14d0426730535c21c717b6e90107f000ce82abe10de0923bf00ef89b3372d48ee8e4abf5997397735930bb9b4e3f8b0ad66c68a57327df124636f0981e7f5a90d6b1229730f0cba9ca3ce880a3611ed44e157dd9b914ef205c369cf1d2e724c8a79d248d65d7fbdcac2556f3383052325b9048607d555e76fed9d2cb3f4a760a77639bdecac66c606d60a46d9addf5f613834724d22220a83809878fb4ecb663a26536feb2f89a30e25234cbe05b14c8d7dbb0cdf47c7ae4dfd2b121f2998bb8b22cc79015ba1da15a0173984362797800af598d51e0977ed9836a555c62d4c5c98898966da55348f6dbd08008a0020000000c9e13f00a5ae006d3b3ab06cf00aebdfeeefff7efe701e0d5115fce8335a9e32a90f53001f32b3887b45a111b3d1c8bce37564dbe110148bc0151ee4c62edfdca6dc9e8ff210a7a2099b2592640893c827d835035f1439cede0b6cc47370de01f90e27fea72c5988f61e8235a05e3886946cfb58a7ec7c4cc14826b393c647b68f54e1218df743a8b06a7d50552f7b6cfa74085ff673f4c3ef39b0c4853b8fe767a0fd863adf9896f196e6f08339264f7b2445eebf9963d1610825533b47b1ad379efcd0bbc143ab2a556a53e22bf8e55aeaf450afae7f0ca07d3160a0396c247ac701f977139a05e5b1575c34973d39e73925ac643e8e310997cbca8f76b43513026857092271c3002603ec8a2913eaa041df282178b53bd8de738194b4fc9b572e4fb61572121f6f08dc4fb761ce75b1c694145085590042d1b99fd57979fdf6db357bfe934c91275d821976d00a62d9ce22a163b12ced7a22baddcfc99ca00e949475d077607998fa985d11779652062ed04470239ae999751e8f1ecb1d49649d8fba5896762f83ef911542dd86a04ec8cc17b599b1f78ba81a2ab61bb9d29f77662cc2657d76ab8bdd7e4c9071a1d5ab825464d671e789f65a50c0a068999c059e173796f7e28e2cca7bc26fcab6d15d570056c396999299430880951fa04601602e0d9c5be5d2a6533ca67ae74b84dcff366bc536bc0f6832efd530e5089f2160781c506e17d517bcef174d7c6682a07f2363e86a39724e232ffeaa53aca62b63aba122d35615ee7e8bba19ea2333d739444feb901c965ca013f40c27fcc20ea3feb5a754c1b20f3e770c90704e16df438687e6179960ebd30ac35da4d34419cec750641f68272a8fabe7bba88b8f0d1393e5ee84b28f94e2cbb8afaa3f615a2ef07723ac162f3b86d161e78701bec87970ca6c213645a2d4574322ba2d7dec58be275d3bbb93b13a7e334ae4e1abd57ac641fc335c82184f50ee2b916aaffdaa2980bd5e67060c2cfbaff827fc05975d4504b3e2b92bb5df5e410a255a0bb37fe4f89a6c460310ea9937fb0219154e6156a102604a1f836ad87736614eeb81623a16045c2753f658b528fc80612ce41020127f22d01ffa6af836c8fbb4047f713be4a694958edca1055af790ad969a7c1359212e73d3474e1fc5263d64eb34d0b158e9f175ceeeb9d5aa31450f35e7ba083d43d95d597ed9cdeec1c683517f364da9f8a918bf63d75e34d64845142342ef3f059ff8469bab245fe35600badfc42905f80ef3ba6ce49a2c86255b06f56f7e75d024efe8e9da5c4bdbe57edcf444780416fe4894c7bb4a284d8494fb9f8dbc70544ab5dd4e8f0a48d0eaf3763f4a4b3da275cc561a7560c8857d979880421a4c1ba7f8dd249c4bc6cc428b9a9451b6db7ae366a9bdca223bc7aa7323d7ca347eaa92f8ef1d3ba0b5f1cda1907c7b24bc1e790bd5fc01b768e9d737fa6ed5c71087ece51ead46195690951c67cafc47b60962b1fcea752d67017fcd115c80c8fe7b3f262ed2e5219b7997d6aff6c889afb407011a2683f599ac72c140eb6b3c768fa600de00dd8e05903ae530965fd659ac5bae75156df11b6b284924d1a39a3513311b66e392d6088782ee7078cee312135bb4e6c527663d4a0789d7f32414149614a5505b80d9a65482e869aaf42426ca92d6ff2661e7edbc29fb5d207acb5e1bb05e3367d17ea8cc21c8aeca67de2090bc72e06dfa76c6f15b7a0189d33039c254056039e62e1072c4dff1c770b93ef932d63364f6fd324dce015413051c22fcb128087d150e44f6f528607b96f291b96526a92a9c6feb9ad279770b42bc20f07afb23254cf0e2fa538735a49756856feef2f24ba8f5127d8d9bb4c41000fa99c38e66dc48b7378d5b8a81904178636ac14237186c1d1c9e93ad25104c698c0fff268485fffb2bfbfb5e42a3268141d2b7f9f637b6068a85f167ca40b671567c7c7aa9e00da3b9161f2dc8950c8841caa9c0f808e8ecce98351889ed8c280540862ffb35e4ec8d7baff3bea8a47dfd050ce29309302a0bec64b8cf24b23268ff27eb54d9f44fa9b43f7a7b946d23c4073470c10bc50654f01136ecf0b9a7e3bf88030e8c915a5a1cf11559c6b2d82948b50f7145d312b535cecad56146e68962e81ac00ec042d917cbaaf5998b0932204546efc4c83d5cc98af0c7ed380646dc6f43743835e43fd68d48b9c156805f96bcd115998515755f91ec0777bee4712c68cc178e966fc254092730057beb7bdd006c4b31fe847fe2007f624cc5bf23f562b16072b9220eea402429a0350988051bd423863c68e40333f5cc186b37092db8d6a63c500d9720a25831c6876d7bb82d78651f0e75a438e43189485e0b0380f1d793de2a8466666fe40e51773bdd0c42a1567f2a7e99003cf0de29e51a0ca306eae3719736bb45d2944f2ffb0cdec3ae9d00c2ca0fbad1fd634c1e2ea337f6239a5353e2ce8ed7df82afbad4ccba3f746fc935f2cea462a6c9097ddac66f3eed056bf11e7a67381d3874ca856cb01b39e74121f6adfe021329ca7065ea25e37f79aec142710a7d9139bb2fcb5896034f4fb06eaffbd59a508fd18cf29042b39b1d0bfbc796883a3f83b47731fddea3039c300e8cc8bd90555e3b35229ee82d0609e9603f427b740a60fbf83e5679881b0cdbfce1a5bce064b7306b5d55f902003efa6f761e62388a6899646ef1a7f820aa224f32628b25bb561d42c682063e469454aed6460200c365c1cac1c176c5c328f0fffb4622f91394f45bbb034bdc33c626557a5679945e7f9405ab26edc49dfc229a7822bbadac9cd505a151885a3e577e0e658326dafec6f959a66f6de0b61ba33c3fb167c3ef68703be3d90c406e70a5ae21804953556471adfbd8cc7b20810f9b1c2967cbf0ed5d27fced6cd8078dc035719f613e7d8ebe389429f15954408574c797611cb47e2975d6af181f065ddb41c80a17c6b0aa5583651bd9f8c30d62de0e7ccb560414e5fa5ebb5fc6bec4aaf05165e0893a4bf8c73f54bf2e73f5cdb29d9c0b0565d24e33ff8433e8cb904510e1207b4a291d7987ebbcecb5d416d88085ec7ef42491e05849e01d0fc43838b8bff4b6954ceb5c992e426007ab91c652325528037f25b1868ae4b7d976249baa210a31621e3c352964430866b1564c62be5e5aac892b97ff3cb454a59b433972a70f435e06de625d731d0ab6d2a3768c830abc0a0b870f5764a9f05eb849facdc0a617d6a7febae777c1e64ee1c4efd02cbb808644348d56c8087cd36604f3a7d2d76e3960401c5834dab11a7608508a452c705fa1c9acecdbcc1f15f4a7936742556e419f6338fd4190ee8c8fd092ce106d6cbd8fb9282f4ad459c7fe2eff805976b4e98f79de6a660ed698aeffe5a09e5067f3b205bb5db165383ea821b61023a7199d3f20011a8c968782387bfff50cb6bbccd9faa96b182e7087d2df129f160d26bd78d8091155278421acf446c4817c840cf488217e37176f661094f10695adca33637a1eefdd036dd2e652207d50deeb951a4ea8927f5d4608a5abc6c3812096e415238f06f0e3ac754fbd936bd53334ffb4242029df795c504a27514dd2860a7f6fcd52d119db6fb487a949f514e3a02a6b9b5976eac29d1915081a6926a54fdf05d839387db5cc19cf889e6bc98d851ad63645beaabc35ef71f417b50e6c066f259a22535c49add63097e3d318aa185daa0f9f1cd74dd15cfc347eb44e5ac1c12201672308174f7a480dca1ca9c142a5d6eca1db58d2e7de266e355640008ee581703d5086a3be8c7e2d957ea785c4ce1b6895d8c9a4b68edf13bdc8ff237d6c762e7e0f87f126349535be201ce2642bd25dd367cdb5ed42e556e4982a6105bf57ec5061d3f645e25cdd478fa2a1b32f05b2ad1d7410ec38632c63019ecb2814b293d5944f6b131a1f7d2b4bb0ff15bb76f57bd8e70ef370ad887552608bc881eb10bd4e6b408107e2107984a2fb898aa42153dcb5d0b5e6d822546b004546be67a0c5bebaf2284f6f626ad9c88152d90a9dd775edd25a675d09fa467b0deb8bf83893b8dbb4720893e8809bc0ca7611f735f287fd4da866202b65a47a3081bf5c64f616ddbd9cb321ec04aa6fcfe005f5af582f2b84eab57f3bb49cf417faa2e6f345d5b509ec5de676f97a82b05f2faf2e5d191ca6b8b3341295d8d315c663325466d668b831455e72e2ce356be10c259e5ec8e3e0b8246294b51797d1cbf3a5b1c83976a44d9c41cbf783e89254b8c4134902c60b34ed0413ed6a37bc3ff25007cd3ab3fc9224b462216fb85998010f5cfeeec2c0f3e6fa311c4258d6bd8e948007d1006b309f64f44df7cfe498bc0a0d8ef465dba6919cd4170f326d2eed04c21031e023a39b38f89fa449ebdb600d1033451c00fbcdfb3525ecfa5f6567fc99a4c8599947a925f175d079b00ca0af196273323705bd2fe5355321cb49e6df49060b636c012f0f6a2179881a5bec5bb5dae0d87bd7b2bb3c562b4fbfaee6dd2ee8d5e4f89eba3e1da77e2a7932d1d92cb2f091ebf95e51fd2c08e7892085cad281ba63c97ce94b18e6ae82ec737072d1713d243a142e7adc263028f62c030e8cc166e0325b01312db05ed8d977a2e0468c210c5d82730b772238837677d6290263d0a58598b31b9a9194effb8a5b5be6e096de6a8a7237722a219235c60e2f8d6b85dfe8f4881bb8523924bc018feb67e7d486eead16f6498c7758d5a4f0a85b6e61ebabbd026ee363b9b0e69d349fb2e08541cc5b06c89bfa3d7071008ef3e3a483b02f1b1b4b2781d5eb0f1bdc5c78728bd74d09f5329b44d55b4132f7b06c68cdb3b33fe7cea969d84eaa55ee083326bcdb1852d95264d521bfced8c28d217494d301ca461426151eaca298b884b5a4d5a73f5ffcc33964228b16042b0a6ce58da404f38c46d298ecd25e9b17babd5a7e070b2f9d14b0bc60de03accfd569e74efbc1ed361a7e87960009fc22b366bcedebcae8da3ce6c9a576d37c5d95251b422bf9ba68ea05f2a5e9e2a62704871c80765e39ccf7b07265aab55fbcb0c2bc484f10afe9e41940608c7442ebad8e554f66980d571dd0d0e90befb0a740b4a15d78d38aefe1eecc7409ad8e6804f15d356d1f99c2165b4d9b75f0d9ed3c6cec9481d4f01068e90ab29708730febf2d16743a415164c6869daaca99db05c644973f608ed6de97f9213baf4fe3d043f61cda85a45dbbbe5b89c457d975ab1196406df7fb48bd2f2091f0d9b2fe5d3c1669095cfcfc67c39120f7e12099552287efe6fefe984ed3909ddd298b6b3446ce017c5aac122727b26b9b71c457a60c1c8bdeb093b3f07352a457a39f00785b04ac0cad273a87270aad756aef0da509c3ca1e58a8426f8e364f31ea9a555894715ad2d24570b66160dd92e096870f985417f49f34884e4ac5ef5511e26d18e21ffe182643e29c60b4a6956b97850786ff53581c1993f84ce2fa9c3829190edccd5aebbfa47956604264feb8183b76b68c203bb05d3b45ca7f03c96004b34d31c03cbfe0c472882930b9de85d17a39c5778b14f382d30ce9ea18d96ae3989184439cf61a41ee4b776f6ebe95fe5a69873a04c79665db3bf1f9e6982e2b1370d919ea6d33b857c26cd307a910d2922c8774417c0b1ea1aedfd0ffe1f9aef660dc5b3564c78e41b20320f651f05906720ad3993cb059190cbdc5374640c0a4dad877da4d63de28ea4dc57ea1352fc7d29f9451dc1951987cf888f5779ee66748ff572e3e0458648605c06f00a22d4afc26e00000c000f00080074008f4b019f88ac7d", @ANYRES32=r1], 0x20d0}, 0x1, 0x0, 0x0, 0x4040}, 0x44000)
getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000200)={'filter\x00', 0x0, 0x3, 0x29, [], 0x283, &(0x7f0000000180), &(0x7f0000002480)=""/42}, &(0x7f0000000280)=0x78)
r2 = syz_open_dev$dmmidi(&(0x7f00000004c0)='/dev/dmmidi#\x00', 0x2, 0x40)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000500)=0x1)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002440)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x2b5, &(0x7f0000000480)}}], 0x2, 0x0)
r4 = dup3(0xffffffffffffffff, r3, 0x0)
ioctl$TIOCNXCL(r4, 0x540d)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000002c0)={<r5=>0x0, 0x40, 0x2, [0x2, 0x0]}, &(0x7f0000000300)=0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)={r5, 0x995, 0x7, [0x7f, 0x0, 0x39, 0x2, 0x2, 0x101, 0x100000001]}, &(0x7f0000000380)=0x16)
r6 = syz_open_dev$swradio(&(0x7f0000000400)='/dev/swradio#\x00', 0x1, 0x2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000440)=[@in6={0xa, 0x4e23, 0x6, @local}, @in6={0xa, 0x4e21, 0x9, @mcast2, 0x4}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e23, @remote}], 0x58)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f00000001c0)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4000, 0x1})

06:45:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0x0, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  693.102789] *** Guest State ***
[  693.106325] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  693.115555] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  693.124659] CR3 = 0x0000000000000000
[  693.128444] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  693.134805] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  693.141673] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  693.148684] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  693.156917] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.165227] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.173478] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.181544] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.190124] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.198352] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  693.206799] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  693.215149] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  693.223472] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  693.231517] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  693.238253] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  693.245937] Interruptibility = 00000000  ActivityState = 00000000
[  693.252477] *** Host State ***
[  693.255750] RIP = 0xffffffff812cf768  RSP = 0xffff8880a76df378
[  693.261809] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  693.268628] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  693.276661] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  693.282879] CR0=0000000080050033 CR3=00000000a47e8000 CR4=00000000001426f0
[  693.289977] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  693.296993] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  693.303303] *** Control State ***
[  693.306823] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  693.313808] EntryControls=0000d1ff ExitControls=002fefff
[  693.319334] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  693.326562] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  693.333532] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  693.340182]         reason=80000021 qualification=0000000000000000
[  693.346810] IDTVectoring: info=00000000 errcode=00000000
06:45:35 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x1, 0x0, @remote}, 0x1c)
getpeername$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x1c)
getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000100)=0x1c)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={<r1=>0x0, 0x6}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={r1, 0x8000}, &(0x7f0000000240)=0x8)

[  693.352502] TSC Offset = 0xfffffe86fc719ba6
[  693.356879] TPR Threshold = 0x00
[  693.360309] EPT pointer = 0x00000000a3e9901e
06:45:35 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000d65000)={&(0x7f0000000000), 0xc, &(0x7f00007a8000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000002079cb631f61d1c54900728923cb9c1618ed6c560c84a8911caff7b012aa46ebb3a935a59e4d82b55279c3b4751a087346ffaa1d222ed2e8f7509e0926f5fd8ac126c948b4f3508355ed061b5bf5a831c31b6ca85e37cf0202e9137a6"], 0x11}}, 0xffffffffffffffff)

06:45:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0x0, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:35 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x400, 0x0)
recvfrom$inet6(r0, &(0x7f0000000200)=""/4096, 0x1000, 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c)
listen(r1, 0x800000002)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = dup2(r2, r1)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000001, 0x2}, 0x6)

06:45:35 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  693.893042] *** Guest State ***
[  693.896581] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  693.905805] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  693.914873] CR3 = 0x0000000000000000
[  693.918668] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  693.925094] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  693.931847] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  693.938870] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  693.947092] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.955434] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.963664] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.971765] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.980127] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  693.988345] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  693.996638] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  694.004856] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  694.013190] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  694.021253] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  694.028056] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  694.035741] Interruptibility = 00000000  ActivityState = 00000000
[  694.042274] *** Host State ***
[  694.045548] RIP = 0xffffffff812cf768  RSP = 0xffff8880a821f378
[  694.051624] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  694.058339] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  694.066377] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  694.072557] CR0=0000000080050033 CR3=00000000a528e000 CR4=00000000001426f0
[  694.079703] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  694.086694] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  694.092970] *** Control State ***
[  694.096488] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  694.103456] EntryControls=0000d1ff ExitControls=002fefff
[  694.108999] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  694.116246] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  694.123152] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  694.129801]         reason=80000021 qualification=0000000000000000
[  694.136458] IDTVectoring: info=00000000 errcode=00000000
[  694.142125] TSC Offset = 0xfffffe86916c2171
[  694.146506] TPR Threshold = 0x00
[  694.149932] EPT pointer = 0x00000000a281a01e
[  694.205672] *** Guest State ***
[  694.209051] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  694.218249] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  694.227546] CR3 = 0x0000000000000000
[  694.231338] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  694.237571] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  694.243786] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  694.250649] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.258908] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.267133] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  694.275386] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.283726] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.291786] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.300097] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  694.308328] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.316525] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  694.325060] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.333307] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  694.339807] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  694.347501] Interruptibility = 00000000  ActivityState = 00000000
[  694.353927] *** Host State ***
[  694.357191] RIP = 0xffffffff812cf768  RSP = 0xffff8880a69ef378
[  694.363419] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  694.369905] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  694.377966] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  694.384070] CR0=0000000080050033 CR3=00000000a3d38000 CR4=00000000001426f0
[  694.391163] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  694.398075] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  694.404375] *** Control State ***
[  694.407909] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  694.414802] EntryControls=0000d1ff ExitControls=002fefff
[  694.420323] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  694.427583] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  694.434477] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  694.441123]         reason=80000021 qualification=0000000000000000
[  694.447691] IDTVectoring: info=00000000 errcode=00000000
06:45:36 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:36 executing program 4:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$unix(r1, &(0x7f0000000040), &(0x7f00000000c0)=0x6e)
r2 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$link(0x8, r0, r2)

[  694.453344] TSC Offset = 0xfffffe8665f6d0f0
[  694.457729] EPT pointer = 0x00000000a47d101e
06:45:36 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:36 executing program 2:
mkdir(&(0x7f000082f000)='./control\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0)
write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
rename(&(0x7f0000000040)='./control/file0\x00', &(0x7f0000000140)='./file0\x00')
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000600)=ANY=[@ANYBLOB="236d5bad3419d4e9635b382cff888e2234b56eefa9bacb74fc5af7dd7fee3a50d8da3312e046377697f6b211708c3d7c75e7578e34cece4e9ec06871ea13c0ee40bd1f6830c756355b54f47757e3d4cfd6b2fa0ddf485ef0a87646003021fb7e203ca28ff05523151011838a1c46c22c56d56fc4f67c42cc2bf94b1c65ca5a2e89c1fefb5644f63fb5443455dbd9cbd56ac32bc9d72e271a70823d47e0dee29fefff803d9e7522b91c6c664862511a9a2f33c6d5ca9e447fa1d7a8ec66b9f26590873f2de93c05cea20000000000"], 0x4)
rename(&(0x7f00000003c0)='./control/file0\x00', &(0x7f0000000380)='./file0\x00')
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000580)={0x53, 0xfffffffffffffffc, 0x5c, 0x2, @scatter={0x3, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/42, 0x2a}, {&(0x7f0000000240)=""/124, 0x7c}, {&(0x7f00000002c0)=""/62, 0x3e}]}, &(0x7f0000000400)="34c09b3bc90ee2e5a9c6737a043674585d7a44b1e5b134ff9e34ac51fccd3567fa9aa1429ad37a51c281a45300e9dfc540a5492df5033216639a360a924339526dce49c7c4fa761d388f308abd83e8d0c97483574083e873b92cadbb", &(0x7f0000000480)=""/202, 0x3, 0x2, 0x3, &(0x7f0000000340)})
mknod$loop(&(0x7f00000000c0)='./control/file0\x00', 0x0, 0x1)
close(r0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000080))
syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x3, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000180)={0x3, 0x7, 0x71bdd02c, 0x7, 0x9, 0x0, 0x7, 0x7, 0x7, 0x2, 0x0, 0x7})
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)=@req={0x28, &(0x7f0000000080)={'ip6gretap0\x00', @ifru_data=&(0x7f0000000040)="4cfccd1442601a10f4ecc4fa4c34b268f4e6a80e413205d278f76c7f2569b53d"}})

[  694.742766] *** Guest State ***
[  694.746148] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  694.755289] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  694.764419] CR3 = 0x0000000000000000
[  694.768202] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  694.774392] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  694.780438] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  694.787348] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.795556] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.803784] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  694.811844] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.820109] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.828414] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.836685] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  694.845006] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  694.853224] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  694.861296] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  694.869648] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  694.876301] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  694.884088] Interruptibility = 00000000  ActivityState = 00000000
[  694.890380] *** Host State ***
[  694.893896] RIP = 0xffffffff812cf768  RSP = 0xffff8880a76df378
[  694.899984] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  694.906708] FSBase=00007fb09ecf9700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  694.914736] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  694.920716] CR0=0000000080050033 CR3=00000000a3d38000 CR4=00000000001426f0
[  694.928061] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  694.934959] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  694.941081] *** Control State ***
[  694.944858] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  694.951597] EntryControls=0000d1ff ExitControls=002fefff
[  694.957388] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  694.964618] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  694.971353] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  694.978228]         reason=80000021 qualification=0000000000000000
[  694.984767] IDTVectoring: info=00000000 errcode=00000000
[  694.990285] TSC Offset = 0xfffffe8665f68e1a
[  694.994944] EPT pointer = 0x00000000a47d101e
06:45:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:37 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0), 0x14d)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)={0x7, 0x7, 0x4, 0x162, 0x3, [{0x55, 0x1, 0x4, 0x0, 0x0, 0x400}, {0x200, 0x101, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x2, 0x3, 0x0, 0x0, 0x1000}]})
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000002c0)={r1}, &(0x7f0000000000)=0x2a2)

06:45:37 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:37 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x40, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  695.609687] *** Guest State ***
[  695.613440] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  695.622603] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  695.631523] CR3 = 0x0000000000000000
[  695.635583] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  695.641665] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  695.648760] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  695.655736] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  695.664066] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  695.672299] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  695.680362] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  695.688752] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  695.697009] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  695.705406] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  695.713727] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  695.721788] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  695.730181] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  695.738392] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  695.745160] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  695.752856] Interruptibility = 00000000  ActivityState = 00000000
[  695.759154] *** Host State ***
[  695.762649] RIP = 0xffffffff812cf768  RSP = 0xffff8880a18ef378
[  695.768704] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  695.775435] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  695.783485] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  695.789455] CR0=0000000080050033 CR3=00000001d0efa000 CR4=00000000001426f0
[  695.796876] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  695.803799] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  695.809920] *** Control State ***
[  695.813695] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  695.820449] EntryControls=0000d1ff ExitControls=002fefff
[  695.826228] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  695.833480] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  695.840228] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  695.847135]         reason=80000021 qualification=0000000000000000
[  695.853704] IDTVectoring: info=00000000 errcode=00000000
06:45:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  695.859237] TSC Offset = 0xfffffe85a4f543ee
[  695.863861] TPR Threshold = 0x00
[  695.867292] EPT pointer = 0x00000000a3fc001e
[  695.988224] *** Guest State ***
[  695.992101] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  696.001026] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  696.010169] CR3 = 0x0000000000000000
[  696.014112] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  696.020155] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  696.026595] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  696.033486] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.041547] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.049864] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  696.058057] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.066341] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.074578] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.082935] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  696.091007] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.099264] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  696.107578] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.115839] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  696.122489] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  696.130006] Interruptibility = 00000000  ActivityState = 00000000
[  696.136494] *** Host State ***
[  696.139772] RIP = 0xffffffff812cf768  RSP = 0xffff8880a19af378
[  696.146077] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  696.152704] FSBase=00007fb09ecf9700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  696.160571] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  696.166759] CR0=0000000080050033 CR3=00000000a3d5b000 CR4=00000000001426e0
[  696.173987] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  696.180726] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:38 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f00000000c0)={0xfff, 0x8, 0x8})
sendto$inet(r0, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
socket$l2tp(0x18, 0x1, 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000000), 0x4)

[  696.187083] *** Control State ***
[  696.190596] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  696.197534] EntryControls=0000d1ff ExitControls=002fefff
[  696.203183] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  696.210179] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  696.217133] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  696.223894]         reason=80000021 qualification=0000000000000000
[  696.230833] IDTVectoring: info=00000000 errcode=00000000
06:45:38 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  696.236645] TSC Offset = 0xfffffe857788e8de
[  696.241054] EPT pointer = 0x00000000a2fcb01e
06:45:38 executing program 4:
unshare(0x2000400)
r0 = socket$inet(0x2, 0x5, 0x200000008e)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000580)='/dev/autofs\x00', 0x80, 0x0)
stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
sendmsg$nl_generic(r1, &(0x7f00000027c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002780)={&(0x7f00000006c0)={0x20b0, 0x1b, 0x805, 0x70bd27, 0x25dfdbfe, {0x8}, [@generic="83e94a0566e6d8ad9b7548e431e28ce99e644fae25390084f7c27f5b8aecda0685bcf42a64419e2be765fc578bd7aad9c5c0aad8af7b56fd7ee6869635b15d585f774fdc2708dddbfb57d280e5cbdb3855b975ed4c6bf0e835abdf73f870ce6eeffa3a8a34c4d7ddd83e6ac8eee309945d88122bbe403d069054accc5c4b675a15c84cc926f341ae78e12230fc38075c7e8857446100406d67eb69f1bedd7bbe9ab7ef1d4a023a0943f714064120e2441717861fcb6f29acb2c6dab0c8d990b99712e9189bbdb8a0d07de86b5e55c5abe5c9753dedf292a69585d8394ad35fe881c3b8f0f13bf6b1a287ae77f523a9df718f6f53efc4121b15e0c8e7ed318a710d832e829b044bb314fe640610b50032db76ba00ea4abfd2eaee74e1ad34ded164f17a53d4807871ad407978a86ccd34ca091f1968ed10d9ff10d8c2883d292f5780356efdd69e79f710d3a8e28505ef2d0379faa7f37accaac45332078c3b8d0521ff02f5ad85159d0584f18af9329a34c7acb85eda53052641bcafe6177ddda78e6f348d284056d5f5afd5aefcaf5c508e743ee4cc28a9acae0d77b949ac57e45f290e9299e9fb237e853ffc69111edfa6df3303b9e9a2910b7ee5328b0eaea641a79b73d46c24fbf602e6f0ffea5b371806f3956c25568df1d30625c32bb9a0b657524b2a6585a3494a70d45422f36753bdc1ddf90dbc05983c60342fc2ebfb1d779e3d0b8c08f7b7039082625521790a9cbb1af7b4e30bc8997a5a562cf2d1eaa72394983dd2e8ada8ae762d4c204d60b4b97aad69385557977a1204846b86e4f6fb251300121295b9ee9c4717e2f82ca4dba6342d6b82fe0fcbc6c59d88d97808e0e17fa01542f2a884159376daf254cf253bf5327cd71c610ede6500b75729f211fafc063b6b2298478791f1439d51671eb0e326be3c5c8ce5860b540ed3a06a9c47c2a724017e2ef242948201115a4d757983821ea603f17dafcad701191a3013f7da97c1e1fcd46dc93c1f6b36b86c66dcb1dbfc78a8c35e32585a002483e12ce6d71b9e38af22d03e2c1faa41f7fbb8538c97cc710c3b084d4f13bdaa577008c3180351b41a9f7d811673da03813d430e66b73ecfd268cb6a121bec3363233778d3988461f433f8cf200111bb47279415273fd257c0e6f282d615cde30551a5f5715f0bc004ce8d9dbbe4f6faf537e5c0372f15f2da7ca61f27b8246626af3fe0f2e8416ae7042081c7f778ff9379f32aa1528b03b6d455b8f365dacc6ca8a4a6b366e0bc5195097aab9acac076425afe0bd5064c44e42185b0c048c3d2c065f54e5d1ecf10046e6b8bfb82124d9b128fc18f52e854b0367f7e228723115c4223fe981f242af57c77e1650cc8c5d28eee4be0bd039eabbb844619c6faa5edfa8f1d07b1f2287e725be2b4ab8e99c2c6f90f80c84c4626db1aeb8404096b058e523c87ba4bf64b37715f6ef3648a8a73c1adbb955d3200d2088fc4191baa1db0187a8ab335d1b859cb546e53043a56b8a49e2a257634fa58bbfadaa2c8139973be7bade21ca231bb47a4ca7c21a0c72f9f032e64a4fc6403bc60a6e013729474f14d3f26cdf66bfe097448322f02e2ca3794d6f40a03615f76adb9c962a6b70e8c68733a39ac654a820513b33b802622510fecbc3754cba70dff1620aeb771686dff1de79b053281699c92b97568ad669923bae01cdfdbcb330814d4fa1b2e7c9230d7d24590d9c5caf55814dcf2379737567b703c8539d3e27799bc35bad7cd8af4874be09ce6334c7689b71861c49ddeb6db440d7e0e047eb0f1884bf8350988a13382467b3969709ced965e56e17f11d45a2dbe3c73fb024960870d949d824e586f9c9131a0c90e28fbfbd28811fa62f377035cf930ebb1255593d6e6673c90c03c62d598043885dba51c99c3ccecff56481eee57ab7e0a5a6275d491a88b47a254e27e4479e519303aa96151b5a3dba88c0ff936c2d51125617b96523a5a9dcf1837e83efb318078bf75108a3acc36cb3bcbfa209ee72197d3f7b98c251c94b01bacc006e16962f2f51116e69c329f9c1410c217ac51a822c1f8e025a88e58826524c721ff5d922b801368740e581de4bcdb8919e592b830cf25818497dd4b9e3638c1d18eb37f7c425a337815d6d860fbd390c5be6be30dbf4d89d8c6b9ec3bd4aa5412ec7990793203d6e60ac5ca18f31bd7f6b1b8e8922410a7bb99047eaaf37f58b3b9ebdd6856294de0238ccd2e16733b3ded240f28eff5a0c082a11769a5692cda6b8bcd66d1e32c98ad604c118889a9fc741f2309e0ae879f521e28861193143a8f1dde794dc6ff5e056a380237b1157e168275de4a55547f02ce1d665cc1e0b28f8e2a807866b6ec0bdef8c8f58f6ce396b72b5a1a8789a9fdf947e3ad576e2bdbe58ceb14f49780bbc51fc215c0a825099ec909d20984ab5b8d7fdfc3e2072d15b5c6f054f1fbc2efdf222e766f282881760a4cf5e2b91f829ac1911ef687ee646797cce30ba5a7a7e8ed375a6e8c8d789cb3969df111a5e083d5f64896d9c246270876c634b6373f60dca71cf08a30dd2081a54e2d1e04639df6a1ea38acb0bc7bae41a70003df53d15bf91b2f0491869b6377258ce324adae80547af71021703a9b99df0757645e6057f2aeb2e73adfe93bbeef1cdc62a235017f93ce04e266e4bb109f3f05681f63f283b4cfd0883692673f005b5b9ce053c3a89fc9e3b54825aa70d91dde667964c2956ab8bb109d40b37f134f4c1d299c9e352bca27711c1c93d076b44b5596fc5090019caf19aae640ef60e885400c036774a59304220a23ce04b3345a3a4e37360beebc18ca0327da276cea44351c8daf3a665fad245a01efcac2056cf4ecb865fc5d191626d685ff6ac39c97cbc33b9908e41b756df7db8fa8a8b3d8aed78020ea070aae8514ef49ca6fa6595ec598e241cbe312898d704c01b8b7a12d5d8181b27c7352914375ac7e6628849abc9e6f9131dd0193450618a5d15804f9fa860e7c280abcce8c54475ae769e01e1e4a9c2c9d02c4d4b46f636ec2c503e7276c4ef59b6ac5b69a4e77e02147fa9e6d9d0ee6020c82897313fbbd684d3b7e28ae82d91bda06d1da584d99667add600790ce67fe9692279c6ba7846340e8f97d75ad27bed4c69c904026737ffd549d73bf82612315d73f37895f8db65f478baa44069f26ba121aa58001195a08b45c086c9d92cdcf6ea8582ea7538d22d750141455a4c9d24244db855b09514baf69ee349b1353cb45f20c6370145f5b1d5390e3feaec88c407f0bc0e461b12c5e333b5660e4cc0f37c43adae09ebb6b69493ee8c659b1f30c930098bc41e472d624c71e13a0a80462b6f9db418f890cd02b83a9d6ca00be6a7930f89cb597e3fde57ccf7d561201cd03f695cb0e8e9ea1207ffbf1b81d2733a1f53514b29be1c967841d0e382e471b8232488f1fe024264d70c8972915079d0925d78b214a4c71e92ca903fcd12bfb760b75f12da1bedf3bc15f837c19e6d17210d82a96a13fa28a2f7ff540f5c3b62c814c51c5b28565730166423731f39e0dd29ec85fe811fc28de6deca56809705a3f50f1db36386e2dc1ca01074b88e00ce90baebba3da4001ecb34a806ff1435e606f56d1be9da046663fc49db003e5efd84c53d0fce49b2a56f857a342cdaf4ba2dac598960c67ad6b72624ea0e5d93beb15024c89ffa085d6ed222db85e186694ef627f475067c2dd2d1a70b9bf2a393bf946052c20d894671cb2bae5752b6155bfa045686f91d5669cba8561c086e1f2405f3ab4e8fc67b8623cbd9c2fb1c0124137cd693d0e27e905d08aab80d95ff7dec7f64765bee3ece05ac906169be2103d7d5c7a4e456c6f3b252b078dfa88cb52d0d99782ddfd865d8b217fddbb86e27446ec5ba526c9f77d7590abbb7a517bf92c720dad24d3110f4c4543b37d1221cd5c30ad248f24d6604708806edb4ab38dea5855149976be8f31ff9edeb07c77909011fb8bd4bd7699da0855358dd39e86e2d6ce123a1405e9a0e7b387421c7937da09304470466e5c987d5e55e755cba4f31fa04a686f1908052f1e0f8d31699269906f614fb59a2c91ecfffaa2f3eceff9b4caf6ba56f779406e3cfeb1369dac0da5604a73687766ca7b4726f437223a215272c7a3cd2bc68087949984c1bcd2df1aa61e313a4f7fbbedb1a9c2b259ce821b3f3f62d545fca5798f0e37d33a386e50021891428cc3aa5a877190ccdbadf2143f7734c23ced92382cd590f01e96605f7738a25cf87816a849b27fb0bbf626e2ce250daae705b6a3d8c63dad9a0a180d9633fb949ba939624de1bda2e9aceea67c1f0dbbced95d18337ce5e6c0a4bb8c1734505ad5420b4be67050c054a22632509d16033d6cdad0cc0b620e1fef4c955b34863c7b4720d1da519414bb4197c31a2c6c4eb35b010087ceb027a5bd7f29580f77293a1a1050b8fe1c763d174e0c6aaf623b68e4ad00de4359026243c1b7516b3d2095bb16f07121ee8982f07d0a8afb74ca61ce090d48f7719712e7d2b75ed9740e3f8e14216c6dd470d7bf1f681a46a3082772ac734cc91057a1bc4dc96ba7023f03606d5f38b94773cc813d9b70daacf95e3f7e90cfb3d2e68b7bf25b84d14d9a5ef672f3f9b3b783317dd1154774a05abe3536b2d8fb7391f1f2c48f20dc4df6b0b8906124b125348b610060725516e874f5723f79e8c3cde0660968f5c28b7df7f40465a52d04b039907e520ef432d6b860648a29a1f632359b8f82d876670d81b3fc858b465cdd074c6159427f07974bc88d63855864b6e2177144e7aa5142affb63826f621963b58f15d53df18536b96c1aaf2f687a9306cd2849983e6dd9d542ed02366c17f889451a8fc98c80420936a2c978b33d67c15dfaad4efa42e326f94c6862304c3d3b05077301c7498e1745bd3231fa9e3d0340508eca6afc3e34b95fac6eeebdfd479a7018c025fdf9b944cea95eeaf0e41fda269ee5e443235f29bbc6b6c4ebf520adce6523279e7860df7d068c7e7574551098773379aeefda7a23e75c9badcc60730d04cf82b292f356311f6f5b84606dfab103780497a3ab1e50fab00ab49f7ad37b49e02984c86a892c313b361e22469af0f68bb1502a4fce09ae3da951b2295c7d5da8e5214f123756d44bc8f3f6e82059f88d3d13a340852ada4443fa4d63d1beee64f4661f1b0d1397fe5549da08701b2c098d4b5a78c4b8001f7f29cf362d0078e7ae42ab45af12ba0d997b37e8d5da75c44fc8fb8a29087d1b0dc8f8a8592015d9ba49f53f28fad3371258f1fabb2f5f8279f184a8279676314d70db54514dbb3d2ca66423e1ba3df0c8f120400851c283fd4692b4cf3540cb4c7473d59ce4b19a5aaea4f2693604bd285bfdddf2642d3e9835de067501ea7460ee4d337579b3bed781d66286ee6fb06cf24f89ae3d79abd2c2b5f361b56ad8b7cf51e1ab9522dd24fdf6e32aaf1fae83f0401b6d2eff1a2dc4e3bfdd7c26e5f2b94fa017af376a2b0c0f608581e1a9b03a43a4edec9d39f5dcd107a2997b8670fd7f58e980cc4da4258899b3c4a4c30811dbb46c39b4b0f0725d142073b9c50205826b86c32a213b6403bbdd4fe1a216b25f6ac5b0d8ef4fbbc35e42349e016a778383492f1df5cce714c3178d8dd57fc3aa101a9e07bf2afdf9f1a3aa6a3651750d8110906c5007afaaf1c3d6c5deabe177a97c9ae5f9ab067ba710e4f1a907c07a655b981b4e03404fc85798adf408b436d0cf4932acdc3ed59e3ed2983509669703e46665f488", @nested={0x1094, 0x4f, [@generic="8303431dba16b590c1335c5e6e693aeaf9c6fe9fa8cb7bf9c20a1455c89bee2b08497b0620475d1f9ff066e3997811ede9d25226b9a624c33de409a45a660f5f388fe3b0191be689836cdd7c577d9bb6b2f1bb20eb88cf2739c109d70bd16a7909ecf8d0e548d1a7e9ad75ae77a78bae2fb61ade34b8dde64152aef0e3254c1c5b7c4fdb7166b3d1c48b8c8af4c8", @generic="2259be119fcefbb5178066f56160a3dd42bc5b096f2899eef2d2d1d0cd277bcf0902fc264a1906043aa8bf802b7d7e9c3d9afa9b61286fa9c4f645087b17a5aaf582933c564c2bbacaf18b253fa85040d15c6b17ffca79d1d5b4babc015d8ff0e423edf5d27dfd981209ab8dfb61533244e8dee60dcf74b93ad98155eef243db3e4170c41e39974aff23254f8eaa423cbb4afbe53b804b2e02d661c93c718b0fbae3d5b5c53ac656a3ad8f3f975504511611ea5c97ad9ac427586a92a79a85d8ec4dbb32ef7e6d77f21d496fa60649f42c9d8ee2a17c30dda39ac0a65cb2160f2bca1ccedb2bfb56095cf89fb8c2f9dd2ed148a21777ba636737a0aa32c564cc93e77be881c63953a6343dc5376cc9a7855c4f9ae2a67194309df16474b94923a99061819109db5e93b5dae2ab8194b583b9f26e835e3a7abeffabc502960441c65ed55f9f1c05bf8a660cf767e5dd5683e5d14f00b48e5f58cb5c02a8c3f2805ec628532bc3e2065fab337e6712782ef8a44debefc320a702495a209b7c71e39e94ef8e90fe924b7f198562cd986fdec038ec773fc6497b3ca82be6caf305da570a4e3b3504d8e3dcf6df15ff0c40d44266bf138a637898efd9b7f5d69a3a6ab70b9a10a9bb7142f80c6b0884351e881c0907d1e77f3fa0d4518bb3a990ff10f2cb45595e9a3e3bf2f8635c9588ba5f8a32ea642bfbcaecbdecf671b0a5accc2f558aefc7dbb49f6c0b9107b992fef3b0430096ce0b4aa630238bba60ed1fbb63a547d76a0ae0339d08a8c2ceeec3361c7a75a95239f289d4422c826e5ab14ad061eeaa4b699f8c28aee3d0111ff28191a2d03b1371e1914c155ad4d422cdffaf41f6701efb69a5dfbfc0bd624ba0353db9d0987bc5b2d4d9307c00a5e2e18130f4ca9704f5c85b50c1c9869e1918af7d993051b600a75741c421007a72426560547543c36a80146dc7cd6a8f1b34d636c3214d06aed5ad9896b2e0738ffc25f7305c919188fc8ba29a66b25629cc7e5296f1a7e01e75ac1b79625afbc7115dca8dcd260a7fca3ec3faa01a5decccbb5aeeb181daa9c9401153c29fcd2097744360e8b09ef2516e994c2b8dc7b4f7c3dd1ab2229c61a0dcf8d69d39a13e6bea406b75f0153b833cc37a9232c0aae24b58f188e8539be884cd5eae0574e5feef00384951d44e90fbe6cde1e4456737e01b1904062206cc06c3c958159676ec85680c8a52024cc487c589da91419dca525bfedcd9178f8f9a43d0233577ac6f4ac59e3a62a157244589b31228823998653b23634ef63e6f865bfb87cc1da25bdf0d53f8cf6ebcc032bd4ebc89e557c8c54b32a475f752cad8e0cac9762d829b929d5f164d10e8b53459cb151af3ebbdf5ca451b4b54b230fed4fcbb012ec80d6b12422482a57269f4c6a0dc2ff26ba5d296b7040dec54fb06e7eee06b0e62c624c5a929e686b28da537f169c2ac0df5dadb03747314178a404750410228011eaece772b5bdd0ea398e964df216fbfc787f4483d5d6f54dc578d4f2d3cc2c0bbd4179e4be68392d6da7d31ba438d2f448821eb9d744c9f3a4de8dc3e928af2336735a508cbe1d7a6391255d012a895699cc968a3595d4cf2f4aa51443b7f61592df8a3d646e4f7c22da2eb92f2243ae28bc43b478d9b94e1f887b6368082338469c629ceafb896ca98353ecc99eb0f23ec81de8f0b414f4d0c47182290acb357780641a3c37161f7aa98a1872cc1cdb7d84c6ef79113c2bc8e64d5ccbbfdd56ceee994dd1f411d0e80c09e83591b47778b044394da834cc9abb9e8a157a234d105270bfac7786c6969cdb5596f864239fde7e7f630955b60253cead1dc51a833ed0b379405fb10a32cdbae02972cf47f7144c01e0b7a53bbbf124bbedae9801d9215c26e47dd39939f522e698a288f7c16c2c820258f4dd2e82e3fd1876425a388e90a9b3c679e0ed4991469054681b51181e7c8a42c81b49e10af8f71511380aa083f59b894e089b66f3d8305e661adb21f808c2ae1cd7c908b51f107d72229e2c40d8d1cdc2b8fc7c5689b7ce8ba13a082ca30f0b5859c8d618e54630fd7948bf80c30925805d7139622aa642e7605b276e31bbb5200fb3b7bbbd7ffd831177d7686d099e93708464277fd4ef5953aa7114ce2d35eb1a3697b476aa0fb762685defd130397437e87fa757187af6bf91c38cb81f21943454933972b86f121d5d75cfd3407184b90b9f05204c5c70f9efd322783e9b82b0e782996b03160396092b36943c37ee4488160ee7bb0468e53b34919cf5b9cd9407b8e329977edefb342bfecafa6d81df309d997017d9559007f8b5d7eaf53f1df5625db16910765308489ac43a6b3d01a9d02efd1fe31199b75f2459dc80c703817069c7946c6a136c4506a6610bcb8a8f9c146957e361cab4bce6182d9bc167978a304fa256e1c2248468a9611c85cbeaee332a1fcf978745ef49b658dde4afa8164da5d2ac587a4fd564d2900b3152e9e270eaefb39babcdcb8be146c2dcb2f8ffc79f7808179ff01d1dffc9a692849d9a848e056b01f62a8646e095452e44fc5a01d061d3a06e3005edb8ff25311edddebbbc3ed54a8fa2145548f48c9d5daf58fbd0d019a34fd87920f46c407c6accf16adf0cb78d7c465d54843c610488f016901451de517947abe44e148c805420d31e8a21fba27ec9a2ab51c450238422ff3ab735326c9460bb6206379bff61eba052872428686d67545a7b8bdf96e902ce9c1cabb7f4eabb037618d7a02a0108a466f27a2d542b7f98d7190f65d8fa1d63893cdf9a3daa49456699de978cbeb128c0d0941a7232da4300e2fc3937cface5e72a4f31079237c9d4d53fa6e680169bee8df448c723ac37ee2770acd2fa6baef1815861e639d80ea45dbf098bd92f5f897f5e03b951981cc01d0b11f06b6ab68fdabf02e45ab5bb4940061592af7e6e84b81349440b95ae37996e2f34f4c6999c2ba9b1e6c2670a815ed797fd11b1d6c8d0b0297d4dc0fd475e3a575aa2f2817814dec419e5da362e94bda0a8fcf8a77da89f488de33cc464037fb8b0d4f76a45d6e934190fe49985ebc359192f23381f8713b62c4c679323a0a1ba5ce6f4851b559d27ce6198ade886b36a141eff11a64711049d201f5c907bc2953421c9fbddfe71491888577e53c17681350997a6d3a106352a35930f1d419f1db572110eea29f11a6d7a8b65173b4e293ae19fdbe3071d50cabef16c13a16606ba77f0705382fa6e5c2378a2ee5f234c37528680084964ca2c9ae6be26d1f9707113536f9f2bd63fc5dde5f0b6213980edeb59add09faa569a2a3a0f71a22dfac53ab5cc0457547bc383e0fa70d7949f721ed737748bef456db49de2fbd821b44af611896640e8d7c96d6aeeed00f4dcebe84d870f8d8fe0ba447c1126c3d9ebf5a5570a77df8c3fb6bdf91a7d5328b0c79eb3b31684ac33c3bb2439e28a6860a6b8882f08ff90b70604b588979fe11e1519d85f54180d1aa414cefd2224f7c7e314258f360815627de4cc03aab4f852e95504d875fffa23b7d23af2d018219a156808d26e18d362c99af1050544ed9e8fa12273860e526977d4ced5e0931ad5024da03be88ebf024b85c26774fb519017b31c5772cda04e99dbbc4fcbedb50c3644b60fbce7d3927475d04d580579763f224c1430334648729010e6e3a25a71408ac140c81fd0a1f8c1f41ee4b149147aebd6a45a08901b9f6fcbcf21f1847789ddbdc8c8dcedc57f35b33240aad1ad8d6a459af8c4449229617a2b0bf822f54846aedd61ce80643b600fb5513ce97c8b6403dbb28b28c04b4c6c30b3eb725db59e285fdec03692f62ac5a598ca126582588f40ffb9190e04c6f20cd6c1e73bc117ab507432ec27007e5aed81efc590b4ebbba337c550a355baa930071a6db927e0cf5aaf6f241323ac7bc0eea3613ac948a0185971df0fbf312e14a5a70f3a7574263dc9133610db1082a75ca3fd2ef4015f567309934c325ad262e3478085b1d1beea55f416b8d6e14a1011327efa05cdfb99a0b31d0dd80774fd9ee7233ef84031264e314da3c2fe05382221db9552e066a447d5709b60ea2e17b04ac7f38c7b5c2a274466fc4f1812aa1e553dbbca005db6122da71a6065e3ea144a2b42c0e0d9e4c6def41a700f52304c457900e0a1e47f7d0c151a9e757f71678f27beb74130082316f6fc542c46ed08588af47c8cd5acdbce159447841db17dba7e5d5b93d1f591d880d27b6fa5ef0ddbaec3240eaeaaddf413966b7c9f71b16bcbcb460be62372c40507515ed526833fdb3547eb93e5df5b92f7ce47d65e4b570417f34167a907ea38d50474c9b5b496b514545dd37a55d63dea359a0da4cc546be0432990855e887c01310e6e8d17db9a79eac6aa24da5017ce9b11e42a3842dc84620e9069b28425e698c91c8a427c85a2d01ac3b734a09ac58881d3e5cb3d06dde3031c5f3306e7bc112341a30301dadfb698c2def7d792f0d80b57de87d35163f080101a9de5c01b9030b33bef8dc05a750d051a180d1776aa90e645e2a6b6c99bb1e2bc9f4dbe0dec82845422a093929a8df58a10c332965c1ffb68de8cc004c23a559e79c99394da0ac66e6c5f680bc7a13edab9e66aba43e58aa1d730d0f719c2ec00795e685f066b31f0ae9ad8573f49d7a8beab944043cd8f8912058d80c3604b72a615ee892293fd7f185dbc96608292576220f83d9bf671a087abc2862bffbe47bd31fd3e6880878f9491f510cbfeccc85abf2bc1cbda3e75a77594c25aaa1159840e634b7b16d2c2cda97d95cd0226e9db8183d527c6edc22141a6fb26f6588cda7ac175d60b393089c85bfadf32599f68c6531a16f38634ea83979ca1658328c30e8069e2222b7910f6dd6731fc29c0cdbae39823053e422302ccb8aaa633434b55b0da74bfc90867ce4c19ba02663a920fd92ee80a9a449eea94101df6a81cde77bf71be7eba19be1c489a152ff067cc10e3f3fabde4daa897a228ec9185f5a9bdf0eab9a625d6f75031b1990e42591c8e78f6c475ec997fd6498f986f520abfb597f86c8aaa87e19cfa0a1da90d2740cbba361d40457b2986bb183a4278243ff30363ad41d58f8c367ef694caaa8c4bc0d858aaf7f238eb506d3b1ca2223f9c5fb68d209100c1a572aadcbdfe8ff0a52706318341651e29c1b160d734ab3ed414568859f18c9258e6560b58fa70be530854f70fd3b00584f5a89f146fc7b827d4d7842875809e10850d72535b9a6d78eadd2b7bc64c53bbed8b3f75c255dc44f3a18c613f9f70bea8b59cd36e6d67f3e61b396c48a584456e9c2f2cd651993179bbfa4239bd9d4679ca5ab8d0c59ff46178978d165d41ed1f80491a353a9e5d8c2c7434bdf9d46868e21735e1bb9df2c134ab7bafec188dae19dd638bcad196da9c558948ca1f3a0378e41d8df962cde25bf40867f38914b1a1cc34633786e0d4508430d3aeb1ca918282b9692d321aaaad475937f3bcb05d2d88b970db13daa42feec3dce8a0c3c3a79c84e45ad0eb30900a5aa02a12c732f37e3cf961360683b038c580b08d7bd66821e3798c1d5fcc51f28ecb92043e2b7c81fb07422df04046cd77876344a77a06649dd138126743a6935e56fb2813a557582c74a51e7bdc2648325e890a0d397358319cbc315dd8d8d9434f01c0c265a3dc932bfb47e2b55bf14495793f5ca1597b618665ba5f8493c2fdd87ea820de167bb03c0998ae84cb5ab9b88f6e48ba76b23533f6084941244f8962f01ce725219ccd7934f6f3a3aba96b34b84"]}, @typed={0x8, 0x49, @uid=r2}]}, 0x20b0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r3 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff8)
r4 = add_key$user(&(0x7f0000002800)='user\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)="49edcc622990155308fcfa4f443b0c3f3710ca7e80f4097dd1689eed21551db965d5f4f5d18edd0d3d73f2fc", 0x2c, 0xfffffffffffffffb)
keyctl$instantiate_iov(0x14, r3, &(0x7f00000003c0)=[{&(0x7f00000000c0)="1def198657540f1cbd7ea757b1bbaadf24bbbbbf5b6b0d3192fed43a0c7828624f387da9ff708d02a196848f62b507de81eaf3051253d5247ab7c8166779cdf8d9d5f6793eece7f09a7d339851f611b01ae0ef6b9f4538493007e655cb4d27eae55083daf769bb5434b80e504b3e98ddc8103a1b85673cfbb6154635816f2822b18f8073810e4ba10f35bdf8566979e56d8933fdc17fa1148c27", 0x9a}, {&(0x7f0000000180)="683174112fa9e60d6c09fb98c72f567560643b0de12986781b348204422eb282e2e0acf923dd9ecb8ab1dbc304c3f02e52b1c3ca845837b3ed0d928cb12aed98a7c859f4937ecdb731da887bb9fb8259647b16c235c5efd4", 0x58}, {&(0x7f0000000200)="52ebe06aed0dabb4a3b04cf1295c5e9ac3c4ba57187e0c81f16ff0d7e2006812dd4a70bcb0022e2be9fd93595d87213f282305fdcd4932e9c4dd0f43340fa71a4ef6a9936273d223332ff4f96c3df844e0b44a23704b51f84d017132c10f8c6f250a78d46a74e4403f8fe9d0fe0ea411f643737be11a", 0x76}, {&(0x7f0000000280)="4321e590b7c33f70656ed8d52ebb88fef7a171c2769098cb6869803cf42efdcf", 0x20}, {&(0x7f00000002c0)="cacd9e210f835af11d3901e8067002de8f51441cafb332cb65ad775e147dbc315aff11bee34ec3f2d1b6e5e3d8f93d52fe99c902fb457a521604265a3f712848b6f84ce2e059c38362253d89ce3ad42873c631b251857dbb74c325272323f992ed224b505392d4a402abcbcb71efcfc8fc6087a76fb2cccc458c07611924b4d0d8111701c1ccc5d8b27ed3a68f2e48697d451e289ad31230e622616aff18ce655b28e19f64f4f578abf21aa63567fd352b54884d744f88e0a1b64d38e8bab61699d60aaa34a321", 0xc7}], 0x5, r4)
r5 = creat(&(0x7f0000000500)='./file0\x00', 0x10)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000540)={'ip6gretap0\x00', 0x5})
keyctl$reject(0x13, r4, 0x3, 0xfff, r3)

[  696.392713] *** Guest State ***
[  696.396143] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  696.405343] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  696.414464] CR3 = 0x0000000000000000
[  696.418244] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  696.424492] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  696.430572] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  696.437594] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.445819] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.454081] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  696.462291] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.470354] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.478689] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.486948] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  696.495215] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.503429] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  696.511493] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  696.519754] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  696.526372] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  696.534111] Interruptibility = 00000000  ActivityState = 00000000
[  696.540410] *** Host State ***
[  696.543919] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3e7f378
[  696.550001] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  696.556702] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  696.564721] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  696.570690] CR0=0000000080050033 CR3=00000000a280c000 CR4=00000000001426e0
[  696.577924] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  696.584799] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  696.590918] *** Control State ***
[  696.594573] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  696.601313] EntryControls=0000d1ff ExitControls=002fefff
[  696.606986] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  696.614109] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  696.620845] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  696.627664]         reason=80000021 qualification=0000000000000000
[  696.634181] IDTVectoring: info=00000000 errcode=00000000
[  696.639691] TSC Offset = 0xfffffe853b27d66c
[  696.644213] EPT pointer = 0x00000000af0f601e
[  696.693251] *** Guest State ***
[  696.696784] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  696.705933] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  696.715038] CR3 = 0x0000000000000000
[  696.718816] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  696.725020] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  696.731766] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  696.738750] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  696.746989] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  696.755177] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  696.763409] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  696.771493] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  696.779709] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  696.787905] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  696.796164] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  696.804344] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  696.812599] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  696.820681] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  696.827312] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  696.835044] Interruptibility = 00000000  ActivityState = 00000000
[  696.841342] *** Host State ***
[  696.844808] RIP = 0xffffffff812cf768  RSP = 0xffff8880a320f378
[  696.850875] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  696.857625] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  696.865663] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  696.871639] CR0=0000000080050033 CR3=00000000af028000 CR4=00000000001426e0
[  696.878980] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  696.885897] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  696.892191] *** Control State ***
[  696.895728] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  696.902683] EntryControls=0000d1ff ExitControls=002fefff
[  696.908221] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  696.915434] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  696.922292] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  696.928945]         reason=80000021 qualification=0000000000000000
[  696.935556] IDTVectoring: info=00000000 errcode=00000000
[  696.941078] TSC Offset = 0xfffffe850f3d0bc0
[  696.945688] TPR Threshold = 0x00
[  696.949115] EPT pointer = 0x00000000a338901e
06:45:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x0, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:39 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000780)=[@text16={0x10, &(0x7f0000000740)="b8e3000f00d83ef30f11bb2ce80f01cf66b9bd0200000f320f320fc76b6d260f2391650f01b8ec0066b9800000c00f326635010000000f3036f20f01df", 0x3d}], 0x1, 0x0, &(0x7f00000007c0), 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
recvmmsg(0xffffffffffffffff, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)=""/65, 0x41}], 0x1, &(0x7f0000000a00)=""/181, 0xb5}}], 0x1, 0x0, &(0x7f0000000040))
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000ac0)={"55c990aa4964e82a3ec457f4c7d69681319b32c4fe546fdaa52a7f1ee7a27d5f71fb895c4bf21bf0301d2a160f646d230ecc224077896302fd1e64ad393ef24145492c44f164e53100dc89f52d25895dcd4320f649fc784145767a5224088c492511d0a5d7bb0c0176706c238dfeee9caae8811ba9d2ec92a4a340c091647ae36123d290d72c375af37957c01aa945bdb6a7a6870069350c7c2ac6b9c032e80d8150743be19fbaf9447badcc1908d174e06fd466e64e24e3c892ee52a4b31338ad67030baeffa5bfa701c1e7bfbd8fd016d87018d05ab11f9e813877bd9cdf0884cbaabe09190f95550884f8a1e6510f6bbe96f86859597bf89741aea068e55b938ebee9d9bff58478513c4b72edbf79f75431b54743ab05d3980b30b2127cf13bf94beba0828a4bb1848bc1f862fac00698e4bd2f4bde3bb35107056c4147c0ed8d7d588ba03c37b82ea384d1db706a8b46ee351812ad747d1045540a48b542996812548270c5af5d27ff72920bebd8371348c7f55a953e236ac13fe737a81bd9b61e30a5e9c526cf61862f5a0a90963c73febe3b66ab29f17b6da74b7647bcc4e527356d57fa1fe3f3dffab39df7b353eda6b839decb4484939f4fc0c84bda1c964941ccf4db1ca0d2c152fd356ac66441c8b68755d533b416d9f7999678227c7a69db08e997252dd6a38fc458d93fac9f1f14f49b7ca4a0b0c8b538d2f30c34503a0975506ae9004b3e5c3d2469cf4e03d9b79dc1499647b5b680a02bdc56c18782c48120dee663918288f068c49d85355d114cfe0c5d1405cf5e37b181f296fa7dc9af116fbe220121fe139739226eefce468f27f5d21ab51ef0e26134c5341cf13799003ceb38d4050c2ba1c9e6decc2d11a8f14a6adadd45e615106b5dd4c07093ba114ac55b4e80d1a3545ab6e8fbf796b908ecc244340fc06e4d4bd6e069b7f0232198ab067a709bcdd4d41500e5dc7032e5993f965d4603033fe61cc523937d7345df42b4f1b62c4daf64f6c29eb2f214b88680bfe19252b67719ccea37d19fe3bfb0c8ad0bd6f4a1df532ec9220269453df5144ff48f63c2ad655b8f20db01b3af95c11f4e7de2bd0a47d47b08b620589a33327bef9ee310505c1736510e88b74281f098099c753d30fcf32f31a0521e32407d689b093f24d07049682ff4662b5b94616699fd704589c0edb02cf3e622088c685564b0c166f9f3cdb12dd8a70684ac6e24570191dda2db2b1965d2397a45060f834405b81fa79204e029b7cd93333dfbef669f3e480fd071f5b87e9fdf984dfe176353ed12ea15484366548336f540a5f1e8b9e19bdeb8d71dce9ecf03d09515bc4bcf7be382176e7e12395ee0f795f76695d0d90eee181d300deb89d7098403ac76309e63f6ca3eade1ce57dcd9de56e24610ed5c470d5540e9f50d068ee8a1431bb3216ae99b18"})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in=@local}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000080)=0xe8)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, &(0x7f0000000280), 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x101080, 0x0)
openat$cgroup_type(r1, &(0x7f0000000180)='cgroup.type\x00', 0x2, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r2 = semget$private(0x0, 0x0, 0x40)
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000300)=""/77)

[  697.248447] *** Guest State ***
[  697.252183] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  697.261106] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  697.270303] CR3 = 0x0000000000000000
[  697.274245] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  697.280288] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  697.287266] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  697.294207] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  697.302474] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  697.310541] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  697.319413] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  697.327745] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  697.336014] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  697.344194] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  697.352680] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  697.360732] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  697.369042] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  697.377234] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  697.383964] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  697.391486] Interruptibility = 00000000  ActivityState = 00000000
06:45:39 executing program 4:
r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000000c0))
fremovexattr(r0, &(0x7f0000000040)=@known='trusted.overlay.metacopy\x00')
lgetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@random={'btrfs.', '/dev/media#\x00'}, &(0x7f0000000340)=""/52, 0x34)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/150, 0x96}, {&(0x7f00000001c0)=""/242, 0xf2}], 0x2)

[  697.398012] *** Host State ***
[  697.401280] RIP = 0xffffffff812cf768  RSP = 0xffff8880a476f378
[  697.407550] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  697.414186] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  697.422343] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  697.428326] CR0=0000000080050033 CR3=00000000af0c0000 CR4=00000000001426e0
[  697.435725] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  697.442586] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x0, 0x80000001, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  697.448706] *** Control State ***
[  697.452351] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  697.459109] EntryControls=0000d1ff ExitControls=002fefff
[  697.464762] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  697.471753] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  697.478631] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  697.485415]         reason=80000021 qualification=0000000000000000
[  697.491793] IDTVectoring: info=00000000 errcode=00000000
[  697.497497] TSC Offset = 0xfffffe84c39f400d
[  697.502039] TPR Threshold = 0x00
[  697.505461] EPT pointer = 0x00000000a3d6801e
06:45:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000000)={'veth1_to_bridge\x00', {0x2, 0x4e21, @loopback}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:40 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8100, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000240)="6d656d6f72792c7374617400a322c93ec2fc58c762cc5d5070e0ca7925a314f037b17b594e07b5b438198a7884f803edf5700925a707da5b130a482e1d1a1255f23ce4f9be377ce7b07d2d56ede3263ff96957f018a7b17a7d55b65468da466473acab095114c1f0073efab932a2d4559ec93ac1d8d6ca5a435ce69fc76e038d54a5dbf8b6959583a7ce11f70092b5223841b17aec65329c1926634b8db5acdfb8cd738b190050895f2fe9c1a3e85b4fe22c537f13c3dc23ed7d00bb66390119fedb383c60bcfe866a4bdc2a01da3fb68ffa4de298f2d2a534fc9282f45a7c56416298847d6bc17786", 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f00000000c0)={<r2=>0x0, 0x6}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x9e6}, 0x8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000012c0)={&(0x7f0000000080), 0xc, &(0x7f0000000000)={&(0x7f0000000900)=@newlink={0x38, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_ENCAP_FLAGS={0x8, 0xf}]]}}}]}, 0xffd8}}, 0x0)

06:45:40 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001380))
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="480000001400197f0900490101048c590188ff3f6761ab2a40e10520613057fff7e07906defeff0000e5ed5a00000000c855000000000000ac000000000000000000000000000000", 0x48}], 0x1)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x84800)
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f0000000100)={0x1, 0x2, 0x1})

[  698.121484] *** Guest State ***
[  698.125184] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  698.134348] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  698.143405] CR3 = 0x0000000000000000
[  698.147177] RSP = 0x0000000000000f80  RIP = 0x0000000000000008
[  698.153377] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  698.159454] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:45:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x0, [], 0x800}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  698.166553] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.174769] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.183015] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  698.191075] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.199336] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.207563] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.215971] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  698.224156] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.232404] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  698.240472] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.248737] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  698.255342] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  698.263064] Interruptibility = 00000000  ActivityState = 00000000
[  698.269369] *** Host State ***
[  698.272834] RIP = 0xffffffff812cf768  RSP = 0xffff8880a324f378
[  698.278901] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  698.285571] FSBase=00007fb09ed1a700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  698.293579] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  698.299557] CR0=0000000080050033 CR3=00000000a76e9000 CR4=00000000001426e0
[  698.306875] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  698.313744] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  698.320379] *** Control State ***
[  698.324124] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  698.330858] EntryControls=0000d1ff ExitControls=002fefff
[  698.336601] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  698.343755] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  698.350509] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001
[  698.357347]         reason=80000021 qualification=0000000000000000
[  698.363859] IDTVectoring: info=00000000 errcode=00000000
[  698.369368] TSC Offset = 0xfffffe84508c8d46
[  698.373954] EPT pointer = 0x00000000a28bd01e
[  698.384498] netlink: 'syz-executor2': attribute type 15 has an invalid length.
06:45:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  698.469063] netlink: 'syz-executor2': attribute type 15 has an invalid length.
06:45:40 executing program 4:
socketpair$unix(0x1, 0x400000001, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x10000, 0x80000)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000240)={0xffffffff, 0xffffffff, 0xc3b7045f712073cf, {0x8, @raw_data="92bfa16b03b83f050dfdd51a824b6f106c9979c9916df825251cd50b23ea9243d2ecfa07bfff160cdf549bcecd2673164888e5cbd517d71745ec101864244faa117ccc68b96b9b80ba1adb866bdaa792738111b7b7835db7227b97e321eb77ccebe2a94125c913a176190fc0502283b675e71efd3ae3cbf0eb7e28bddf5bad34a4a24e88933e08dc418fa3b4c97a6effe5cd41f8623aa6c042931da9e970533e3383942783b69de4f234ba5d135da671343a68a2484868cee7c69155ea9b3e29599f00974df2c2b8"}})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$EXT4_IOC_MIGRATE(r2, 0x6609)
ioctl$BLKFRASET(r2, 0x1264, &(0x7f0000000100)=0x1)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x1, 0x7, 0x0, "972837ba04710f60c4b5bd3e9ec848b104afbfadd858f18e3beb59cb1f50b3ad", 0x5933317d})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
seccomp(0x1, 0x0, &(0x7f0000001980)={0x1, &(0x7f0000000580)=[{0x6}]})
set_tid_address(&(0x7f00000000c0))
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000040)={'tunl0\x00', @random="a45820db989a"})

06:45:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000240)='trusted.overlay.nlink\x00', &(0x7f0000000280)={'L-', 0x96}, 0x28, 0x3)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0xc0000102, 0x0, 0x11, 0x101]})
recvfrom$unix(r0, &(0x7f0000000080)=""/94, 0x5e, 0x2, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x100, 0x400100)

[  698.928729] *** Guest State ***
[  698.932505] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  698.941431] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  698.950578] CR3 = 0x0000000000000000
[  698.954603] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  698.960668] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  698.963226] *** Guest State ***
[  698.966885] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  698.966939] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.970236] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  698.977161] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.985252] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  698.994243] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  698.994287] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  698.994354] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.002485] CR3 = 0x0000000000000000
[  699.011365] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.019509] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  699.027671] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  699.035822] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  699.039562] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.047720] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  699.053862] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  699.061870] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.067995] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.076010] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.082841] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  699.090848] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  699.098996] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  699.107146] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.115284] Interruptibility = 00000000  ActivityState = 00000000
[  699.121724] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.129862] *** Host State ***
[  699.137520] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.145655] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2b9f378
[  699.152074] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  699.160072] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  699.163439] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  699.171445] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  699.177600] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  699.185751] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  699.192528] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  699.200528] CR0=0000000080050033 CR3=00000000a195a000 CR4=00000000001426e0
[  699.208546] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  699.216692] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  699.222752] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  699.230745] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  699.237941] Interruptibility = 00000000  ActivityState = 00000000
[  699.244501] *** Control State ***
[  699.251192] *** Host State ***
[  699.258850] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  699.258887] EntryControls=0000d1ff ExitControls=002fefff
[  699.265130] RIP = 0xffffffff812cf768  RSP = 0xffff8880a33ef378
[  699.271392] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  699.275027] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  699.278224] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  699.285087] FSBase=00007fb09ecb7700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  699.290557] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  699.296717] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  699.303821]         reason=80000021 qualification=0000000000000000
[  699.310253] CR0=0000000080050033 CR3=00000000a76e9000 CR4=00000000001426f0
[  699.317097] IDTVectoring: info=00000000 errcode=00000000
[  699.325100] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  699.331674] TSC Offset = 0xfffffe83e4b5e8fd
[  699.331709] EPT pointer = 0x00000000a18d701e
[  699.337793] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  699.378898] *** Control State ***
[  699.382574] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  699.389308] EntryControls=0000d1ff ExitControls=002fefff
[  699.395024] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  699.402195] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  699.408923] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  699.415733]         reason=80000021 qualification=0000000000000000
[  699.422264] IDTVectoring: info=00000000 errcode=00000000
[  699.427814] TSC Offset = 0xfffffe84508c1868
[  699.432341] EPT pointer = 0x00000000a28bd01e
06:45:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x8, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  699.475707] kauditd_printk_skb: 3 callbacks suppressed
[  699.475748] audit: type=1326 audit(1542523541.525:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16899 comm="syz-executor4" exe="/root/syz-executor4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0
[  699.729250] *** Guest State ***
[  699.732996] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  699.742157] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  699.751062] CR3 = 0x0000000000000000
[  699.755022] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  699.761071] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  699.768051] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  699.775029] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  699.783278] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  699.791337] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  699.799575] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  699.807836] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  699.816121] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  699.824335] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  699.832651] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  699.840707] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  699.848954] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  699.857174] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  699.863828] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  699.871350] Interruptibility = 00000000  ActivityState = 00000000
[  699.877819] *** Host State ***
[  699.881086] RIP = 0xffffffff812cf768  RSP = 0xffff8880a476f378
[  699.887330] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  699.894207] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  699.902325] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  699.908288] CR0=0000000080050033 CR3=00000000a3e90000 CR4=00000000001426f0
[  699.915664] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  699.922654] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  699.928770] *** Control State ***
[  699.932538] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  699.939266] EntryControls=0000d1ff ExitControls=002fefff
[  699.945044] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  699.952202] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  699.958942] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  699.965871]         reason=80000021 qualification=0000000000000000
[  699.972437] IDTVectoring: info=00000000 errcode=00000000
[  699.977947] TSC Offset = 0xfffffe836f787f91
[  699.982561] TPR Threshold = 0x00
[  699.986001] EPT pointer = 0x00000000a46dc01e
06:45:42 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={<r3=>0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000140)='net/netlink\x00', 0xffffffffffffffff}, 0x30)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400)='/dev/video0\x00', 0x2, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000200)={[], 0x7f, 0x669, 0x0, 0x7, 0x2, r3})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000034000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000000)="26260f18c90fc76c000f01c9660f185aefbaf80c66b8595ee08766efbafc0cec0f35660fd466eb360f2193f265d9fc67360fd47e00", 0x35}], 0x153, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00')
ioctl$VIDIOC_ENUMAUDOUT(r6, 0xc0345642, &(0x7f00000000c0)={0x6, "f7617f5847f73aede2c3c15631ee8b5d2b82fa62643d3e435f2fdb7c49e2e3d2", 0x1, 0x1})

06:45:42 executing program 4:
r0 = memfd_create(&(0x7f0000000500)="23650831232b00678bd244a40ecd9f3d63a13aa091859a65f5268d64ead77105f6f16234615ddfda386ee573d5e709e6ff7bdd3b77a789dc7dc1497f836231e1d9a3eccc73c0f5bc1ed031c2d251401a1659c9d11066c277f3e1ebd30af6a119110bf53fb1f69e43c97b323ee3634391f87e654f961d50", 0xffffffffffffffff)
write(r0, &(0x7f0000000900)="24ac068c1e6251fdb7ddcde0d6421407fa0bb3680f3841ee3ff7ccb6611a475f1049dfd714794cc6b5fc2f57a902f786e77b3e8a809ab524c32cf836e7e954133ae5bf5dcab13d00df3110c5c37a892fbada756f2111950bf3720c6c764c24d4aeccace06bc0a09551bceaffcc6ed0dee73b7288f361c1544593428f58307fce02a07ac35b98a1a98f6784153a3c17b994ca4323c2c7f28152be2233652c756f96f61af58a1d515e2db00766ca9abc1a89e2ac2fa1fc23b5293306c1a7ae81c48904781ca83bd20132c0b35468f4687097f4e0eb27bab0f6a3960d4466083ea8580934efb3607639d16feb88e477398474cca221185e56203a957451ddf1cba3e72a8a2f0851ef8fd4dfe342934996311c0018775bbf37d6189f4f1720776bf81736165ac32b9875ee5f2ee3e9006baa663dff0072af9e398024ff9a26f00edef0f66c3182cc6a3683f3106df11e5df289db5c3b8d9dc937faf346ff705185a929b2104c4c22528826b1b9836cdbfbd3d2b16fc91df5220936c262732e229a6ca190af41f408126831c6056e", 0x18c)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000100)={0x4c, r1, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x200}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={<r2=>0x0, @in6={{0xa, 0x4e24, 0x10001, @ipv4={[], [], @loopback}, 0x3}}, 0xfffffffffffeffff, 0x4, 0x40, 0x9, 0x41}, &(0x7f00000000c0)=0x98)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000280)={r2, 0xffff, 0x30}, 0xc)
setitimer(0x0, &(0x7f0000000180)={{}, {0x77359400}}, &(0x7f0000000000))

06:45:42 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r4)
r5 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r5, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, 0xfffffffffffffffe)

06:45:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x0, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  700.547936] *** Guest State ***
[  700.551321] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  700.560636] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  700.569753] CR3 = 0x0000000000000000
[  700.573750] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  700.579792] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  700.586839] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  700.593845] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  700.602152] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  700.610210] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  700.618514] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  700.626788] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  700.635179] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  700.643420] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  700.651479] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  700.659841] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  700.668095] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  700.676376] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  700.683025] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  700.690552] Interruptibility = 00000000  ActivityState = 00000000
[  700.697107] *** Host State ***
[  700.700385] RIP = 0xffffffff812cf768  RSP = 0xffff8880a324f378
[  700.706721] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  700.713364] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  700.721241] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  700.727458] CR0=0000000080050033 CR3=00000000a69eb000 CR4=00000000001426f0
[  700.734721] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  700.741460] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  700.747814] *** Control State ***
[  700.751346] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  700.758466] EntryControls=0000d1ff ExitControls=002fefff
[  700.764142] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  700.771140] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  700.778158] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  700.784957]         reason=80000021 qualification=0000000000000000
[  700.791342] IDTVectoring: info=00000000 errcode=00000000
06:45:42 executing program 4:
r0 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x7, 0x0)
ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000140)={0x7, 0x7})
getsockopt$inet6_opts(r0, 0x29, 0x3f, &(0x7f0000000440)=""/78, &(0x7f00000004c0)=0x4e)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000000180)=0xe8)
r2 = getegid()
fchown(r0, r1, r2)
socket(0x10, 0x80803, 0x0)
write(r0, &(0x7f0000000300)="240000001a0025f00485bc04fef3001d0a01fc608d6c0000800828000800050001800000", 0x10)
r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8, 0x100)
ioctl$DRM_IOCTL_VERSION(r3, 0xc0406400, &(0x7f00000000c0)={0xfffffffffffffffd, 0x3, 0x1, 0x19, &(0x7f0000000040)=""/25, 0x13, &(0x7f0000000080)=""/19, 0xcd, &(0x7f00000001c0)=""/205})
memfd_create(&(0x7f00000002c0)='/dev/audio#\x00', 0x4)

[  700.797107] TSC Offset = 0xfffffe83001e43ea
[  700.801491] TPR Threshold = 0x00
[  700.805168] EPT pointer = 0x00000000b095101e
06:45:42 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r4)
r5 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r5, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, 0xfffffffffffffffe)

06:45:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x7, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x10200, 0x0, 0x200, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$l2tp(r2, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x3, 0x0, {0xa, 0x4e22, 0x7, @mcast1, 0x2}}}, 0x32)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})

06:45:43 executing program 4:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x6)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffffffff7fff}, 0xf5)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r2 = accept(r0, 0x0, &(0x7f0000000080)=0xb)
r3 = dup3(r2, r2, 0x0)
close(r2)
close(r1)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r3, 0x5386, &(0x7f0000000100))

[  701.418322] *** Guest State ***
[  701.422101] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  701.431024] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  701.440138] CR3 = 0x0000000000000000
[  701.444030] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  701.450173] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  701.457114] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  701.463995] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  701.472232] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  701.480299] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  701.488512] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  701.496726] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  701.504920] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  701.513203] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  701.521270] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  701.529465] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  701.537696] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  701.545886] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  701.552528] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  701.560050] Interruptibility = 00000000  ActivityState = 00000000
[  701.566485] *** Host State ***
[  701.569761] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3e7f378
[  701.576004] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  701.582608] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  701.590491] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  701.596673] CR0=0000000080050033 CR3=00000000a7411000 CR4=00000000001426e0
[  701.603964] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  701.610713] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  701.617051] *** Control State ***
[  701.620576] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  701.627541] EntryControls=0000d1ff ExitControls=002fefff
[  701.633214] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  701.640211] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  701.647147] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  701.653923]         reason=80000021 qualification=0000000000000000
[  701.660312] IDTVectoring: info=00000000 errcode=00000000
06:45:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  701.666052] TSC Offset = 0xfffffe828a4b11f4
[  701.670442] TPR Threshold = 0x00
[  701.674070] EPT pointer = 0x00000000a33ae01e
[  701.718125] *** Guest State ***
[  701.721661] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  701.730878] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  701.740283] CR3 = 0x0000000000000000
[  701.744265] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  701.750308] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  701.756550] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  701.763499] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.771564] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.779861] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  701.788054] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.796327] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.804527] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.812787] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  701.820864] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.829130] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  701.837322] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  701.845591] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  701.852201] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  701.859835] Interruptibility = 00000000  ActivityState = 00000000
06:45:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r2, 0x50, &(0x7f00000000c0)}, 0x10)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_HYPERV_EVENTFD(r3, 0x4018aebd, &(0x7f00000001c0)={0x3, r2, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  701.866309] *** Host State ***
[  701.869572] RIP = 0xffffffff812cf768  RSP = 0xffff8880a331f378
[  701.875842] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  701.882494] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  701.890363] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  701.896531] CR0=0000000080050033 CR3=00000000a18f2000 CR4=00000000001426e0
[  701.903758] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  701.910512] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  701.916892] *** Control State ***
[  701.920426] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  701.927346] EntryControls=0000d1ff ExitControls=002fefff
[  701.933014] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  701.940021] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  701.946986] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  701.953801]         reason=80000021 qualification=0000000000000000
[  701.960193] IDTVectoring: info=00000000 errcode=00000000
06:45:44 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r4)
r5 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r5, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, 0xfffffffffffffffe)

[  701.965924] TSC Offset = 0xfffffe8261f6b861
[  701.970331] EPT pointer = 0x00000000b3e5e01e
[  702.223039] *** Guest State ***
[  702.226758] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  702.236117] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  702.245282] CR3 = 0x0000000000000000
[  702.249071] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  702.255297] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  702.262282] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  702.269027] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  702.277286] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  702.285482] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  702.293758] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  702.301830] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  702.310165] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  702.318731] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  702.327070] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  702.335288] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  702.343693] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  702.351739] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  702.358464] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  702.366191] Interruptibility = 00000000  ActivityState = 00000000
[  702.372765] *** Host State ***
[  702.376029] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3e7f378
[  702.382288] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  702.388763] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  702.396818] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  702.402998] CR0=0000000080050033 CR3=00000000a32c7000 CR4=00000000001426f0
[  702.410090] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  702.417053] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  702.423428] *** Control State ***
[  702.426953] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  702.433918] EntryControls=0000d1ff ExitControls=002fefff
[  702.439440] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  702.446679] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  702.453566] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  702.460216]         reason=80000021 qualification=0000000000000000
[  702.466898] IDTVectoring: info=00000000 errcode=00000000
06:45:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0)
write$FUSE_INTERRUPT(r4, &(0x7f00000000c0)={0x10, 0x0, 0x2}, 0x10)

06:45:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x0, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  702.472554] TSC Offset = 0xfffffe821a7e44f2
[  702.476943] TPR Threshold = 0x00
[  702.480369] EPT pointer = 0x00000000a333701e
06:45:44 executing program 4:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
ioctl$BLKGETSIZE64(r0, 0x125e, &(0x7f0000001400))
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

[  702.785329] *** Guest State ***
[  702.788955] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  702.798066] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  702.807065] CR3 = 0x0000000000000000
[  702.810828] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  702.816998] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  702.823140] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  702.829972] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.838185] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.846358] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  702.854630] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.862920] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.870966] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.879266] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  702.887451] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.895707] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  702.903881] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  702.912094] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  702.918561] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  702.926259] Interruptibility = 00000000  ActivityState = 00000000
[  702.932652] *** Host State ***
[  702.935909] RIP = 0xffffffff812cf768  RSP = 0xffff8880a19bf378
[  702.942151] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  702.948643] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  702.956700] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  702.962779] CR0=0000000080050033 CR3=00000000a199a000 CR4=00000000001426e0
[  702.969861] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  702.976815] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  702.983137] *** Control State ***
[  702.986666] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  702.993676] EntryControls=0000d1ff ExitControls=002fefff
[  702.999189] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  703.006333] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  703.013209] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  703.019857]         reason=80000021 qualification=0000000000000000
[  703.026444] IDTVectoring: info=00000000 errcode=00000000
[  703.032044] TSC Offset = 0xfffffe81d53b85bc
06:45:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:45 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r4)
r5 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r5, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, 0xfffffffffffffffe)

[  703.036423] EPT pointer = 0x00000000a33bb01e
06:45:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x0, 0x4, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x2000000000400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  703.624334] *** Guest State ***
[  703.627991] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  703.637406] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  703.646503] CR3 = 0x0000000000000000
[  703.650291] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  703.656595] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  703.663605] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:45:45 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0})
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x3, &(0x7f0000000080))
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fchown(r3, 0x0, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote, r1}, 0x14)

[  703.670379] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  703.678709] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  703.686981] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  703.695303] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  703.703597] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  703.711706] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  703.720051] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  703.728381] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  703.736694] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  703.744971] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  703.753283] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  703.759773] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  703.767580] Interruptibility = 00000000  ActivityState = 00000000
[  703.774045] *** Host State ***
[  703.777314] RIP = 0xffffffff812cf768  RSP = 0xffff8880a33ff378
[  703.783670] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  703.790166] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  703.798224] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  703.804400] CR0=0000000080050033 CR3=00000000a1c20000 CR4=00000000001426f0
[  703.811524] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  703.818565] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  703.824924] *** Control State ***
[  703.828456] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  703.835514] EntryControls=0000d1ff ExitControls=002fefff
[  703.841052] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  703.848302] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  703.855210] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  703.862195]         reason=80000021 qualification=0000000000000000
[  703.868591] IDTVectoring: info=00000000 errcode=00000000
[  703.874368] TSC Offset = 0xfffffe815aa4b3e7
[  703.878761] TPR Threshold = 0x00
[  703.882438] EPT pointer = 0x00000000a764801e
06:45:46 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  704.102770] *** Guest State ***
[  704.106295] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  704.115495] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  704.124590] CR3 = 0x0000000000000000
[  704.128383] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  704.134733] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  704.141478] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  704.148632] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  704.156876] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  704.165259] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  704.173535] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  704.181596] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  704.189918] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  704.198182] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  704.206513] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  704.214787] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  704.223124] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  704.231175] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  704.237942] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  704.245658] Interruptibility = 00000000  ActivityState = 00000000
[  704.252174] *** Host State ***
[  704.255452] RIP = 0xffffffff812cf768  RSP = 0xffff8880b3f8f378
[  704.261514] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  704.268246] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  704.276284] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  704.282497] CR0=0000000080050033 CR3=00000000a2c57000 CR4=00000000001426f0
[  704.289645] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  704.296694] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0x0, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  704.302981] *** Control State ***
[  704.306515] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  704.313502] EntryControls=0000d1ff ExitControls=002fefff
[  704.319396] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  704.326692] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  704.333656] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  704.340336]         reason=80000021 qualification=0000000000000000
[  704.346989] IDTVectoring: info=00000000 errcode=00000000
06:45:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r4 = semget(0x0, 0x7, 0x4)
semctl$SETALL(r4, 0x0, 0x11, &(0x7f0000000000)=[0x0, 0x80, 0x0, 0x9, 0xf70, 0x6])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x400000, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r5, 0x5381)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x10001}, {0x0, 0x0, 0x0, 0x3}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  704.352679] TSC Offset = 0xfffffe8117636c3e
[  704.357056] TPR Threshold = 0x00
[  704.360481] EPT pointer = 0x00000000a346d01e
06:45:46 executing program 4:
r0 = syz_open_dev$sndtimer(&(0x7f0000000300)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000340)={0x2, 0x0, 0x0, 0xfffffffffffffffd})
r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r1, &(0x7f0000000040)="f76017650d1bbafec0ba1f11a08affc74a5d16480ad22da6efe292d2f8c88a9dd336d6d6d7448fae2b64412188eecd34f8efd99e6a063597fd2a6207b683882f533073ed3f8b2b3aac12ff5d5a7276c7f24fe37ecd0ddf446837290c5cf4ad32e26d7d64276f17c9f89f8f", &(0x7f00000000c0)=""/88}, 0x18)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

06:45:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x7, 0x0, [], 0x2e9}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:46 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  705.020471] *** Guest State ***
[  705.024258] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  705.033480] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  705.042630] CR3 = 0x0000000000000000
[  705.046433] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  705.052718] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  705.058773] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  705.059154] *** Guest State ***
[  705.066006] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.069157] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  705.077315] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.077361] SS:   sel=0x0000, attr=0x00091, limit=0x00000000, base=0x0000000000000000
[  705.077402] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.077445] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.077486] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.077518] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  705.077561] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.077596] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  705.077668] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  705.086706] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  705.094875] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  705.103077] CR3 = 0x0000000000000000
[  705.111062] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  705.111089] Interruptibility = 00000000  ActivityState = 00000000
[  705.111105] *** Host State ***
[  705.111133] RIP = 0xffffffff812cf768  RSP = 0xffff8880a325f378
[  705.111178] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  705.111223] FSBase=00007fb09ecf9700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  705.119393] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  705.119437] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  705.127621] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  705.135787] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  705.143977] CR0=0000000080050033 CR3=00000000a3f97000 CR4=00000000001426f0
[  705.144021] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  705.152255] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  705.160194] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  705.169242] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.176118] *** Control State ***
[  705.179567] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.187420] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  705.187458] EntryControls=0000d1ff ExitControls=002fefff
[  705.193906] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.197116] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  705.203289] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.209713] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  705.217725] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.223871] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  705.230564] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  705.236654]         reason=80000021 qualification=0000000000000000
[  705.243509] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  705.243551] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  705.250595] IDTVectoring: info=00000000 errcode=00000000
[  705.257479] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  705.265631] TSC Offset = 0xfffffe80a3d6fa13
[  705.271738] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  705.279896] EPT pointer = 0x00000001838e501e
[  705.409573] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  705.417307] Interruptibility = 00000000  ActivityState = 00000000
[  705.423710] *** Host State ***
[  705.426958] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2b7f378
[  705.433181] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  705.439662] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  705.447743] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  705.453846] CR0=0000000080050033 CR3=00000000a19dd000 CR4=00000000001426e0
[  705.460951] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  705.467962] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  705.474246] *** Control State ***
[  705.477760] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  705.484719] EntryControls=0000d1ff ExitControls=002fefff
[  705.490246] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  705.497455] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  705.504320] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  705.510980]         reason=80000021 qualification=0000000000000000
[  705.517553] IDTVectoring: info=00000000 errcode=00000000
06:45:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0x0, 0x24, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8, 0x4]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  705.523192] TSC Offset = 0xfffffe8095f6ed9a
[  705.527580] TPR Threshold = 0x00
[  705.530597] *** Guest State ***
[  705.531022] EPT pointer = 0x00000001d0efd01e
[  705.534646] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  705.548141] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  705.557231] CR3 = 0x0000000000000000
[  705.561011] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  705.567268] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  705.574234] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  705.581020] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  705.589325] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.597623] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.605852] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.614095] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.622416] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  705.630482] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  705.638789] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  705.647015] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  705.655268] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  705.663487] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  705.669976] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  705.677715] Interruptibility = 00000000  ActivityState = 00000000
[  705.684146] *** Host State ***
[  705.687409] RIP = 0xffffffff812cf768  RSP = 0xffff8880a18cf378
[  705.693636] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  705.700119] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  705.708241] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  705.714397] CR0=0000000080050033 CR3=00000000a28c5000 CR4=00000000001426f0
06:45:47 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl(r0, 0xe400, &(0x7f0000000180)="a30b4a93f66e38239c960130230cb993b02eb8c3b843df22efee54c38f48d3310bdd2c275d0fe6d76f153c8b53a3b7e8ed97130d3a580876f931627124e354ab5f75a68b42f35c8719e47abf31ef21a4791b52a5194c82f1b45a92d8a32478b31f635a98679bfca52e6b4a4461381fff016f3e2817952b641675d72c323ea7d58aff3bd0f67da79afc7ed94faab3885b3b050d011872eef8882b45d47ca426fb844ee9b31896d33eb8df70b68eb26065cdbd44a7b8e7b1be69f8fe8a20ac770268a8aabdd19ca02d73c4c450c289fe7792508326dc702b85fbd56edef7fdfb142e782c1ee42222")
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000140))
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

[  705.721497] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  705.728413] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  705.734688] *** Control State ***
[  705.738214] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  705.745114] EntryControls=0000d1ff ExitControls=002fefff
[  705.750646] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  705.757865] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  705.764772] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  705.771418]         reason=80000021 qualification=0000000000000000
[  705.777981] IDTVectoring: info=00000000 errcode=00000000
[  705.783639] TSC Offset = 0xfffffe805ad247e9
[  705.788010] TPR Threshold = 0x00
[  705.791464] EPT pointer = 0x00000000b3f6101e
[  706.054183] *** Guest State ***
[  706.057679] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  706.066981] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  706.076158] CR3 = 0x0000000000000000
[  706.079947] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  706.086251] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  706.092459] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  706.099209] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.107520] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.115752] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  706.124076] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.132312] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.140371] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:45:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  706.148656] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  706.156894] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.165248] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  706.173491] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.181538] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  706.188276] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  706.195970] Interruptibility = 00000000  ActivityState = 00000000
[  706.202545] *** Host State ***
[  706.205848] RIP = 0xffffffff812cf768  RSP = 0xffff8880a47af378
[  706.212157] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  706.218662] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  706.226892] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  706.233045] CR0=0000000080050033 CR3=00000000a1998000 CR4=00000000001426f0
[  706.240192] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  706.247231] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x20000)
ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x1, [@random="e944f4587ece"]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000180)=0x8)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x2, r3})

[  706.253520] *** Control State ***
[  706.257041] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  706.264028] EntryControls=0000d1ff ExitControls=002fefff
[  706.269576] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  706.276888] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  706.283813] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  706.290476]         reason=80000021 qualification=0000000000000000
[  706.297127] IDTVectoring: info=00000000 errcode=00000000
06:45:48 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  706.302806] TSC Offset = 0xfffffe8021138ebe
[  706.307196] EPT pointer = 0x00000000a1d7601e
[  706.417024] *** Guest State ***
[  706.420563] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  706.429904] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  706.438981] CR3 = 0x0000000000000000
[  706.442915] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  706.448962] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  706.455903] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  706.462881] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  706.470973] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  706.479191] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  706.487406] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  706.495722] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  706.503950] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  706.512149] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  706.520213] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  706.528470] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  706.536702] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  706.544939] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  706.551420] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  706.559171] Interruptibility = 00000000  ActivityState = 00000000
[  706.565603] *** Host State ***
[  706.568874] RIP = 0xffffffff812cf768  RSP = 0xffff8880a331f378
[  706.575096] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  706.581583] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  706.589620] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  706.595742] CR0=0000000080050033 CR3=00000000a2c93000 CR4=00000000001426f0
[  706.603013] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  706.609755] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:48 executing program 4:
r0 = creat(&(0x7f0000000380)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f0000000040)='threaded\x00', 0xfd87)
write$P9_RVERSION(r0, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x8001, 0x8, '9P2000.L'}, 0x15)
fallocate(r0, 0x3, 0x5e00, 0x2cbd)

[  706.616042] *** Control State ***
[  706.619571] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  706.626468] EntryControls=0000d1ff ExitControls=002fefff
[  706.632275] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  706.639278] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  706.646263] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  706.653083]         reason=80000021 qualification=0000000000000000
[  706.659477] IDTVectoring: info=00000000 errcode=00000000
[  706.665273] TSC Offset = 0xfffffe7fda268fe9
[  706.669673] TPR Threshold = 0x00
[  706.673361] EPT pointer = 0x00000000b3ff001e
06:45:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10000, 0x0)
sendmsg$rds(r4, &(0x7f0000001840)={&(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000000180)=""/101, 0x65}, {&(0x7f0000000400)=""/200, 0xc8}, {&(0x7f0000000200)=""/115, 0x73}, {&(0x7f0000000100)=""/55, 0x37}, {&(0x7f0000000500)=""/156, 0x9c}, {&(0x7f00000005c0)=""/164, 0xa4}, {&(0x7f0000000680)=""/12, 0xc}, {&(0x7f00000006c0)=""/4096, 0x1000}], 0x8, &(0x7f00000017c0)=[@rdma_dest={0x18, 0x114, 0x2, {0xf046, 0xfffffffffffffffb}}, @fadd={0x58, 0x114, 0x6, {{0x200, 0x6}, &(0x7f0000001740)=0x4, &(0x7f0000001780)=0x26e3, 0x0, 0xc8e5, 0xdfe, 0x7, 0x48, 0x5}}], 0x70, 0x4}, 0x8000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:48 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
write(0xffffffffffffffff, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  706.888984] *** Guest State ***
[  706.892696] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  706.901627] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  706.910869] CR3 = 0x0000000000000000
[  706.914815] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  706.920858] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  706.927167] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  706.934192] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.942569] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.950679] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  706.959026] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.967271] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.975577] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  706.983815] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  706.993093] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.001148] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  707.009459] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.017685] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  707.024367] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  707.032056] Interruptibility = 00000000  ActivityState = 00000000
[  707.038360] *** Host State ***
[  707.041640] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2b9f378
[  707.048001] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  707.054650] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  707.062761] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  707.068732] CR0=0000000080050033 CR3=00000000a467c000 CR4=00000000001426f0
[  707.076142] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  707.083052] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  707.089167] *** Control State ***
[  707.092945] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  707.099684] EntryControls=0000d1ff ExitControls=002fefff
[  707.105377] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  707.112523] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  707.119261] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  707.126080]         reason=80000021 qualification=0000000000000000
[  707.132638] IDTVectoring: info=00000000 errcode=00000000
[  707.138155] TSC Offset = 0xfffffe7f9eb34f74
[  707.142699] EPT pointer = 0x00000000b3fed01e
06:45:49 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x0, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000140)=0x3)
getsockopt$inet_int(r0, 0x0, 0x37, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000200)=""/194)
close(r0)

[  707.553234] *** Guest State ***
[  707.556827] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  707.566069] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  707.575270] CR3 = 0x0000000000000000
[  707.579052] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  707.585300] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  707.591372] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  707.598331] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.606530] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.614796] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  707.623058] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.631126] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.639407] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.647607] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  707.655893] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  707.664094] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  707.672337] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  707.680398] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  707.687131] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  707.694799] Interruptibility = 00000000  ActivityState = 00000000
06:45:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x1, 0x0, [], 0x8}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:49 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000, 0x0, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x20, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x8]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  707.701092] *** Host State ***
[  707.704568] RIP = 0xffffffff812cf768  RSP = 0xffff8880a963f378
[  707.710664] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  707.717421] FSBase=00007fb09ecf9700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  707.725439] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  707.731410] CR0=0000000080050033 CR3=00000000a467c000 CR4=00000000001426e0
[  707.738801] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  707.745771] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  707.752083] *** Control State ***
[  707.755629] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  707.762565] EntryControls=0000d1ff ExitControls=002fefff
[  707.768103] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  707.775251] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  707.782114] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  707.788779]         reason=80000021 qualification=0000000000000000
[  707.795289] IDTVectoring: info=00000000 errcode=00000000
[  707.800804] TSC Offset = 0xfffffe7f9eb31886
[  707.805308] EPT pointer = 0x00000000b3fed01e
[  707.849844] *** Guest State ***
[  707.853476] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  707.862592] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  707.871512] CR3 = 0x0000000000000000
[  707.875479] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  707.881518] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  707.888418] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  707.895423] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  707.903628] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  707.911702] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  707.919906] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  707.928116] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  707.936417] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  707.944730] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  707.953029] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  707.961083] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  707.969459] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  707.977694] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  707.984375] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  707.992047] Interruptibility = 00000000  ActivityState = 00000000
[  707.998343] *** Host State ***
[  708.001624] RIP = 0xffffffff812cf768  RSP = 0xffff8880b3f9f378
[  708.008053] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  708.014689] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  708.022866] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  708.028837] CR0=0000000080050033 CR3=00000000a96ed000 CR4=00000000001426e0
[  708.036181] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  708.043050] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  708.049167] *** Control State ***
[  708.052906] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  708.059680] EntryControls=0000d1ff ExitControls=002fefff
[  708.065424] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  708.072677] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  708.079438] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  708.086307]         reason=80000021 qualification=0000000000000000
[  708.092822] IDTVectoring: info=00000000 errcode=00000000
[  708.098339] TSC Offset = 0xfffffe7f1576abd5
[  708.102910] TPR Threshold = 0x00
[  708.106335] EPT pointer = 0x00000000a33d001e
06:45:50 executing program 4:
clone(0x8000000000041fa, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0))
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000))
ptrace(0xd, r0)
ptrace$cont(0x18, r0, 0x0, 0x0)

[  708.190530] *** Guest State ***
[  708.194117] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  708.203289] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  708.212343] CR3 = 0x0000000000000000
[  708.216140] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  708.222622] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  708.228684] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  708.235667] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.243854] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.252066] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  708.260136] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.270549] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.278794] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.286989] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  708.295285] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.303474] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  708.311539] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  708.320198] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  708.326844] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  708.334514] Interruptibility = 00000000  ActivityState = 00000000
[  708.340802] *** Host State ***
[  708.344327] RIP = 0xffffffff812cf768  RSP = 0xffff8880af03f378
[  708.350772] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  708.357467] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  708.365487] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  708.371464] CR0=0000000080050033 CR3=00000000a19be000 CR4=00000000001426e0
[  708.378809] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  708.385692] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  708.391809] *** Control State ***
[  708.395475] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  708.402330] EntryControls=0000d1ff ExitControls=002fefff
[  708.407874] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  708.415020] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  708.421760] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  708.428607]         reason=80000021 qualification=0000000000000000
[  708.435140] IDTVectoring: info=00000000 errcode=00000000
[  708.440663] TSC Offset = 0xfffffe7ee78b3761
[  708.445184] EPT pointer = 0x00000000a1d8301e
06:45:50 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000, 0x0, [], 0xfffffffffffffffd}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  708.833413] *** Guest State ***
[  708.836950] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  708.846107] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  708.855151] CR3 = 0x0000000000000000
[  708.858928] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  708.865159] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  708.872055] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  708.878812] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  708.887056] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  708.895252] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  708.903453] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  708.911507] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  708.919715] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  708.927996] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  708.936205] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  708.944394] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  708.952588] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  708.960667] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  708.967320] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  708.975011] Interruptibility = 00000000  ActivityState = 00000000
[  708.981302] *** Host State ***
[  708.984804] RIP = 0xffffffff812cf768  RSP = 0xffff8880b3ecf378
[  708.990870] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  708.997509] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  709.005529] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  709.011492] CR0=0000000080050033 CR3=00000000a3f87000 CR4=00000000001426e0
[  709.019052] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  709.025936] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  709.032171] *** Control State ***
[  709.035688] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  709.042557] EntryControls=0000d1ff ExitControls=002fefff
[  709.048127] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  709.055268] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  709.062128] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  709.068776]         reason=80000021 qualification=0000000000000000
[  709.075291] IDTVectoring: info=00000000 errcode=00000000
06:45:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
r5 = open(&(0x7f0000000000)='./file0\x00', 0x40000, 0x20)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"32966c7506487ce237b87b752241e5359fc33eaf63d382ddc3ba88f72802747d878a2d512dd109e9a47c48dedf4398a2e0b52d735ee96e26277f661abdd0fa5b4fabc2c6c83cd0c5779fc77001f3483e9345eda30f18442393099869d5e906427d4a580b3b3192dd55445e9a81b53abef7ecbf10f9e3a602ec54134898237242624fe631dbed80f7168cd77f93aaa4b557a4c949165dad74e738ebec1ce6e0d5c1686af59d34eefdee11bbe7fbbb8e599fd36c5050727b12ce74d61072af9092cd3be97b1ded8ddd8e0263529647420e0aa8baa3154a7c728adcf2c185afa3a4fc3f9aff197a08bdec38c00f4e1e9c6e82855e660498fa8f5477010c89eae9775cd5bcf00dfaa068224b4cd5aea718202ac133a6aed7f57df8e5eb0a2937cc57df79e21b6b64a06fdb19d5ee7ac4624b92b3d764775a7e2b58bf674017cb0a1894bbdf5a2c17f8f684bddfe496553be5bf39efb71f470b2056b84493e7e0f1d5a3c66fb02372b33d7dec3ce9ad7b7420d1c49ce82f96c334b394242b1f6f2cfb667e4a8b2b406d286be2c170927e6b9dd325cb433c6c4ffeec73130a79b06aefbcf69a2978b2ca121e6e27609b0f1a78f3e0171595479a20436739b81422f1e12b89910bb545064343c3e8e0a9aa77562f574e8da14afa85dcc1af2b82f8a3e019965de12a9f8421f24e88bd53d4b91a48d5f175df6f65700922e9fc1aae0172641a020ca207adeeeef22afb41cda9ee57f336c7fa099d25a2ec16e3c0079c8b8ba0534be7a68d01b1fdcdec0e9ac4c6da99712917beeeadf790ddb4a8af755162c0410b3e4c36962ff4af75380e8a5d08b140e7324e656651816bc322bae66d7b2caef6ff9b2a43d9d12e67d5cc169199e175d283a54f76f706e365ec21f9fbabfe15c9ba388068b1fb72036fb7120db194f1a875996794a8d2fd7e418ddaba4996eb93800d31c79eb3e415fdc2eefe34a999aa42bcd55d1bb7d8fd4aa25198c24bec53462724f065a102ba6d4ee0e8ceea998bef5c48f398560c81041cedd9a51588297b22411012b44143d526aefa84e2e0743fd7136c5ade3ba4a333a97b82b3ca8ea9cd6d5382c509e4b7a808a045d16a527e1d1a7b62c5029dabd25f7729416f53b488e72b27053fad2a0315a73445446995631817dea4be539bb23ec10575988aa3207cdbe6b89f2bd2451df7d7c12746a438dc8a0d300139602286e732c5a14ee2d2b687b19d571a6b3bda112fafd25ccdf5182228c4dc579fa124f50b7bfde03723152b90cdf55e2a4f6d8caf82638c243864d927193c89cf7acfa7c890ee1ec06d90eb5187b693d37c729af4394d0bdb8b2d8780e247cbf5ef9792c4a359bd1cf5f9534a58a18579bec2225c5f341be90a5cd88489cd212a9a4a46661975c4cc5c85b4d65ac69eff6fbac0ff7059c595cb202e8426bfbbf340166a"})
fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$TUNSETGROUP(r5, 0x400454ce, r6)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f0000000180)={'teql0\x00', 0xfffffffffffffff8})

06:45:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x0, 0x1, 0x0, [], 0x8}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  709.080801] TSC Offset = 0xfffffe7e914ea085
[  709.085377] TPR Threshold = 0x00
[  709.088812] EPT pointer = 0x00000000a1cda01e
06:45:51 executing program 4:
r0 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x3a57)

[  709.381589] *** Guest State ***
[  709.385319] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  709.394626] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  709.403727] CR3 = 0x0000000000000000
[  709.407624] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  709.413907] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  709.420685] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  709.427701] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  709.435927] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  709.444248] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  709.452469] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  709.460538] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  709.468878] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  709.477130] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  709.485424] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  709.493661] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  709.501729] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  709.510018] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  709.516646] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  709.524449] Interruptibility = 00000000  ActivityState = 00000000
[  709.530750] *** Host State ***
[  709.534257] RIP = 0xffffffff812cf768  RSP = 0xffff8880a373f378
[  709.540317] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  709.547033] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  709.555081] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  709.561052] CR0=0000000080050033 CR3=00000000a33ef000 CR4=00000000001426f0
[  709.568403] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  709.575303] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  709.581415] *** Control State ***
[  709.585172] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  709.592086] EntryControls=0000d1ff ExitControls=002fefff
[  709.597639] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  709.604950] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  709.611701] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  709.618632]         reason=80000021 qualification=0000000000000000
[  709.625178] IDTVectoring: info=00000000 errcode=00000000
06:45:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:51 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  709.630697] TSC Offset = 0xfffffe7e49e0b299
[  709.635306] TPR Threshold = 0x00
[  709.638739] EPT pointer = 0x00000000af1bf01e
[  709.742681] *** Guest State ***
[  709.746068] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  709.755380] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  709.764558] CR3 = 0x0000000000000000
[  709.768357] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  709.774761] RFLAGS=0x00010006         DR7 = 0x0000000000000400
[  709.780822] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  709.787923] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.796166] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.804512] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  709.812738] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.820796] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.829130] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.837370] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  709.845672] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.853910] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  709.862325] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  709.870377] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  709.877139] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  709.884838] Interruptibility = 00000000  ActivityState = 00000000
[  709.891132] *** Host State ***
[  709.894665] RIP = 0xffffffff812cf768  RSP = 0xffff8880a409f378
[  709.900729] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  709.907516] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  709.915559] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  709.921539] CR0=0000000080050033 CR3=00000000b3e82000 CR4=00000000001426f0
[  709.928921] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  709.935836] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:45:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  709.942294] *** Control State ***
[  709.945870] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  709.952902] EntryControls=0000d1ff ExitControls=002fefff
[  709.958469] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  709.965737] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  709.972667] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  709.979325]         reason=80000021 qualification=0000000000000000
[  709.986008] IDTVectoring: info=00000000 errcode=00000000
[  709.991566] TSC Offset = 0xfffffe7e1c3520ec
[  709.996230] EPT pointer = 0x00000000a3a1601e
[  710.223195] *** Guest State ***
[  710.226943] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  710.236147] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  710.245234] CR3 = 0x0000000000000000
[  710.249014] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  710.255202] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  710.261252] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  710.268205] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.276482] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.284690] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  710.292908] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.300970] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.309252] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.317472] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  710.326220] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.334413] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  710.342604] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  710.350668] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  710.357294] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  710.364939] Interruptibility = 00000000  ActivityState = 00000000
[  710.371218] *** Host State ***
[  710.374594] RIP = 0xffffffff812cf768  RSP = 0xffff8880a367f378
[  710.380662] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  710.387301] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  710.395310] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  710.401271] CR0=0000000080050033 CR3=00000000a3b28000 CR4=00000000001426e0
[  710.408572] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  710.415474] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  710.421589] *** Control State ***
[  710.425263] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  710.432137] EntryControls=0000d1ff ExitControls=002fefff
[  710.437670] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  710.444816] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  710.451555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  710.458357]         reason=80000021 qualification=0000000000000000
[  710.464882] IDTVectoring: info=00000000 errcode=00000000
06:45:52 executing program 4:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000009f7c)=""/132, 0x84}, {&(0x7f0000001540)=""/252, 0xfc}, {&(0x7f0000012000)=""/155, 0x9b}, {&(0x7f00000001c0)=""/11, 0xb}, {&(0x7f0000001400)=""/102, 0x66}], 0x5, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)=""/92, 0x5c}], 0x1, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)=<r1=>0x0)
ptrace(0x71065eeb9faacf22, r1)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000200)={&(0x7f0000000140)=""/79}, 0x18)
ioctl(r0, 0xc2604110, &(0x7f0000000000))
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[{0xb, 0x6}, {0x8, 0xffff}, {0x3, 0x3}, {0x2, 0x100000000}, {0x6, 0x3}, {0x3, 0x4}], 0x6)

[  710.470403] TSC Offset = 0xfffffe7ddc80b4bf
[  710.474920] EPT pointer = 0x00000000a201d01e
06:45:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10003, 0x0, 0x4, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:52 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
fchdir(0xffffffffffffffff)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  710.957917] *** Guest State ***
[  710.961506] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  710.970740] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  710.979817] CR3 = 0x0000000000000000
[  710.983864] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  710.989908] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  710.996865] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  711.003757] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  711.011826] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.020048] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.028247] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.036470] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.044910] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.053166] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  711.056464] *** Guest State ***
[  711.061224] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  711.064871] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  711.072960] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  711.073007] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  711.073052] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  711.082129] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  711.090131] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  711.098415] CR3 = 0x0000000000000000
[  711.104861] Interruptibility = 00000000  ActivityState = 00000000
[  711.104879] *** Host State ***
[  711.104928] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2bbf378
[  711.113974] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  711.121458] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  711.125336] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  711.125370] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  711.125404] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  711.125454] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.125496] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.125543] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.131808] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  711.135191] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.141176] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  711.147353] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  711.153937] CR0=0000000080050033 CR3=00000000a2c2f000 CR4=00000000001426e0
[  711.160639] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  711.167487] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  711.167528] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  711.175718] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  711.183862] *** Control State ***
[  711.192547] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  711.192602] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  711.200645] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  711.208652] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  711.216801] EntryControls=0000d1ff ExitControls=002fefff
[  711.222864] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  711.222901] Interruptibility = 00000000  ActivityState = 00000000
[  711.222932] *** Host State ***
[  711.230948] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  711.238188] RIP = 0xffffffff812cf768  RSP = 0xffff8880a963f378
[  711.246316] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  711.253186] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  711.259355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  711.267538] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  711.271001]         reason=80000021 qualification=0000000000000000
[  711.279192] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  711.287360] IDTVectoring: info=00000000 errcode=00000000
[  711.294214] CR0=0000000080050033 CR3=00000000a4748000 CR4=00000000001426f0
[  711.300623] TSC Offset = 0xfffffe7d6e1718b6
[  711.300657] TPR Threshold = 0x00
[  711.306321] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  711.313939] EPT pointer = 0x00000000a3a1201e
[  711.409257] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  711.415619] *** Control State ***
[  711.419147] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  711.426170] EntryControls=0000d1ff ExitControls=002fefff
[  711.431697] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  711.438950] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  711.445833] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  711.452765]         reason=80000021 qualification=0000000000000000
06:45:53 executing program 4:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
r1 = socket$inet(0x2, 0x3, 0x3e)
sendto$inet(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000ee9ff0), 0x10)
setsockopt$inet_opts(r1, 0x0, 0xd, &(0x7f0000d20000)="c5", 0x1)
recvmsg(r1, &(0x7f0000bd9000)={0x0, 0x0, &(0x7f0000eee000), 0x0, &(0x7f0000b18faf)=""/81, 0x51}, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000000c0)={0x0, 0x5, 0xff, &(0x7f0000000040)})

[  711.459143] IDTVectoring: info=00000000 errcode=00000000
[  711.464911] TSC Offset = 0xfffffe7d6ad72d62
[  711.469282] TPR Threshold = 0x00
[  711.472856] EPT pointer = 0x00000000a3ae901e
06:45:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x604800, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r4, 0x5381)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  711.744747] *** Guest State ***
[  711.748344] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  711.757634] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  711.766735] CR3 = 0x0000000000000000
[  711.770518] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  711.776784] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  711.782969] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  711.789834] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.798100] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.806426] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  711.814729] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.822949] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.831017] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.839270] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  711.847498] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.855764] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  711.864017] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  711.872267] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  711.878752] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  711.886505] Interruptibility = 00000000  ActivityState = 00000000
[  711.892922] *** Host State ***
[  711.896183] RIP = 0xffffffff812cf768  RSP = 0xffff8880a6e1f378
[  711.902492] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  711.908999] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  711.917119] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  711.923216] CR0=0000000080050033 CR3=00000000a1c60000 CR4=00000000001426e0
[  711.930315] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  711.937309] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  711.943567] *** Control State ***
[  711.947108] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  711.953982] EntryControls=0000d1ff ExitControls=002fefff
[  711.959511] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  711.966752] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  711.973645] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  711.980308]         reason=80000021 qualification=0000000000000000
[  711.986901] IDTVectoring: info=00000000 errcode=00000000
06:45:53 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x0, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  711.992555] TSC Offset = 0xfffffe7d0d2d2aad
[  711.996947] EPT pointer = 0x00000000a3bf801e
06:45:54 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
fchdir(0xffffffffffffffff)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  712.239405] *** Guest State ***
[  712.243041] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  712.252355] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  712.261264] CR3 = 0x0000000000000000
[  712.265222] RSP = 0x0000000000000f80  RIP = 0x0000000000000040
[  712.271375] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  712.277596] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  712.284589] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.292834] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.300914] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  712.309150] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.317409] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.326010] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.334226] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  712.342442] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.350531] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  712.358794] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  712.367039] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  712.373692] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  712.381231] Interruptibility = 00000000  ActivityState = 00000000
06:45:54 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/11, 0x29a)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f000000cfe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f")
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000480)=@dstopts={0x0, 0x3, [], [@hao={0xc9, 0x10, @ipv4={[], [], @loopback}}, @calipso={0x7, 0x8}]}, 0x28)
recvmsg(r1, &(0x7f0000000400)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=""/128, 0x80}, 0x0)
r2 = dup2(r0, r0)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000080))
write(r1, &(0x7f0000000440), 0x0)

[  712.387714] *** Host State ***
[  712.390992] RIP = 0xffffffff812cf768  RSP = 0xffff8880a963f378
[  712.397241] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  712.403873] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  712.411751] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  712.417859] CR0=0000000080050033 CR3=00000000a7781000 CR4=00000000001426f0
[  712.425144] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  712.432131] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  712.438251] *** Control State ***
[  712.441777] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  712.448765] EntryControls=0000d1ff ExitControls=002fefff
[  712.454451] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  712.461490] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  712.468487] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  712.475295]         reason=80000021 qualification=0000000000000000
[  712.481712] IDTVectoring: info=00000000 errcode=00000000
[  712.487457] TSC Offset = 0xfffffe7cc4570800
[  712.491869] EPT pointer = 0x00000000a20f101e
[  712.527572] *** Guest State ***
[  712.531057] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  712.540343] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  712.549439] CR3 = 0x0000000000000000
[  712.553430] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  712.559485] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  712.566547] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  712.573688] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  712.581756] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  712.590069] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  712.598297] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  712.606624] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  712.614857] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  712.623162] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  712.631289] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  712.639605] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  712.647876] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  712.656171] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  712.662910] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  712.670435] Interruptibility = 00000000  ActivityState = 00000000
[  712.676957] *** Host State ***
[  712.680215] RIP = 0xffffffff812cf768  RSP = 0xffff8880a464f378
[  712.686435] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  712.693139] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  712.701016] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  712.707176] CR0=0000000080050033 CR3=00000000a3b3d000 CR4=00000000001426f0
[  712.714419] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  712.721163] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  712.727466] *** Control State ***
[  712.730992] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  712.737905] EntryControls=0000d1ff ExitControls=002fefff
[  712.743575] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  712.750581] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  712.757474] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  712.764239]         reason=80000021 qualification=0000000000000000
[  712.770630] IDTVectoring: info=00000000 errcode=00000000
[  712.776337] TSC Offset = 0xfffffe7c94cc94d2
[  712.780736] TPR Threshold = 0x00
[  712.784347] EPT pointer = 0x00000000b3ef301e
06:45:54 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7, 0x0, 0x0, [], 0x8}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  712.993894] *** Guest State ***
[  712.997289] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  713.006464] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  713.015559] CR3 = 0x0000000000000000
[  713.019349] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  713.025559] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  713.031626] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  713.038594] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.046843] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.055154] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  713.063458] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.071523] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.079789] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.088039] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  713.096258] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  713.104522] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  713.112762] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  713.120813] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  713.127525] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  713.135200] Interruptibility = 00000000  ActivityState = 00000000
[  713.141521] *** Host State ***
[  713.144963] RIP = 0xffffffff812cf768  RSP = 0xffff8880a2b9f378
[  713.151034] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  713.157707] FSBase=00007fb09ecf9700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  713.165790] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  713.171758] CR0=0000000080050033 CR3=00000000a7781000 CR4=00000000001426f0
[  713.179063] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  713.185971] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  713.192783] *** Control State ***
[  713.196311] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  713.203219] EntryControls=0000d1ff ExitControls=002fefff
[  713.208751] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  713.215941] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  713.222859] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  713.229527]         reason=80000021 qualification=0000000000000000
[  713.236126] IDTVectoring: info=00000000 errcode=00000000
[  713.241652] TSC Offset = 0xfffffe7cc456cbc6
[  713.246208] EPT pointer = 0x00000000a20f101e
06:45:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x20, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:55 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8))
fchdir(0xffffffffffffffff)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:55 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f0000000000)="0a5f2d0240316285717070")
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x67)
pwrite64(r1, &(0x7f0000000580)="7b5aa60acc88c08616733e70363856ede11e206a4b96d78ee276a11ae5e6f50ffcb759a388ffd05db6fd28f3ce796952fdf350273514743ff2c0ba06775532a146ebd4f4b5145717349e424c127d26a3facb75c7d0cab4585392597655f56cb9287374d2ae9d0c99d64dd24049cfd2e5329dc672bd78ba3ec3df635b6b148bb9dba456aef169352247503b247496c609af0d31a99db27980aa8de80480da12bf8720aca1e7e2ae0624a8ae60a33f7b4d7400b4ec5a17039439f0fb8f4af94a5b7dec6deb9f685384d0c81ea03f5a3b8e998671149a859b7859637504b283adc687006ef7118d619274c5dba11e", 0xed, 0x0)
listen(0xffffffffffffffff, 0x0)

[  713.428163] *** Guest State ***
[  713.431750] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  713.441018] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  713.450111] CR3 = 0x0000000000000000
[  713.454005] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  713.460168] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  713.467065] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  713.473949] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  713.482206] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  713.490271] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  713.498693] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  713.506908] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  713.515104] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  713.523354] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  713.531443] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  713.539737] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  713.547975] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  713.556305] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  713.562933] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  713.570463] Interruptibility = 00000000  ActivityState = 00000000
[  713.576983] *** Host State ***
[  713.580272] RIP = 0xffffffff812cf768  RSP = 0xffff8880a47af378
[  713.586584] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  713.593227] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  713.601107] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  713.607285] CR0=0000000080050033 CR3=00000000af021000 CR4=00000000001426e0
[  713.614517] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  713.621259] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  713.627623] *** Control State ***
[  713.631147] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  713.638121] EntryControls=0000d1ff ExitControls=002fefff
[  713.643787] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  713.650785] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  713.657753] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  713.664545]         reason=80000021 qualification=0000000000000000
[  713.670939] IDTVectoring: info=00000000 errcode=00000000
06:45:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x200000000003, 0x0, &(0x7f0000000b80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940)=ANY=[@ANYBLOB="0a0000000000000002000000000000002100000000000000", @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="00000000000000000000000000000000fb00000000000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000f00000000000001f00000000000000", @ANYPTR=&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00g\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000009e00000000000000", @ANYPTR=&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000008100000000000000", @ANYPTR=&(0x7f0000000540)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000f00000000000008e00000000000000", @ANYPTR=&(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041692a8468b7490e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], @ANYBLOB="00000000000000000040000000000000ce00000000000000", @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="00000000000000000040000000000000d700000000000000", @ANYPTR=&(0x7f00000007c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00p\x00\x00\x00\x00\x00\x00J\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="0000000000000000000000000400000000000000000000000000300100000000000000000000000000000000000000000000000000000000000000"], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'])
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_vif\x00')
ioctl$RTC_UIE_OFF(r4, 0x7004)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000ac0)='/dev/zero\x00', 0x410440, 0x0)

[  713.676701] TSC Offset = 0xfffffe7c1ba41a3f
[  713.681085] TPR Threshold = 0x00
[  713.684926] EPT pointer = 0x00000000a369401e
06:45:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:56 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:56 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:56 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x100082)
write$P9_RWSTAT(r0, &(0x7f00000002c0)={0x7}, 0x7)
r2 = memfd_create(&(0x7f0000000380)="000000000000000100000001000000768e05f7c155ad7dc6947c573e5a69244e76382c0aa63d575ea3597f8b1728277ef76b30544d7ba92dcf978f1f81dc1b7f8f7b3451dada02ecb4f1ddcc8b5241da8945666e0073c25a6201004dbea37aabd3eb9888c4c629419f50937a6848e0d281dbee568c4de9a036c26f1922f64971d4df97fbab04e8ce4938b31dcf259b4bc60901e18661fab8fb2988cd2bc260c2f572353e6bb0a002fc164d4f189b068062d10100000000000000400c0c4ca57b546b9430172ea5362ee0141b3df06ad235e815d89eead3d9473409c09c2e27a952337a24f20188c013123cc0316a33d8b443453773e4a09edd8031124dee13ce9c75288f2ec833c7e66af5b19a00000000000000", 0x0)
pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x81806)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, &(0x7f0000000240), 0x20000102000007)
add_key$keyring(&(0x7f0000000500)='keyring\x00', &(0x7f0000000540)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
sendfile(0xffffffffffffffff, r0, 0x0, 0xca97)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f0000000a00)='./bus\x00', 0x0)
io_setup(0xb, &(0x7f0000000240))
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000100))
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000300)={0x28, 0x10, 0x10, 0x9, 0x5, 0x7, 0x0, 0x0, 0x1})
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000680))
ioctl$LOOP_CLR_FD(r1, 0x4c01)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000004140)={@local}, &(0x7f0000004180)=0x14)

[  714.163177] *** Guest State ***
[  714.166559] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  714.175699] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  714.184747] CR3 = 0x0000000000000000
[  714.188534] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  714.194731] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  714.200793] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  714.207694] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.215891] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.224098] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  714.232271] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.240330] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.248552] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.256749] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  714.264943] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.273145] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  714.281204] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.289414] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  714.296026] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  714.303690] Interruptibility = 00000000  ActivityState = 00000000
[  714.309983] *** Host State ***
[  714.313412] RIP = 0xffffffff812cf768  RSP = 0xffff8880b3fcf378
[  714.319992] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  714.326604] FSBase=00007fb09ed1a700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  714.334599] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  714.340574] CR0=0000000080050033 CR3=00000000a287f000 CR4=00000000001426e0
[  714.348219] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  714.355078] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  714.361191] *** Control State ***
[  714.364836] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  714.371561] EntryControls=0000d1ff ExitControls=002fefff
[  714.377225] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  714.384347] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  714.391091] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  714.397867]         reason=80000021 qualification=0000000000000000
[  714.404374] IDTVectoring: info=00000000 errcode=00000000
[  714.409894] TSC Offset = 0xfffffe7bc71040b3
06:45:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x20, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x2, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  714.414407] EPT pointer = 0x00000000a3afc01e
[  714.497015] *** Guest State ***
[  714.500425] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  714.509774] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  714.518832] CR3 = 0x0000000000000000
[  714.522747] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  714.528787] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  714.535677] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  714.542723] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  714.550799] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  714.559046] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  714.567271] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  714.575478] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  714.583679] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  714.591742] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  714.599955] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  714.608186] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  714.616499] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  714.624700] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  714.631191] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  714.638951] Interruptibility = 00000000  ActivityState = 00000000
[  714.645404] *** Host State ***
[  714.648683] RIP = 0xffffffff812cf768  RSP = 0xffff8880a21cf378
[  714.654982] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  714.661485] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  714.669688] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  714.675802] CR0=0000000080050033 CR3=00000000a2047000 CR4=00000000001426e0
[  714.683122] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  714.689894] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  714.696255] *** Control State ***
[  714.699777] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  714.706748] EntryControls=0000d1ff ExitControls=002fefff
[  714.712398] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  714.719403] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  714.726338] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  714.733219]         reason=80000021 qualification=0000000000000000
[  714.739621] IDTVectoring: info=00000000 errcode=00000000
[  714.745325] TSC Offset = 0xfffffe7b86b9b85f
[  714.749720] TPR Threshold = 0x00
[  714.753344] EPT pointer = 0x00000000a32fb01e
[  714.796151] print_req_error: I/O error, dev loop0, sector 128
[  714.802308] Buffer I/O error on dev loop0, logical block 16, lost async page write
[  714.934200] *** Guest State ***
[  714.937589] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  714.946859] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  714.956027] CR3 = 0x0000000000000000
[  714.959812] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  714.966161] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  714.972384] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  714.979154] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.987463] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  714.995693] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  715.004071] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.012320] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.020385] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.028709] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  715.036957] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.045264] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  715.053486] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.061532] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  715.068325] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  715.076006] Interruptibility = 00000000  ActivityState = 00000000
[  715.082579] *** Host State ***
[  715.085865] RIP = 0xffffffff812cf768  RSP = 0xffff8880a042f378
[  715.092182] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  715.098676] FSBase=00007fb09ecb7700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  715.106969] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  715.113102] CR0=0000000080050033 CR3=00000000a287f000 CR4=00000000001426f0
[  715.120271] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  715.127184] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  715.133501] *** Control State ***
[  715.137028] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  715.143996] EntryControls=0000d1ff ExitControls=002fefff
[  715.149525] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  715.156751] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  715.163648] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  715.170297]         reason=80000021 qualification=0000000000000000
[  715.177001] IDTVectoring: info=00000000 errcode=00000000
[  715.182687] TSC Offset = 0xfffffe7bc70ff35a
[  715.187588] EPT pointer = 0x00000000a3afc01e
06:45:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:57 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:57 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
mmap(&(0x7f0000a05000/0x400000)=nil, 0x400000, 0x3, 0x8012, r0, 0x0)

[  715.392636] *** Guest State ***
[  715.396036] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  715.405261] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  715.414382] CR3 = 0x0000000000000000
[  715.418162] RSP = 0x0000000000000f78  RIP = 0x000000000000003f
[  715.424497] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  715.430547] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  715.437595] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.445846] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.454238] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  715.462466] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.470532] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.478857] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.487106] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  715.495409] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.503741] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  715.511834] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  715.520166] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  715.526851] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  715.534635] Interruptibility = 00000000  ActivityState = 00000000
[  715.540937] *** Host State ***
[  715.544452] RIP = 0xffffffff812cf768  RSP = 0xffff8880a211f378
[  715.550521] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  715.557282] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  715.565360] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  715.571331] CR0=0000000080050033 CR3=00000000a201b000 CR4=00000000001426f0
[  715.578678] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  715.585621] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  715.591740] *** Control State ***
[  715.595542] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  715.602469] EntryControls=0000d1ff ExitControls=002fefff
[  715.607997] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  715.615278] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  715.622250] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  715.628921]         reason=80000021 qualification=0000000000000000
[  715.635593] IDTVectoring: info=00000000 errcode=00000000
[  715.641145] TSC Offset = 0xfffffe7b17e67c5f
[  715.645813] EPT pointer = 0x00000000a19c001e
[  715.822810] *** Guest State ***
[  715.826362] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  715.835534] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  715.844652] CR3 = 0x0000000000000000
[  715.848419] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  715.854690] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  715.861441] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  715.868405] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  715.876650] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  715.884959] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  715.893184] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  715.901269] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  715.909628] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  715.917880] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  715.926128] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  715.934343] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  715.942569] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  715.950638] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  715.957351] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  715.965123] Interruptibility = 00000000  ActivityState = 00000000
06:45:58 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r2)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  715.971410] *** Host State ***
[  715.974843] RIP = 0xffffffff812cf768  RSP = 0xffff8880a1dcf378
[  715.980914] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  715.987583] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  715.995760] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  716.001721] CR0=0000000080050033 CR3=00000000a04bf000 CR4=00000000001426f0
[  716.009009] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  716.015960] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  716.022468] *** Control State ***
[  716.025993] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  716.032891] EntryControls=0000d1ff ExitControls=002fefff
[  716.038415] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  716.045583] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  716.052482] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  716.059127]         reason=80000021 qualification=0000000000000000
[  716.065702] IDTVectoring: info=00000000 errcode=00000000
[  716.071272] TSC Offset = 0xfffffe7ad3ece34e
[  716.075874] TPR Threshold = 0x00
[  716.079309] EPT pointer = 0x00000000a36b401e
06:45:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000100)=0xfffffffffffffffc, 0x4)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40000, 0x0)
ioctl$UI_GET_VERSION(r4, 0x8004552d, &(0x7f00000000c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:45:58 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:45:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:45:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  716.534718] *** Guest State ***
[  716.538312] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  716.547592] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  716.556691] CR3 = 0x0000000000000000
[  716.560470] RSP = 0x0000000000000f80  RIP = 0x0000000000000004
[  716.566702] RFLAGS=0x00000046         DR7 = 0x0000000000000400
[  716.572927] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  716.579812] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.588062] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.596268] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  716.604549] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.612790] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.620855] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.629109] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  716.637368] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.645562] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  716.653825] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.661890] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  716.668687] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  716.676601] Interruptibility = 00000000  ActivityState = 00000000
[  716.683154] *** Host State ***
[  716.686436] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3bdf378
[  716.692757] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  716.699249] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  716.707364] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  716.713511] CR0=0000000080050033 CR3=0000000161a01000 CR4=00000000001426f0
[  716.720632] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  716.727632] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  716.733933] *** Control State ***
[  716.737450] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  716.744551] EntryControls=0000d1ff ExitControls=002fefff
[  716.750089] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  716.757323] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  716.764246] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  716.770911]         reason=80000021 qualification=0000000000000000
[  716.777539] IDTVectoring: info=00000000 errcode=00000000
06:45:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  716.783209] TSC Offset = 0xfffffe7a79480369
[  716.787596] EPT pointer = 0x00000000b3ef301e
[  716.933085] *** Guest State ***
[  716.936566] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  716.945737] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  716.954778] CR3 = 0x0000000000000000
[  716.958553] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  716.964752] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  716.970801] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  716.977702] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.986024] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.986131] *** Guest State ***
[  716.994218] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  716.994262] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.994308] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.994352] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  716.994405] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  716.997718] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  717.005936] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  717.014354] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  717.022224] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  717.030222] CR3 = 0x0000000000000000
[  717.038416] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.047407] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  717.047438] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  717.047479] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  717.055629] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  717.055658] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  717.055684] Interruptibility = 00000000  ActivityState = 00000000
[  717.055716] *** Host State ***
[  717.064823] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  717.064870] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.073049] RIP = 0xffffffff812cf768  RSP = 0xffff8880a368f378
[  717.073104] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  717.076833] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.084996] FSBase=00007fb09ecb7700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  717.085050] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  717.091070] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.097917] CR0=0000000080050033 CR3=0000000161a01000 CR4=00000000001426e0
[  717.097960] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  717.104830] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.111253] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  717.118917] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.125305] *** Control State ***
[  717.128530] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  717.136869] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  717.144871] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  717.144911] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  717.144957] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  717.150954] EntryControls=0000d1ff ExitControls=002fefff
[  717.150993] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  717.157601] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  717.165776] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  717.173769] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  717.179682] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001
[  717.188032] Interruptibility = 00000000  ActivityState = 00000000
[  717.195195]         reason=80000021 qualification=0000000000000000
[  717.195220] IDTVectoring: info=00000000 errcode=00000000
[  717.195240] TSC Offset = 0xfffffe7a7947d1d7
[  717.195289] EPT pointer = 0x00000000b3ef301e
[  717.202154] *** Host State ***
[  717.202190] RIP = 0xffffffff812cf768  RSP = 0xffff8880a053f378
[  717.202244] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  717.351305] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  717.359441] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  717.365619] CR0=0000000080050033 CR3=00000000a3bb9000 CR4=00000000001426f0
[  717.373012] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  717.379757] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  717.386139] *** Control State ***
[  717.389672] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  717.396671] EntryControls=0000d1ff ExitControls=002fefff
[  717.402422] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  717.409424] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  717.416379] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  717.423195]         reason=80000021 qualification=0000000000000000
[  717.429591] IDTVectoring: info=00000000 errcode=00000000
[  717.435358] TSC Offset = 0xfffffe7a349a85d1
[  717.439741] TPR Threshold = 0x00
[  717.443411] EPT pointer = 0x00000000a21fb01e
[  717.473859] *** Guest State ***
[  717.477737] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  717.487158] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  717.496296] CR3 = 0x0000000000000000
[  717.500077] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  717.506271] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  717.512536] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  717.519288] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.527509] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.535727] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  717.544006] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.552188] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.560248] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.568542] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  717.576843] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.585037] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  717.593322] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  717.601372] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  717.608124] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  717.615888] Interruptibility = 00000000  ActivityState = 00000000
[  717.622305] *** Host State ***
[  717.625569] RIP = 0xffffffff812cf768  RSP = 0xffff8880a0bbf378
[  717.631655] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  717.638364] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  717.646391] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  717.652548] CR0=0000000080050033 CR3=00000000a2124000 CR4=00000000001426e0
[  717.659708] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  717.666686] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  717.672943] *** Control State ***
[  717.676475] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
06:45:59 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r2)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:45:59 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:45:59 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  717.683362] EntryControls=0000d1ff ExitControls=002fefff
[  717.688889] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  717.696043] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  717.702910] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  717.709562]         reason=80000021 qualification=0000000000000000
[  717.716177] IDTVectoring: info=00000000 errcode=00000000
[  717.721697] TSC Offset = 0xfffffe7a02b20a96
[  717.726277] EPT pointer = 0x00000000a3bd501e
06:45:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  717.900666] *** Guest State ***
[  717.904342] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  717.913521] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  717.922642] CR3 = 0x0000000000000000
[  717.926431] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  717.932708] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  717.939470] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  717.946510] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  717.954726] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.962931] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.971009] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.979250] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.987464] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  717.995664] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  718.003970] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  718.012179] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  718.020253] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  718.028668] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  718.035290] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  718.043043] Interruptibility = 00000000  ActivityState = 00000000
[  718.049335] *** Host State ***
[  718.052869] RIP = 0xffffffff812cf768  RSP = 0xffff8880a368f378
[  718.058934] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  718.065658] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  718.073672] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  718.079642] CR0=0000000080050033 CR3=00000000a0b69000 CR4=00000000001426e0
[  718.086951] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  718.093825] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  718.099943] *** Control State ***
[  718.103730] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  718.110459] EntryControls=0000d1ff ExitControls=002fefff
[  718.116223] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  718.123354] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  718.130117] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  718.137062]         reason=80000021 qualification=0000000000000000
[  718.143586] IDTVectoring: info=00000000 errcode=00000000
[  718.149117] TSC Offset = 0xfffffe79b444d6ec
[  718.153712] TPR Threshold = 0x00
[  718.157143] EPT pointer = 0x00000000a37a001e
06:46:00 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  718.455798] *** Guest State ***
[  718.459330] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  718.468577] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  718.477763] CR3 = 0x0000000000000000
[  718.481552] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  718.487761] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  718.493930] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  718.500678] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.508939] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.517141] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  718.525324] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.533557] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.541640] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.549914] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  718.558140] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.566407] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  718.574618] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  718.582893] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  718.589380] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  718.597130] Interruptibility = 00000000  ActivityState = 00000000
[  718.603604] *** Host State ***
[  718.606926] RIP = 0xffffffff812cf768  RSP = 0xffff8880a367f378
[  718.613224] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  718.619729] FSBase=00007fb09ecf9700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  718.627829] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  718.633917] CR0=0000000080050033 CR3=00000000a20ee000 CR4=00000000001426e0
[  718.641017] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  718.647992] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:00 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@link_local]})
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r2)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:00 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x0, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  718.654245] *** Control State ***
[  718.657764] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  718.664709] EntryControls=0000d1ff ExitControls=002fefff
[  718.670248] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  718.677476] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  718.684357] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  718.691022]         reason=80000021 qualification=0000000000000000
[  718.697734] IDTVectoring: info=00000000 errcode=00000000
06:46:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  718.703393] TSC Offset = 0xfffffe7975b489e4
[  718.707785] EPT pointer = 0x00000000a3b9801e
[  719.067581] *** Guest State ***
[  719.071186] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  719.080474] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  719.089815] CR3 = 0x0000000000000000
[  719.093755] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  719.099907] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  719.106122] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  719.113029] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.121091] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.129176] *** Guest State ***
[  719.129217] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  719.129252] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  719.129272] CR3 = 0x0000000000000000
[  719.129311] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  719.132774] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  719.132820] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.132867] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.132919] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.132955] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  719.133023] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.141925] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  719.150964] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  719.154755] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  719.160706] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  719.168857] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  719.176996] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  719.177027] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  719.177053] Interruptibility = 00000000  ActivityState = 00000000
[  719.177085] *** Host State ***
[  719.185422] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  719.193626] RIP = 0xffffffff812cf768  RSP = 0xffff8880a0b2f378
[  719.193679] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  719.201683] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  719.209826] FSBase=00007fb69a05c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  719.209866] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
06:46:01 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  719.216807] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  719.224845] CR0=0000000080050033 CR3=00000000b3fd8000 CR4=00000000001426f0
[  719.224891] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  719.224935] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  719.231648] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  719.239768] *** Control State ***
[  719.239818] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  719.247992] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  719.254544] EntryControls=0000d1ff ExitControls=002fefff
[  719.254589] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  719.254653] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  719.262282] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  719.268552] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  719.271775] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  719.279905]         reason=80000021 qualification=0000000000000000
[  719.279941] IDTVectoring: info=00000000 errcode=00000000
[  719.286095] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  719.292659] TSC Offset = 0xfffffe79250f3f42
[  719.292695] EPT pointer = 0x00000000a0bba01e
[  719.300716] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  719.449727] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  719.456418] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  719.464063] Interruptibility = 00000000  ActivityState = 00000000
[  719.470348] *** Host State ***
[  719.473824] RIP = 0xffffffff812cf768  RSP = 0xffff8880a218f378
[  719.479883] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  719.486566] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  719.494578] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  719.500553] CR0=0000000080050033 CR3=00000000a207f000 CR4=00000000001426e0
[  719.507854] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  719.514741] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  719.520858] *** Control State ***
[  719.524568] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  719.531307] EntryControls=0000d1ff ExitControls=002fefff
[  719.537017] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  719.544138] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  719.550875] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  719.557762]         reason=80000021 qualification=0000000000000000
[  719.564272] IDTVectoring: info=00000000 errcode=00000000
06:46:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x4001ff)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000200)=[@in={0x2, 0x0, @broadcast}], 0x1000000cb)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r2, 0x800442d2, &(0x7f0000000000)={0x6, &(0x7f0000000400)=[{0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @dev}, {}, {0x0, 0x0, 0x0, @random}]})

[  719.569782] TSC Offset = 0xfffffe790edce041
[  719.574368] TPR Threshold = 0x00
[  719.577819] EPT pointer = 0x00000000a0b1e01e
06:46:01 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x0, 0xffff, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  719.979132] *** Guest State ***
[  719.983036] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  719.992254] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  720.001195] CR3 = 0x0000000000000000
[  720.005152] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  720.011202] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  720.018205] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  720.025248] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  720.033480] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.041550] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.049818] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.058088] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.066309] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.074554] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  720.082899] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  720.090966] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  720.099314] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  720.107535] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  720.114388] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  720.122095] Interruptibility = 00000000  ActivityState = 00000000
[  720.128410] *** Host State ***
[  720.131682] RIP = 0xffffffff812cf768  RSP = 0xffff8880a464f378
[  720.138068] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  720.144721] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  720.152852] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  720.158826] CR0=0000000080050033 CR3=00000000a3bd3000 CR4=00000000001426f0
[  720.166187] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  720.173104] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  720.179223] *** Control State ***
[  720.183129] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  720.190084] EntryControls=0000d1ff ExitControls=002fefff
[  720.195864] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  720.203047] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  720.209788] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  720.216731]         reason=80000021 qualification=0000000000000000
[  720.223280] IDTVectoring: info=00000000 errcode=00000000
06:46:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x10000, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:02 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x4040, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  720.228822] TSC Offset = 0xfffffe78a0730fa5
[  720.233435] TPR Threshold = 0x00
[  720.236865] EPT pointer = 0x00000000a0aed01e
06:46:02 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  720.622291] *** Guest State ***
[  720.625780] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  720.634949] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  720.644008] CR3 = 0x0000000000000000
[  720.647788] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  720.654029] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  720.660897] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  720.667856] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  720.676069] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.684331] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.692546] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.700627] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.708902] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  720.717110] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  720.725488] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  720.733776] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  720.741845] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  720.750101] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  720.756739] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  720.764496] Interruptibility = 00000000  ActivityState = 00000000
[  720.770791] *** Host State ***
[  720.774295] RIP = 0xffffffff812cf768  RSP = 0xffff8880a222f378
[  720.780364] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  720.787073] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  720.795087] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  720.801055] CR0=0000000080050033 CR3=00000000a3329000 CR4=00000000001426e0
[  720.808388] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  720.815279] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:02 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  720.821409] *** Control State ***
[  720.825203] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  720.832085] EntryControls=0000d1ff ExitControls=002fefff
[  720.837608] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  720.844839] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  720.851618] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  720.858516]         reason=80000021 qualification=0000000000000000
[  720.865299] IDTVectoring: info=00000000 errcode=00000000
06:46:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x3)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000540)={0x7b, 0x0, [0x8f9ca47, 0x800, 0x7fff, 0x7]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuacct.stat\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f0000000440)={0x10001, 0x2})
ioctl$EVIOCGSND(r4, 0x8040451a, &(0x7f0000000480)=""/42)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000180)={0x1, 0x0, @ioapic={0x6000, 0x4, 0x8, 0x7, 0x0, [{0x4, 0x100000000, 0x5, [], 0x8}, {0x0, 0xd9a2, 0x6, [], 0x100000001}, {0x9, 0x9, 0x3, [], 0x5}, {0x7, 0x5, 0x5, [], 0x7}, {0x9b56, 0x8, 0x7, [], 0x1}, {0x5, 0x3, 0x7}, {0x6, 0xffffffff, 0x6, [], 0x5}, {0x1, 0xfffffffffffffff8, 0xd6bf, [], 0x6}, {0x3, 0x1000, 0x4, [], 0x5}, {0x7fff, 0x1, 0x9}, {0x7fff, 0x0, 0xf5, [], 0x4}, {0x800, 0x9, 0x8, [], 0xe9}, {0x6, 0xcb33, 0x3061, [], 0x2}, {0xe7, 0x0, 0xff, [], 0x2}, {0x9, 0x4, 0x87, [], 0x5}, {0x5, 0x8, 0x1, [], 0x1}, {0x3, 0x9, 0x8, [], 0xffff}, {0x0, 0x8, 0x1, [], 0x8}, {0x7, 0x0, 0x1, [], 0x3}, {0x7, 0x6, 0x1000, [], 0x400}, {0xd36, 0x6, 0x0, [], 0xd02}, {0x7fffffff, 0x0, 0x802, [], 0x6}, {0x8, 0x0, 0x76, [], 0x815}, {0x8, 0x4, 0x1, [], 0x6}]}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x8, 0x2)
syz_open_dev$usb(&(0x7f0000000500)='/dev/bus/usb/00#/00#\x00', 0xffff, 0x400)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  720.870818] TSC Offset = 0xfffffe7845e334bd
[  720.875324] TPR Threshold = 0x00
[  720.878761] EPT pointer = 0x00000000a224901e
06:46:03 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:03 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:03 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x10000, 0x0)
ioctl$SG_GET_VERSION_NUM(r4, 0x2282, &(0x7f0000000100))
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f0000000000)=0x1)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:03 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:03 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:03 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  722.146058] *** Guest State ***
[  722.149671] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  722.158847] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  722.167935] CR3 = 0x0000000000000000
[  722.171718] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  722.178049] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  722.184257] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  722.191219] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.199543] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.207838] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  722.216208] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.224505] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.232830] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.240901] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  722.249230] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.257458] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  722.265838] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.274104] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  722.280599] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  722.288404] Interruptibility = 00000000  ActivityState = 00000000
[  722.294855] *** Host State ***
[  722.298138] RIP = 0xffffffff812cf768  RSP = 0xffff8880a409f378
[  722.304585] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  722.311110] FSBase=00007fb69a05c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  722.319641] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  722.325793] CR0=0000000080050033 CR3=000000019b73b000 CR4=00000000001426f0
[  722.333166] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  722.339924] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  722.346303] *** Control State ***
[  722.348591] *** Guest State ***
[  722.349821] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  722.349852] EntryControls=0000d1ff ExitControls=002fefff
[  722.349896] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  722.349929] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  722.349962] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  722.349993]         reason=80000021 qualification=0000000000000000
[  722.350021] IDTVectoring: info=00000000 errcode=00000000
[  722.350046] TSC Offset = 0xfffffe777ad24ef9
[  722.350074] EPT pointer = 0x00000000a053e01e
[  722.407560] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  722.416718] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  722.425779] CR3 = 0x0000000000000000
[  722.429569] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  722.435901] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
06:46:04 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

[  722.442800] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  722.449556] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  722.457916] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  722.466120] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  722.474377] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  722.482584] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  722.490700] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  722.498952] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  722.507154] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  722.515417] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  722.523629] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  722.531703] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  722.538409] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  722.546065] Interruptibility = 00000000  ActivityState = 00000000
[  722.552563] *** Host State ***
[  722.555860] RIP = 0xffffffff812cf768  RSP = 0xffff8880a218f378
[  722.562116] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  722.568608] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  722.576719] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  722.582824] CR0=0000000080050033 CR3=00000000a21ef000 CR4=00000000001426e0
[  722.589927] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  722.596884] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  722.603128] *** Control State ***
[  722.606674] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  722.613648] EntryControls=0000d1ff ExitControls=002fefff
[  722.619195] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  722.626404] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  722.633277] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  722.639935]         reason=80000021 qualification=0000000000000000
[  722.646635] IDTVectoring: info=00000000 errcode=00000000
[  722.652293] TSC Offset = 0xfffffe7755a35688
[  722.656689] TPR Threshold = 0x00
[  722.660126] EPT pointer = 0x00000000a059601e
[  722.673346] *** Guest State ***
[  722.676732] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  722.685923] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  722.695010] CR3 = 0x0000000000000000
[  722.698803] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  722.705023] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  722.711085] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  722.718000] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.726226] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.734452] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  722.742679] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.750752] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.758999] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.767225] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  722.775518] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.783755] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  722.791829] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  722.800142] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  722.806801] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  722.814578] Interruptibility = 00000000  ActivityState = 00000000
[  722.820930] *** Host State ***
[  722.824431] RIP = 0xffffffff812cf768  RSP = 0xffff8880a0a0f378
[  722.830512] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  722.837243] FSBase=00007fb09ecd8700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  722.845277] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  722.851252] CR0=0000000080050033 CR3=00000000a373f000 CR4=00000000001426f0
[  722.858689] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  722.865587] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  722.871735] *** Control State ***
[  722.875499] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  722.882397] EntryControls=0000d1ff ExitControls=002fefff
[  722.887944] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
06:46:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  722.895182] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  722.902096] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  722.908761]         reason=80000021 qualification=0000000000000000
[  722.915403] IDTVectoring: info=00000000 errcode=00000000
[  722.920937] TSC Offset = 0xfffffe777c6cf6a5
[  722.925581] EPT pointer = 0x00000000a234401e
06:46:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:05 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  723.423368] *** Guest State ***
[  723.427009] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  723.436230] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  723.445330] CR3 = 0x0000000000000000
[  723.449114] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  723.455462] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  723.462436] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  723.469200] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  723.476493] *** Guest State ***
[  723.477568] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.480586] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  723.488775] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.497822] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  723.505993] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.515061] CR3 = 0x0000000000000000
[  723.523217] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.526905] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  723.526945] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  723.535124] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.535157] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  723.535195] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  723.535230] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  723.535270] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  723.535300] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  723.535328] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  723.535368] Interruptibility = 00000000  ActivityState = 00000000
[  723.541397] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  723.548227] *** Host State ***
[  723.548270] RIP = 0xffffffff812cf768  RSP = 0xffff8880a217f378
[  723.556440] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  723.564634] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  723.572879] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.580818] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  723.588982] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.589021] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.589061] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.589102] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  723.589133] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  723.589173] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  723.589207] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  723.589247] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  723.589286] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  723.595892] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  723.603703] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  723.609798] CR0=0000000080050033 CR3=00000000a474a000 CR4=00000000001426f0
[  723.616682] Interruptibility = 00000000  ActivityState = 00000000
[  723.619909] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  723.626045] *** Host State ***
[  723.626102] RIP = 0xffffffff812cf768  RSP = 0xffff8880a409f378
[  723.634274] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  723.640724] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  723.648880] *** Control State ***
[  723.656883] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  723.656914] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  723.656946] CR0=0000000080050033 CR3=00000000b3f88000 CR4=00000000001426e0
[  723.656980] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  723.657009] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  723.657024] *** Control State ***
[  723.657070] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  723.665251] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  723.673441] EntryControls=0000d1ff ExitControls=002fefff
[  723.681395] EntryControls=0000d1ff ExitControls=002fefff
[  723.681436] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  723.689639] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  723.697822] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  723.705996] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  723.714214] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  723.722358] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  723.722393]         reason=80000021 qualification=0000000000000000
[  723.722430] IDTVectoring: info=00000000 errcode=00000000
[  723.728879]         reason=80000021 qualification=0000000000000000
[  723.734964] TSC Offset = 0xfffffe76b7d02ea6
[  723.742635] IDTVectoring: info=00000000 errcode=00000000
[  723.749685] TPR Threshold = 0x00
06:46:05 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x4, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  723.756123] TSC Offset = 0xfffffe76bf456000
[  723.762975] EPT pointer = 0x00000000a0b1901e
[  723.766194] TPR Threshold = 0x00
[  723.936723] EPT pointer = 0x000000009f82101e
06:46:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
dup2(r3, r1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:46:06 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  724.254414] *** Guest State ***
[  724.257802] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  724.267118] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  724.276406] CR3 = 0x0000000000000000
[  724.280194] RSP = 0x0000000000000f78  RIP = 0x0000000000000045
[  724.286503] RFLAGS=0x00000006         DR7 = 0x0000000000000400
[  724.292765] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  724.299651] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.307979] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.316217] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  724.324961] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.333211] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.341284] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.349695] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  724.357992] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.366352] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  724.374596] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  724.382927] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  724.389415] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  724.397165] Interruptibility = 00000000  ActivityState = 00000000
[  724.404384] *** Host State ***
[  724.407683] RIP = 0xffffffff812cf768  RSP = 0xffff8880a22ff378
[  724.414812] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  724.421334] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  724.429480] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  724.435632] CR0=0000000080050033 CR3=00000000a2313000 CR4=00000000001426f0
[  724.442987] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  724.449764] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  724.456317] *** Control State ***
[  724.459852] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  724.466915] EntryControls=0000d1ff ExitControls=002fefff
[  724.472664] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  724.479793] VMEntry: intr_info=00000306 errcode=00000000 ilen=00000000
[  724.486841] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  724.493787]         reason=80000021 qualification=0000000000000000
[  724.500185] IDTVectoring: info=00000000 errcode=00000000
06:46:06 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  724.505963] TSC Offset = 0xfffffe76501a0b3a
[  724.510363] EPT pointer = 0x00000000a044e01e
[  724.604251] *** Guest State ***
[  724.607759] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  724.616973] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  724.626071] CR3 = 0x0000000000000000
[  724.629860] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  724.636174] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  724.643225] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  724.650090] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  724.658442] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  724.666710] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  724.675034] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  724.683284] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  724.691356] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
06:46:06 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

[  724.699655] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  724.707961] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  724.716252] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  724.724541] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  724.733035] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  724.739538] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  724.747367] Interruptibility = 00000000  ActivityState = 00000000
[  724.753878] *** Host State ***
[  724.757162] RIP = 0xffffffff812cf768  RSP = 0xffff8880a238f378
[  724.763485] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  724.769996] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  724.778150] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  724.784262] CR0=0000000080050033 CR3=00000000a3ad5000 CR4=00000000001426f0
[  724.791367] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  724.798346] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  724.804652] *** Control State ***
[  724.808187] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  724.815150] EntryControls=0000d1ff ExitControls=002fefff
[  724.820699] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  724.827966] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  724.834861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005
[  724.841530]         reason=80000021 qualification=0000000000000000
[  724.848166] IDTVectoring: info=00000000 errcode=00000000
[  724.853923] TSC Offset = 0xfffffe761ddd1536
[  724.858423] TPR Threshold = 0x00
[  724.861856] EPT pointer = 0x00000000a372001e
06:46:07 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setflags(r1, 0x2, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0xa6f7, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:07 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:07 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  725.444388] *** Guest State ***
[  725.447958] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  725.457140] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  725.466222] CR3 = 0x0000000000000000
[  725.470018] RSP = 0x0000000000000f7a  RIP = 0x000000000000003f
[  725.476292] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  725.482518] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:46:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  725.489404] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.497655] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.505855] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  725.514148] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.522382] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.530484] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.538775] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  725.547031] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.555256] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  725.563491] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  725.571546] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  725.578241] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  725.585931] Interruptibility = 00000000  ActivityState = 00000000
[  725.592386] *** Host State ***
[  725.595674] RIP = 0xffffffff812cf768  RSP = 0xffff8880a23af378
[  725.601743] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  725.608459] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  725.616502] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  725.622664] CR0=0000000080050033 CR3=00000000a3d2f000 CR4=00000000001426f0
[  725.629767] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  725.636723] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  725.643011] *** Control State ***
[  725.646539] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  725.653431] EntryControls=0000d1ff ExitControls=002fefff
[  725.658963] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  725.666302] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  725.673291] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  725.679967]         reason=80000021 qualification=0000000000000000
[  725.686654] IDTVectoring: info=00000000 errcode=00000000
[  725.692432] TSC Offset = 0xfffffe75ad639d03
[  725.696822] EPT pointer = 0x000000009f95e01e
[  725.885215] *** Guest State ***
[  725.888868] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  725.898086] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  725.907176] CR3 = 0x0000000000000000
[  725.910968] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  725.917264] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  725.924223] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:46:08 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000033000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  725.930978] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  725.939316] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  725.947630] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  725.955978] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  725.964357] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  725.972594] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  725.980698] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  725.989044] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  725.997289] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  726.005582] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  726.013859] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  726.020366] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  726.028217] Interruptibility = 00000000  ActivityState = 00000000
[  726.034769] *** Host State ***
[  726.038050] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3a0f378
[  726.044372] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  726.050872] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  726.059021] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  726.065148] CR0=0000000080050033 CR3=00000000a21b8000 CR4=00000000001426f0
[  726.072556] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  726.079427] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  726.085807] *** Control State ***
[  726.089339] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  726.096319] EntryControls=0000d1ff ExitControls=002fefff
[  726.101853] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  726.109332] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  726.116316] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  726.123140]         reason=80000021 qualification=0000000000000000
[  726.129530] IDTVectoring: info=00000000 errcode=00000000
[  726.135349] TSC Offset = 0xfffffe75705f4b1d
[  726.139740] TPR Threshold = 0x00
[  726.143412] EPT pointer = 0x00000000a04e501e
06:46:08 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x0, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:08 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  726.353769] *** Guest State ***
[  726.357311] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  726.366515] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  726.375600] CR3 = 0x0000000000000000
[  726.379411] RSP = 0x0000000000000f80  RIP = 0x0000000000002000
[  726.385753] RFLAGS=0x00010046         DR7 = 0x0000000000000400
[  726.391806] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  726.398853] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.407211] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.415525] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  726.423869] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.432193] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.440292] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.448607] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  726.456915] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.465292] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  726.473534] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  726.481606] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  726.488292] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  726.495986] Interruptibility = 00000000  ActivityState = 00000000
[  726.502445] *** Host State ***
[  726.505718] RIP = 0xffffffff812cf768  RSP = 0xffff8880a23cf378
[  726.511792] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  726.518462] FSBase=00007fb09ed1a700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  726.526586] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  726.532808] CR0=0000000080050033 CR3=00000000a225b000 CR4=00000000001426f0
[  726.539930] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  726.546896] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  726.553161] *** Control State ***
[  726.556695] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  726.563594] EntryControls=0000d1ff ExitControls=002fefff
[  726.569150] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  726.576328] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  726.583236] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  726.589897]         reason=80000021 qualification=0000000000000000
[  726.596457] IDTVectoring: info=00000000 errcode=00000000
[  726.602134] TSC Offset = 0xfffffe753d6909fe
[  726.606529] EPT pointer = 0x00000000a0a1801e
06:46:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x0, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  726.995061] *** Guest State ***
[  726.998674] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  727.007948] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  727.017005] CR3 = 0x0000000000000000
[  727.020793] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  727.027106] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  727.033293] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  727.040049] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.048377] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.056599] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  727.064903] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.073104] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.081176] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.089446] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  727.097680] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  727.106020] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  727.114273] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  727.122554] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  727.129062] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  727.136807] Interruptibility = 00000000  ActivityState = 00000000
[  727.143340] *** Host State ***
[  727.146643] RIP = 0xffffffff812cf768  RSP = 0xffff88809f97f378
[  727.152942] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  727.159450] FSBase=00007fb09ecf9700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  727.167535] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  727.173818] CR0=0000000080050033 CR3=00000000a225b000 CR4=00000000001426e0
[  727.180922] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  727.188194] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0x0, 0x0, [], 0x7ff}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:09 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  727.194455] *** Control State ***
[  727.197993] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  727.205105] EntryControls=0000d1ff ExitControls=002fefff
[  727.210664] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  727.217922] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  727.224807] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  727.231652]         reason=80000021 qualification=0000000000000000
[  727.238278] IDTVectoring: info=00000000 errcode=00000000
06:46:09 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x0, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  727.243959] TSC Offset = 0xfffffe753d68c92c
[  727.248348] EPT pointer = 0x00000000a0a1801e
[  727.564420] *** Guest State ***
[  727.567950] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  727.577076] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  727.586109] CR3 = 0x0000000000000000
[  727.589879] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  727.596049] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  727.602972] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  727.609723] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  727.618013] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  727.626225] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  727.634494] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  727.642709] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  727.650785] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  727.659173] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  727.667429] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  727.675684] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  727.683949] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  727.692142] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  727.698751] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  727.706437] Interruptibility = 00000000  ActivityState = 00000000
[  727.712924] *** Host State ***
[  727.716202] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3a0f378
[  727.722460] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  727.728950] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  727.737047] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  727.743143] CR0=0000000080050033 CR3=00000000a2105000 CR4=00000000001426e0
[  727.750286] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  727.757243] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  727.763500] *** Control State ***
[  727.767029] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  727.773956] EntryControls=0000d1ff ExitControls=002fefff
[  727.779487] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  727.786764] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  727.793673] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  727.800421]         reason=80000021 qualification=0000000000000000
[  727.807005] IDTVectoring: info=00000000 errcode=00000000
06:46:09 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  727.812662] TSC Offset = 0xfffffe7487f60a1d
[  727.817050] TPR Threshold = 0x00
[  727.820484] EPT pointer = 0x000000009faed01e
06:46:10 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  727.978450] *** Guest State ***
[  727.982397] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  727.991325] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  728.000446] CR3 = 0x0000000000000000
[  728.004311] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  728.010347] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  728.017377] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  728.024272] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  728.032533] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  728.040653] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  728.048923] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  728.057126] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  728.065390] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  728.073572] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  728.081779] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  728.089972] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  728.098234] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  728.106419] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  728.113092] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  728.120647] Interruptibility = 00000000  ActivityState = 00000000
[  728.127158] *** Host State ***
[  728.130438] RIP = 0xffffffff812cf768  RSP = 0xffff88809f97f378
[  728.136746] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  728.143446] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  728.151327] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  728.157499] CR0=0000000080050033 CR3=00000000a18c1000 CR4=00000000001426e0
[  728.164732] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  728.171482] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  728.177824] *** Control State ***
[  728.181355] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  728.188283] EntryControls=0000d1ff ExitControls=002fefff
[  728.193944] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  728.200952] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  728.207886] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  728.214681]         reason=80000021 qualification=0000000000000000
[  728.221073] IDTVectoring: info=00000000 errcode=00000000
[  728.226866] TSC Offset = 0xfffffe744f08dd54
[  728.231257] TPR Threshold = 0x00
[  728.234895] EPT pointer = 0x000000009fb3001e
06:46:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x70, 0x0, 0x1, 0x80000000, 0x5, 0x0, 0x40, 0x200, 0x8, 0xfffffffffffff481, 0x5, 0xf231, 0x6, 0x7fffffff, 0x9, 0x5, 0x3f, 0xc0000, 0x51, 0xd800, 0xe03, 0x1, 0xd3, 0x5, 0x1, 0x7f, 0xff, 0xffffffffffffffe1, 0x7, 0x7, 0xff, 0x4, 0x6cb, 0x2, 0x2, 0xfffffffffffffffd, 0x3f, 0x0, 0xb32, 0x2, @perf_config_ext={0x100, 0x4}, 0x405, 0x2a, 0x4, 0x5, 0xf50, 0x9, 0x29}, 0xffffffffffffff9c, 0x2, 0xffffffffffffffff, 0x8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x8001, 0x2, 0x0, 0x0, 0x0, 0x9, 0x30000, 0x8, 0x8, 0x4005, 0x7, 0x3, 0x80000001, 0x7f, 0x8, 0x3ff, 0x9, 0x7, 0x88, 0x100000000, 0xce, 0xfffffffffffffff8, 0xfffffffffffffc00, 0x8001, 0x7ff, 0x8, 0x1, 0x7, 0x14a4, 0x7, 0xffffffffffff7034, 0x7b6, 0x3, 0xfffffffffffffffc, 0x5, 0x3a5e444d, 0x0, 0x80000000, 0x1, @perf_config_ext={0x1}, 0x100, 0x80000000, 0xff, 0xf, 0x6, 0x8a, 0xeee}, 0x0, 0x1, 0xffffffffffffff9c, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x5)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000400)={{0x2, 0x4e20, @multicast2}, {0x1, @broadcast}, 0x4, {0x2, 0x4e23, @local}, 'gretap0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000200)=@req={0x7, 0x7fffffff, 0x40, 0x5}, 0x10)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:10 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x0, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:10 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:10 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  728.821528] *** Guest State ***
[  728.825339] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  728.834585] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  728.843756] CR3 = 0x0000000000000000
[  728.847671] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  728.854013] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  728.860175] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  728.867208] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.875431] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.883745] SS:   sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000
[  728.891821] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.900169] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.908486] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.916784] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  728.925035] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.933359] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  728.941435] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  728.949769] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  728.956425] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  728.964192] Interruptibility = 00000000  ActivityState = 00000000
[  728.970500] *** Host State ***
[  728.974031] RIP = 0xffffffff812cf768  RSP = 0xffff8880a20bf378
[  728.980112] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  728.986889] FSBase=00007fb09ecf9700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  728.995010] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  729.000988] CR0=0000000080050033 CR3=00000000a0b57000 CR4=00000000001426f0
[  729.008336] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  729.015299] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  729.021423] *** Control State ***
[  729.025185] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  729.032151] EntryControls=0000d1ff ExitControls=002fefff
[  729.037701] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  729.044950] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  729.051703] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  729.058599]         reason=80000021 qualification=0000000000000000
[  729.065237] IDTVectoring: info=00000000 errcode=00000000
06:46:11 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:11 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  729.070761] TSC Offset = 0xfffffe73e7485931
[  729.075427] EPT pointer = 0x00000000a33ce01e
06:46:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  729.371081] *** Guest State ***
[  729.374813] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  729.384024] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  729.393066] CR3 = 0x0000000000000000
[  729.396855] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  729.403029] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  729.409779] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  729.416755] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  729.424960] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  729.433208] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  729.441277] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  729.449490] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  729.457692] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  729.465859] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  729.474075] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  729.482260] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  729.490361] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  729.498571] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  729.505214] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  729.512866] Interruptibility = 00000000  ActivityState = 00000000
[  729.519160] *** Host State ***
[  729.522563] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3a0f378
[  729.528666] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  729.535294] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  729.543304] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  729.549281] CR0=0000000080050033 CR3=000000009fac9000 CR4=00000000001426e0
[  729.556525] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  729.563450] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:11 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  729.569568] *** Control State ***
[  729.573238] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  729.579978] EntryControls=0000d1ff ExitControls=002fefff
[  729.585659] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  729.592796] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  729.600037] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  729.606900]         reason=80000021 qualification=0000000000000000
[  729.613433] IDTVectoring: info=00000000 errcode=00000000
[  729.618955] TSC Offset = 0xfffffe73908de63d
[  729.623631] TPR Threshold = 0x00
[  729.627069] EPT pointer = 0x000000009fa5201e
06:46:12 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x0, 0x4, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x1c, [0x6, 0x2, 0x8000, 0xa6f7, 0x0, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  730.006769] *** Guest State ***
[  730.010378] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  730.019909] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  730.028959] CR3 = 0x0000000000000000
[  730.032862] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  730.038916] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  730.045819] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  730.052800] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  730.060866] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.069070] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.077268] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.085473] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.093685] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.101746] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  730.109949] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  730.118170] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  730.126366] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  730.134551] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  730.141055] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  730.148740] Interruptibility = 00000000  ActivityState = 00000000
[  730.155155] *** Host State ***
[  730.158431] RIP = 0xffffffff812cf768  RSP = 0xffff8881975df378
[  730.164699] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  730.171190] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  730.179209] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  730.185314] CR0=0000000080050033 CR3=000000009fbe9000 CR4=00000000001426e0
[  730.192545] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  730.199314] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  730.205574] *** Control State ***
[  730.209120] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  730.215979] EntryControls=0000d1ff ExitControls=002fefff
[  730.221513] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  730.228665] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  730.235544] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  730.242333]         reason=80000021 qualification=0000000000000000
[  730.248732] IDTVectoring: info=00000000 errcode=00000000
06:46:12 executing program 1:
r0 = fanotify_init(0x0, 0x0)
fanotify_mark(r0, 0x80, 0x0, 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00')

06:46:12 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  730.254369] TSC Offset = 0xfffffe734065b6b1
[  730.258760] TPR Threshold = 0x00
[  730.262292] EPT pointer = 0x00000000a77ab01e
[  730.414179] *** Guest State ***
[  730.417660] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  730.426843] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  730.435982] CR3 = 0x0000000000000000
[  730.439770] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  730.446091] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  730.452970] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  730.459735] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  730.468053] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.476309] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.484592] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.492880] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.500950] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  730.509268] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  730.517477] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  730.525768] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  730.533968] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  730.542211] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  730.548717] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  730.556443] Interruptibility = 00000000  ActivityState = 00000000
[  730.562862] *** Host State ***
[  730.566129] RIP = 0xffffffff812cf768  RSP = 0xffff8880a3b5f378
[  730.572378] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  730.578897] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  730.586976] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  730.593069] CR0=0000000080050033 CR3=000000009f960000 CR4=00000000001426e0
[  730.600172] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  730.607158] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  730.613417] *** Control State ***
[  730.616942] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  730.623914] EntryControls=0000d1ff ExitControls=002fefff
[  730.629476] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  730.636716] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  730.643588] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  730.650353]         reason=80000021 qualification=0000000000000000
[  730.656886] IDTVectoring: info=00000000 errcode=00000000
[  730.662712] TSC Offset = 0xfffffe7302eb1842
[  730.667117] TPR Threshold = 0x00
[  730.670549] EPT pointer = 0x00000000a23b301e
06:46:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:12 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:12 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x5)
write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8)
r1 = dup(r0)
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff)
socket$inet6(0xa, 0x804, 0x0)
ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000000))

06:46:12 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  731.227438] *** Guest State ***
[  731.231122] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  731.240339] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  731.249432] CR3 = 0x0000000000000000
[  731.253358] RSP = 0x0000000000000f7a  RIP = 0x000000000000003f
[  731.259406] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  731.265684] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  731.272687] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.280746] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.289048] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  731.297348] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.305577] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.313898] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:46:13 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  731.322111] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  731.330170] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.338401] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  731.347245] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  731.355486] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  731.362156] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  731.369688] Interruptibility = 00000000  ActivityState = 00000000
[  731.376347] *** Host State ***
[  731.379632] RIP = 0xffffffff812cf768  RSP = 0xffff8880a0adf378
[  731.386065] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  731.392746] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  731.400629] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  731.406874] CR0=0000000080050033 CR3=000000009fbfe000 CR4=00000000001426f0
[  731.414148] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  731.420899] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  731.427259] *** Control State ***
[  731.430788] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  731.437773] EntryControls=0000d1ff ExitControls=002fefff
[  731.443493] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  731.450498] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  731.457518] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  731.464313]         reason=80000021 qualification=0000000000000000
[  731.470696] IDTVectoring: info=00000000 errcode=00000000
[  731.476459] TSC Offset = 0xfffffe7298b5e552
[  731.480845] EPT pointer = 0x00000000b3fd001e
06:46:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x8000, 0x0, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:13 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:14 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  732.173207] *** Guest State ***
[  732.176798] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  732.185989] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  732.195042] CR3 = 0x0000000000000000
[  732.198823] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  732.205117] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  732.211163] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  732.218045] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.226265] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.234463] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  732.242671] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.250743] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.258954] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
06:46:14 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  732.267140] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  732.275346] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.283556] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  732.291637] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  732.299828] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  732.306444] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  732.314104] Interruptibility = 00000000  ActivityState = 00000000
[  732.320929] *** Host State ***
[  732.324460] RIP = 0xffffffff812cf768  RSP = 0xffff88809fa6f378
[  732.330533] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  732.337261] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  732.345364] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  732.351339] CR0=0000000080050033 CR3=000000019b442000 CR4=00000000001426e0
[  732.358641] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  732.365511] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  732.371622] *** Control State ***
[  732.375240] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  732.382074] EntryControls=0000d1ff ExitControls=002fefff
[  732.387591] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  732.394854] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  732.401591] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  732.408505]         reason=80000021 qualification=0000000000000000
[  732.415014] IDTVectoring: info=00000000 errcode=00000000
[  732.420525] TSC Offset = 0xfffffe721e2ff801
[  732.425093] EPT pointer = 0x00000000a219301e
06:46:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  732.587554] *** Guest State ***
[  732.591137] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  732.600378] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  732.609419] CR3 = 0x0000000000000000
[  732.613372] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  732.619426] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  732.626400] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  732.633364] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  732.641433] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  732.649702] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  732.657891] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  732.666158] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  732.674438] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
06:46:14 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  732.682624] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  732.690700] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  732.699002] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  732.707207] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  732.715499] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  732.722105] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  732.729637] Interruptibility = 00000000  ActivityState = 00000000
[  732.736136] *** Host State ***
[  732.739411] RIP = 0xffffffff812cf768  RSP = 0xffff8880a14bf378
[  732.745686] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  732.752282] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  732.760152] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  732.766362] CR0=0000000080050033 CR3=000000009f963000 CR4=00000000001426e0
[  732.773601] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  732.780370] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  732.786727] *** Control State ***
[  732.790258] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  732.797210] EntryControls=0000d1ff ExitControls=002fefff
[  732.802848] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  732.809843] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  732.816787] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  732.823589]         reason=80000021 qualification=0000000000000000
[  732.829985] IDTVectoring: info=00000000 errcode=00000000
[  732.835711] TSC Offset = 0xfffffe71d7210373
[  732.840077] TPR Threshold = 0x00
[  732.843629] EPT pointer = 0x000000018c1c101e
06:46:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x6, 0x2, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:18 executing program 1:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
munmap(&(0x7f00004d5000/0x2000)=nil, 0x2000)
mount(&(0x7f00000000c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, &(0x7f000000a000))
open$dir(&(0x7f0000000080)='./file0\x00', 0x9a000, 0x20)
chdir(&(0x7f0000000000)='./file0\x00')
r1 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0)
ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x400})
ftruncate(r1, 0x28007d)
sendfile(r1, r1, &(0x7f0000d83ff8), 0x2008000fffffffe)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000140))
write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x4, 0x1}}}, 0x18)
clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff)
clock_adjtime(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x4})

06:46:18 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:18 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x0, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x6, 0x2, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  736.234091] *** Guest State ***
[  736.238203] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  736.247637] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  736.256724] CR3 = 0x0000000000000000
[  736.260540] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  736.266800] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  736.273804] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  736.280658] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  736.288873] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  736.297105] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  736.305377] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  736.313592] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  736.322161] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  736.330217] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  736.338457] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  736.346737] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  736.354965] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  736.363268] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  736.369746] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  736.377508] Interruptibility = 00000000  ActivityState = 00000000
[  736.383952] *** Host State ***
[  736.387208] RIP = 0xffffffff812cf768  RSP = 0xffff8880a14ef378
[  736.393492] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  736.400004] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  736.408124] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  736.414232] CR0=0000000080050033 CR3=000000019ef12000 CR4=00000000001426f0
[  736.421317] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  736.428292] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  736.434510] *** Control State ***
[  736.438017] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  736.444900] EntryControls=0000d1ff ExitControls=002fefff
[  736.450445] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  736.457701] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  736.464581] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  736.471232]         reason=80000021 qualification=0000000000000000
[  736.477830] IDTVectoring: info=00000000 errcode=00000000
[  736.483493] TSC Offset = 0xfffffe6fe54f2696
[  736.487909] TPR Threshold = 0x00
[  736.491329] EPT pointer = 0x000000009f8b001e
[  736.515411] *** Guest State ***
[  736.518793] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  736.528049] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  736.537125] CR3 = 0x0000000000000000
[  736.540908] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  736.547151] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  736.553335] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  736.560231] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.568493] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.576698] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  736.584940] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.593165] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.601223] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.609553] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  736.617806] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.626064] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  736.634300] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  736.642497] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  736.648974] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  736.656670] Interruptibility = 00000000  ActivityState = 00000000
[  736.663209] *** Host State ***
[  736.666461] RIP = 0xffffffff812cf768  RSP = 0xffff88809f9ef378
[  736.672673] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  736.679160] FSBase=00007fb69a05c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  736.687193] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  736.693345] CR0=0000000080050033 CR3=00000001971e2000 CR4=00000000001426f0
[  736.700436] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  736.707390] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  736.713646] *** Control State ***
[  736.717159] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  736.724044] EntryControls=0000d1ff ExitControls=002fefff
[  736.729573] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
06:46:18 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  736.736747] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  736.743695] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  736.750330]         reason=80000021 qualification=0000000000000000
[  736.756897] IDTVectoring: info=00000000 errcode=00000000
[  736.762561] TSC Offset = 0xfffffe6fd30c1ae7
[  736.766972] EPT pointer = 0x00000000a15a501e
06:46:18 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:19 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

06:46:19 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:20 executing program 1:
syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pread64(r1, &(0x7f0000000240)=""/135, 0x87, 0x0)
socket$inet6(0xa, 0x2, 0x0)
dup(r0)
fcntl$dupfd(r0, 0x0, r0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e21, 0x0, @local}, 0x1c)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000580)={[], 0x0, 0x3, 0x30, 0x729, 0x3ff})
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000003c0)={0x0, 0x80000})
write$cgroup_int(r2, &(0x7f0000000080), 0x297ef)

06:46:20 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x2, 0x0, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:20 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  738.347723] *** Guest State ***
[  738.351300] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  738.360450] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  738.369528] CR3 = 0x0000000000000000
[  738.373506] RSP = 0x0000000000000f7a  RIP = 0x000000000000003f
[  738.379537] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  738.385779] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  738.392717] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.400896] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.409121] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  738.417415] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.425624] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.433891] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.442061] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  738.450112] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.458471] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  738.466659] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  738.474930] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  738.481437] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  738.489151] Interruptibility = 00000000  ActivityState = 00000000
[  738.495535] *** Host State ***
[  738.498794] RIP = 0xffffffff812cf768  RSP = 0xffff88809f9ef378
[  738.505074] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  738.511561] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  738.519676] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  738.525790] CR0=0000000080050033 CR3=00000000a23b6000 CR4=00000000001426e0
[  738.533092] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  738.539822] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  738.546181] *** Control State ***
[  738.549696] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  738.556555] EntryControls=0000d1ff ExitControls=002fefff
[  738.562208] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  738.569191] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  738.576075] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  738.582932]         reason=80000021 qualification=0000000000000000
[  738.589301] IDTVectoring: info=00000000 errcode=00000000
06:46:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x0, 0x80000000000000, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  738.594999] TSC Offset = 0xfffffe6ec72be5b5
[  738.599387] EPT pointer = 0x00000000a0ae001e
06:46:20 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  738.951536] *** Guest State ***
[  738.955288] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  738.964467] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  738.973500] CR3 = 0x0000000000000000
[  738.977283] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  738.983670] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  738.990529] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:46:21 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  738.997487] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  739.005714] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  739.013960] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  739.022179] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  739.030238] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  739.038562] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  739.046845] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  739.055137] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  739.063309] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  739.071404] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  739.079682] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  739.086285] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  739.094017] Interruptibility = 00000000  ActivityState = 00000000
06:46:21 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
r1 = dup2(0xffffffffffffffff, r0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r1, 0xd, 0x3}, 0x14)
fchdir(r0)
r2 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000600)={0x20000000})
r3 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
write$P9_RATTACH(r2, &(0x7f0000000240)={0xfffffe7f}, 0xffffffffffffffab)
ioctl$FS_IOC_RESVSP(r2, 0x402c5828, &(0x7f00000001c0)={0x0, 0x0, 0x1000200000000})
write$FUSE_NOTIFY_POLL(r3, &(0x7f0000000000)={0x18}, 0x18)
ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0xd6)
execve(&(0x7f0000000080)='./bus\x00', &(0x7f0000000280)=[&(0x7f00000000c0)='./cgroup.cpu\x00', &(0x7f0000000200)='@cgroup\x00'], &(0x7f0000000540)=[&(0x7f00000002c0)='vboxnet1nodev^$wlan1:\x00', &(0x7f0000000300)='./cgroup.cpu\x00', &(0x7f0000000340)='./cgroup.cpu\x00', &(0x7f0000000380)='./cgroup.cpu\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='./cgroup.cpu\x00', &(0x7f0000000440)='./cgroup.cpu\x00', &(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)='./cgroup.cpu\x00', &(0x7f0000000500)='./cgroup.cpu\x00'])
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000580)={@mcast1, 0x7fff, 0x3, 0x2, 0x4, 0xfffffffffffffc01, 0x8, 0x1}, &(0x7f00000005c0)=0x20)

[  739.100307] *** Host State ***
[  739.103765] RIP = 0xffffffff812cf768  RSP = 0xffff8880a119f378
[  739.109816] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  739.116416] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  739.124425] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  739.130376] CR0=0000000080050033 CR3=000000009f7f6000 CR4=00000000001426e0
[  739.137647] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  739.144516] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  739.150634] *** Control State ***
[  739.154441] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  739.161172] EntryControls=0000d1ff ExitControls=002fefff
[  739.162779] not chained 200000 origins
[  739.166892] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  739.170603] CPU: 0 PID: 8206 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #88
[  739.177694] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  739.171962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  739.171962] Call Trace:
[  739.171962]  <IRQ>
[  739.171962]  dump_stack+0x32d/0x480
[  739.171962]  kmsan_internal_chain_origin+0x222/0x240
[  739.171962]  ? save_stack_trace+0xc6/0x110
[  739.191754] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  739.171962]  ? __irqentry_text_end+0x1fa056/0x1fa056
[  739.171962]  ? kmsan_internal_chain_origin+0x90/0x240
[  739.171962]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  739.171962]  ? is_bpf_text_address+0x49e/0x4d0
[  739.171962]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.203988]         reason=80000021 qualification=0000000000000000
[  739.171962]  ? irq_exit+0x305/0x340
[  739.209677] IDTVectoring: info=00000000 errcode=00000000
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  ? irq_exit+0x305/0x340
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  ? finish_task_switch+0x17e/0x410
[  739.219170] TSC Offset = 0xfffffe6e6f46f0a9
[  739.171962]  ? kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  ? kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  ? __msan_memcpy+0x6f/0x80
[  739.171962]  ? pskb_expand_head+0x436/0x1d20
[  739.171962]  ? __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  ? tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  ? tcp_write_timer_handler+0x691/0xe80
[  739.231019] TPR Threshold = 0x00
[  739.171962]  ? tcp_write_timer+0x139/0x250
[  739.171962]  ? call_timer_fn+0x356/0x7c0
[  739.171962]  ? __run_timers+0xe95/0x1300
[  739.171962]  ? run_timer_softirq+0x55/0xa0
[  739.171962]  ? __do_softirq+0x721/0xc7f
[  739.171962]  ? irq_exit+0x305/0x340
[  739.171962]  ? exiting_irq+0xe/0x10
[  739.171962]  ? smp_apic_timer_interrupt+0x64/0x90
[  739.241759] EPT pointer = 0x00000000a232701e
[  739.171962]  ? apic_timer_interrupt+0xf/0x20
[  739.171962]  ? finish_lock_switch+0x2b/0x40
[  739.171962]  ? finish_task_switch+0x17e/0x410
[  739.171962]  ? __schedule+0x8a8/0xa60
[  739.171962]  ? schedule+0x1db/0x320
[  739.171962]  ? do_nanosleep+0x421/0xbe0
[  739.171962]  ? __se_sys_nanosleep+0x514/0x740
[  739.171962]  ? __x64_sys_nanosleep+0x3e/0x60
[  739.171962]  ? do_syscall_64+0xcf/0x110
[  739.171962]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  739.171962]  ? memcg_kmem_put_cache+0x73/0x460
[  739.171962]  ? __msan_get_context_state+0x9/0x20
[  739.171962]  ? INIT_INT+0xc/0x30
[  739.171962]  ? __kmalloc_node_track_caller+0x369/0x14e0
[  739.171962]  ? ipv4_dst_check+0x1aa/0x2a0
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  ? ipv4_mtu+0x47d/0x530
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  739.171962]  ? ipv4_mtu+0x47d/0x530
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  ? tcp_init_xmit_timers+0x130/0x130
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  ? tcp_init_xmit_timers+0x130/0x130
[  739.171962]  ? irqtime_account_irq+0x73/0x3c0
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  ? timers_dead_cpu+0xb70/0xb70
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962]  irq_exit+0x305/0x340
[  739.171962]  exiting_irq+0xe/0x10
[  739.171962]  smp_apic_timer_interrupt+0x64/0x90
[  739.171962]  apic_timer_interrupt+0xf/0x20
[  739.171962]  </IRQ>
[  739.171962] RIP: 0010:finish_lock_switch+0x2b/0x40
[  739.171962] Code: 48 89 e5 53 48 89 fb e8 b3 f3 9b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 1d e9 9b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 ce f2 9b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55
[  739.171962] RSP: 0018:ffff88811bb1fc50 EFLAGS: 00000296 ORIG_RAX: ffffffffffffff13
[  739.171962] RAX: ffff8881dc1b8b80 RBX: ffff8881425fda00 RCX: ffff8881dc1b8b80
[  739.171962] RDX: ffff8881dc1b9b80 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000
[  739.171962] RBP: ffff88811bb1fc50 R08: ffff888000000000 R09: 0000000000000002
[  739.171962] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888139039e00
[  739.171962] R13: ffff88821fcb8510 R14: ffff88813903a788 R15: ffff88821fcb7b80
[  739.171962]  finish_task_switch+0x17e/0x410
[  739.171962]  __schedule+0x8a8/0xa60
[  739.171962]  schedule+0x1db/0x320
[  739.171962]  do_nanosleep+0x421/0xbe0
[  739.171962]  __se_sys_nanosleep+0x514/0x740
[  739.171962]  ? hrtimer_init_sleeper+0xc0/0xc0
[  739.171962]  __x64_sys_nanosleep+0x3e/0x60
[  739.171962]  do_syscall_64+0xcf/0x110
[  739.171962]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  739.171962] RIP: 0033:0x483060
[  739.171962] Code: 00 00 48 c7 c0 d4 ff ff ff 64 c7 00 16 00 00 00 31 c0 eb be 66 0f 1f 44 00 00 83 3d 11 34 5c 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 f8 f8 ff c3 48 83 ec 08 e8 ba 70 fd ff
[  739.171962] RSP: 002b:0000000000a3fd78 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  739.171962] RAX: ffffffffffffffda RBX: 00000000000b4678 RCX: 0000000000483060
[  739.171962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3fd80
[  739.171962] RBP: 00000000000004cb R08: 0000000000000001 R09: 000000000185d940
[  739.171962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  739.171962] R13: 00000000000b45c4 R14: 0000000000000153 R15: 0000000000000005
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Uninit was stored to memory at:
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  __msan_chain_origin+0x6d/0xb0
[  739.171962]  __save_stack_trace+0x8be/0xc60
[  739.171962]  save_stack_trace+0xc6/0x110
[  739.171962]  kmsan_internal_chain_origin+0x136/0x240
[  739.171962]  kmsan_memcpy_origins+0x13d/0x190
[  739.171962]  __msan_memcpy+0x6f/0x80
[  739.171962]  pskb_expand_head+0x436/0x1d20
[  739.171962]  __tcp_retransmit_skb+0xdf6/0x46c0
[  739.171962]  tcp_send_loss_probe+0x8fb/0xc00
[  739.171962]  tcp_write_timer_handler+0x691/0xe80
[  739.171962]  tcp_write_timer+0x139/0x250
[  739.171962]  call_timer_fn+0x356/0x7c0
[  739.171962]  __run_timers+0xe95/0x1300
[  739.171962]  run_timer_softirq+0x55/0xa0
[  739.171962]  __do_softirq+0x721/0xc7f
[  739.171962] 
[  739.171962] Local variable description: ----_ciph.i@ip_vs_out
[  739.171962] Variable was created at:
[  739.171962]  ip_vs_out+0x138/0x4570
[  739.171962]  ip_vs_reply4+0xec/0x130
06:46:22 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:22 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:22 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
mmap(&(0x7f0000a05000/0x400000)=nil, 0x400000, 0x3, 0x8012, r0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x7, @remote}}}, 0x108)

06:46:22 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:22 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(0xffffffffffffffff)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x6, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  741.134870] *** Guest State ***
[  741.138456] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  741.147561] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  741.156601] CR3 = 0x0000000000000000
[  741.160394] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  741.166627] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  741.172813] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  741.179707] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.188222] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.196405] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  741.204571] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.212844] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.220923] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.229210] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  741.237374] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.245709] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  741.253895] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  741.262183] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  741.268678] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  741.276411] Interruptibility = 00000000  ActivityState = 00000000
[  741.282785] *** Host State ***
[  741.286030] RIP = 0xffffffff812cf768  RSP = 0xffff88809d29f378
[  741.292226] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  741.298693] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  741.306724] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  741.312823] CR0=0000000080050033 CR3=000000009f8b0000 CR4=00000000001426e0
[  741.320426] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  741.327346] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  741.333551] *** Control State ***
[  741.337070] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  741.343955] EntryControls=0000d1ff ExitControls=002fefff
[  741.349502] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  741.356658] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  741.363488] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  741.370126]         reason=80000021 qualification=0000000000000000
[  741.376638] IDTVectoring: info=00000000 errcode=00000000
06:46:23 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x2000})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_pts(r0, 0x5)
r3 = dup3(r2, r0, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000200)={0x0, 0xfff})
write$UHID_INPUT(r3, &(0x7f0000001640)={0x8, "e52aac313baccb9b551156a2d7c12b7711c32a17d3c4c9ceef08c2046fe288a7036e513019e5e114cc4ae935d23a9990952824f5d0c1f52e2eb94e5396ba9dc9a02818038eaef46fc2c3ebbe46e4a6024c93823f66462ba3d68913fdeadd1087b06846aa3ddf6ed3dc2b61b4960f48c2edf5cdf23c7e8d3f2e6daa71e66b29bc19e377d7df4637d735194a52da503a0ac44383ba5b3da867e09ceae02a9bfc21e7f28814c2fab7da41344e207ca706dc37592abdb685e4b80eb6dc2b1dc550a1d16166d163a4a220a54d7844facbbb2648ee90aa05c3c03ee447d79e517df8ffe70c215bd0bf69e86a5f48d571b9337590d05e9947727c0d77d18a117f110252735ca6700a55fd26838935808cce7b7c222a75339e44230bdeb99bc39c0c1cc20de74fcb9744f4c4a988f3874a846d31abcf5504d78a3e14f35f6cbd123fcff22890cc17c730c3ea9f74616dfe60064552ec25568a6211bdc39483a28bed0df0afc7d7c6d13d301e080c8846ea512a8ccae7a99da8dd3009feaf204d22e32c5ecc333e616159d55328d375e59194c5c9a0b3843afb283d1d26f59e03105e91aa552386468432a09be73220e942394f34c559797b74bfe7c5c2c639a40e4d2e81e1004b127540a0bdd6be2f95698e75e4f1203a47d61f506ac9364be9d98ae46536f74afe08c450ecb902e00f188c9f32aed0677455e10bbe82c763a464f10f64c403c35376b7a675546835209f0e2809e9c2bd191f784dda4b727bfac512497a07474e6d3e13233601df81abcdb6fbfb152483ec61baaee45a5d733c62107f63c55a046401a5ddef70cef8d52cb4784e3efc34de554c8ff48f7ae3d6dc1ed4eb70fe1e610355fd66ce1af8ff63b6641fb3dadfab8a9b0b1f26ca11f7287258ad4766e08340f8f2fd53e7e5f287bb73c186f0290f225687040c762776a02e5e65f1b9b713e8ef98ffe111b3e4e7b761dd3ed763ed8dafd67625fb300ac752c0ff9c0c04b75be292c3f0247bd0b3560f1c76aff38791037fcf2b812f1601934a8fc769f7198e0df685841489263a1495a8a8bab1a63cb12b3089a3e30aab15ae872437e52a6f0dbc4df2d0e8df4c6bcd47beefc179d85b70b42b319453e6efaff96a509420bec299f227c4b676c58038916897f15430ff52087dd97dd329c6b6e207378053accaa31843a333e4f69586103424f44bd67eb355c1fbe078e62f07ebaae46c3e335372127dc5fa70a4579af715e531bda52761dc206aded4678079720603a577ef7e5fb5a81a525b7c96a4047d9d6bb80d7e0ce55cc0a4f73256ae9c515307f13fe54126786de425d7a674b05116104176faac5b9365b33fd2f5a710a5159d342abecede83ad421bbb712cd5b006671a958cec907311719eb3e0b5dc4fb51054e06656a7a2a066c0aac65ceb434ca3f242cb2b1d7a22179a85cbbeeacc2f0135d8dd4d1363a98d2543fa4973e19eb359e956d27f142c75f62c7aecaf47090236b9791847725bc6fde15cd4a119a4976a3f0f2d622973ad9000aae56f88b396fa1881ec0b0a5de9955fc8f864b36eacd635b88826e0a64897d605fa4a14f7786b037cf308bef61c7f860e38f1ae67fe8cb7802dbe85f9c0c082eed1a13e645370d0c95d63bba215ac8a637b8f968aef06329d62ba131b56b46bfcfa6a5e82016d5eeb6e7db45595d1acaaa5ec9886315d3dced9d0a15c44c043ac91e4ae7077139774607b76cbc017f636145beb84c1829a6030f4a895a56b8d141f743c9189a71387893f785804f85927a23ccd79c432ab686b621ec91706ef082b4ea4fa608ce2daca0d2e2e07ff51e6a8fdc22f1c8ee5ae53720f93b4547704fae580e5560e3c7b1ac2a38ffc294d3c96635e3b919339394843c8a171c7d12ceb9c0a11be25783694b177b399e7a495538e293a59d3ab44b176afed6894aa0e501d9b98981be3f2057bf6c9869403a34cb83ad57150c674301f39524a026f3608a3414287bc4e507355823c6f8640bb803a392fb8847023d1db3c39753e72414682c617de9bd0d5b6a55d46004d49f20d2f8f53cdd8eb11402f7895cd7c01b4964fd005c564b0b0e156969ccde818dda3a7cae02d1d3af95081e6549f28976fa81b5e90fbb0a62fea850ffaf0220132189c11a74996261f6de6001c50364f08c4f48fd46a0417ec8ee4d003efeead64b87d64b43cd6868f365e72e26dd9f5f9f74d135f64464cb38dd62051ae70c5a4daabebe700eb9b290b8ed4142db0090219e6186f8f71fa8fe1ebe42f621b8eed182ee8ad0401f0a3530fd48e4d1eb2637f1fbd2a7032b0f85715203c12ab8ff48131bc4ff28272b57119a76bc0b30fef5294c23c0b2bcadfbba37a00502b5e43d72148d9acc7cb7cb39dc830cd6f30262a09eecf29d1055c2edc3926cfd5076aa5f9f172ed145359fc974ca5ded652433d212607bed155df1aff269414548a39a644b6ce927de5de6e6750575c4fd7ea7fe10b1e51fde6975c0c23fc012a8b12fe3fa64e972e4e09eafea165ae5c1ffc9d761e1314a781959c223b96eefde0f4f45c7ac032a8d3f1bd304114c3329a3e4966eddcc8d44ae70bad2932f963100955e2d2d487347c2aa8356bc6bc3c84e418163c758f1372246884e6d80d87d7ab3fe660dda13ada65f200b4fb365223b93bbc29493ae6dbbbb1823edb8e9f045b60414edab955e1046b67a8d4908ab08ad90216125d2ffd8c7814a9a4940df0a653b1cf53cf456412228445ebc8e1584adfe13207ff24fe602e2a506218710483b5544347a3d515b7d2ddcaa1bb7ae3578841918a8ed00659d5f260d23ae17a9ffc77f79758844586fe53517097838a92dde8873e8be1cd5934f1a4bfdd9d0b5725b811c4a2c121b7729946993a736bd195c55684ea680304af4844a1b2f74e2c2b2ccaeceb00b9c2c515b70912efb27643c5624025e358b44853cc0efddc103ee514471af902cd9b68f102c95a91d2b825b473ce842e6367b0b7305ce8be6f9c812abe860bb632e00b69a0370e5c8f9ba0cebbcbe1b9276949c303a4e9e3b6db37a0716520c07512192364abb58399fca973a1b32106096eda8bb85745562e8a35c5e917fdf858091a4c29d6549e10098d6b205fc5cad546fe07b3a70756cf7079c88f3708f0c8527002b99e80cbd584a3737fb37953cd6dccf21add4d4b6e65894490840c008578737d5e208649d1cd34beb403c2226300297853a29cf6c661b426c13306575d81f6fd21712e0ec4366013883b95a71d5094acbf156e42de11cb873744983ec1ff9cfbee2278053b8b4e523388bd41dfd3c2ecaacc5d9d2958bbfa94f4bd0ac1c61c98ab295dd5c69020f1329818df9a2aa88ced03f4e6a4d1f8cb020afcd2384e65511ddeb908ba0c13a03dd32e8d4ccf0246008f35ef5184f81b8fed73b4aae4998bd8c7d784210042247d39396ba881bf43555d0ec58deede7b4729e79d31b2a346527594ca3a47a1723a792a701dc18d0124365e2c4a4fefed48c29a9f2fc747b302eaf92a100b2da211c91de4ab79d4aede483d852635c6f14d38095a5739d475c7aa67fdd54767a056eeb3098dfd8d1c21f32e76f0247f04118448273586856e641b83f540a643e72dc15804b78bac475f39e23291798aa45a2c10aa5fef2d5e4d7b8f529a66535d11c6149e9797f2fcce2804f2a5370345e98b0c02c7dd27135d414fe72f0740423920d68b64f6b8c05788c6693ee1b9abb5d4593a970dc3ee2528765fb739964f4fed7200d7e796a9f3d0d60834e638dd8c29d4e85011e4ba4f127fe765954a5b5bb5d1cc69f2376599d5a3e8c30714893f763c06061072c10cb0eee17eb2a2514acc584b04e169d4a33a330367bb725ff9462f5d50282a2e393293eec8ea1eaab8217cc108798a4a57eccdb00647ab9f07318993f7c59c395a93cbd681d0a967a56e3f13c832c48dcc0d0096870b0d51b754e70b12a849b6f376923f7f7d909f64d64e1d6e338d39166b725265b96ed21e36b12057148d66e5df04b7b734ed0957d47fde172be2473b9ac6fdb823abe3e11ec69a170a14511d5572d6c0d9f6b749acad7003f0567bb6f9381649e42d02764077330d5af3d93185968a9f8dfed16c4a7c768a2bb98304946a557182c0ce93e82b340074e384cc6bd6129483386c654a6ab3bb12fe8e86adafa93f218fdf5019c09292858acd8ef7aa6a78e3f846215856d630ae9c5fc4009693b2767ea55c469f9099693287b35d43ee0f7a5baf3328d37b2c536f2abd6e21e472c105ae982cdd26a5a20562122e71efb1486c28d9409c3114b608f297695958c5604cf0918c0c70c56c79170260d73bde297e47cae1c404cca0a96eed51a2dc8f6f6ad862fe767ee5b5e68f231096825d935b809b3c1b5d9a2cd76cae22652bed7d263b42612ed717eba0aaf2a3989c4520c402d29428010000000000000062fb3fdd073b91d4e2f6895fba9639ee78bd8ccb5bc3ce442fbeb9a1521314b82804293159fd7df4db66b78a06fe93e705bbc4e0d294a787c3cbf271b2acd15e7b4998c822f7724d3191e2265bd0d694dfb08063c9ff26a424884b46e26b5560d756c114ad1a7b92eee3f49dc2883b604ecc49c5ce92ce467778301326588a6577d44758e8d90710248d110dbf3d3d568779bd1c616369f84619dd089e38b51634f7c5d2ac9f1547a342877815a3864ad70b68b196bde9d810512f411d5235633ef65088788dfa3f152df7cee3a0803f6ac7ae192301dec07ff870ff3d7cf1c09cc9093263b225d01222376531007af9e6fb96e5ccaa8274f70adc786db7f33a20a752717b56b9a03bfce15a1aacd78c4adf8bdf41de8aaf421684c27526088c54322b5eea9175ef9c574c1f873218cc6f5df233892d7d5b0b0649ffc5a1c4909f2967a8c1f15b419ecde0448f071fa71e553f4f12cfa5e35022e75ddc5509edddc3de82d9097759b27f7c24776702e0ff64559281f796f11c1a9c77a156f390d2d18d1759b6be0347eb5bb4df912e9cfafa0db3be3243bacb378ca0946cece695a8099d6d7a24fc8bcca4c09695e3208f17f00bf404f6eb7852dfe73c163a19fd4e890e0edd5c7a727984b6f47a952373b95200bba061756c699c218b52c265b22bcd5cb24fdf056621fdd2126cede171e435320ca34e56e4c82a2afc9a59d3bf4647877658b6f23a6484f37acd8e2e184926993b5d1bbe6cdba64f486b4fb41bb94a644140540894f8fc14e585bc8beae88eabf926add289c82eb8cea99743baed842d76eb5c5573f7a7f3f2693960d6bfed697b5619afd942f41689dbd281a35e32478ba3a388dada82a2f4164481aa6a8f3946a84ea6186b20ce388c202be42996ae90feec7258d4a4a276353df84c96b160ac003d81cf395c0e61b0f0a9e692c32fab307f754cae5de7716a00cb96160cd39c931f4885d612862cecf6ba76502c9d266f97e4cf6cf0a16f787788e5471458a0dc24d3f2a28caa0f7ee00cf8bb113bd9c2b086037d765b5ec9a849df6f482fc01b48261e44299b0bc88321d837b6e2d221ebf2996b4140cd82e531de27f8de445f31c64469a5a145b031cd2569d19e27369c31ec63a989f0c9aaba7cc9d36d652001d40004f83a90d6465854f31bf15d1ef6bff4c02d60b948a37e3f50d250d7f85f545f507014aae5a35908283168c034f654acbb9d0fc261671d612e3d74261653e69e5e9cf7c8fda298b4d6c879cbbb97eafe648ba70150599089d65c1fdc0d5af879a2d46a443ac6dd21b33f72510742db4faf7eeb1580580ffe26e2d5ff", 0x1000}, 0x1006)

[  741.382226] TSC Offset = 0xfffffe6d4c7949b2
[  741.386594] EPT pointer = 0x00000000a144701e
06:46:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:23 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
mmap(&(0x7f0000a05000/0x400000)=nil, 0x400000, 0x3, 0x8012, r0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x7, @remote}}}, 0x108)

06:46:23 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(0xffffffffffffffff)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x6, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:23 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  741.849473] *** Guest State ***
[  741.853190] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  741.862437] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  741.871337] CR3 = 0x0000000000000000
[  741.875325] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  741.881388] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  741.888368] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  741.895268] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  741.903556] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  741.911632] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  741.919939] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  741.928134] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  741.936383] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  741.944562] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  741.952876] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  741.960942] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  741.969295] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  741.977465] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  741.984174] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  741.991674] Interruptibility = 00000000  ActivityState = 00000000
[  741.998131] *** Host State ***
[  742.001406] RIP = 0xffffffff812cf768  RSP = 0xffff8880a14ef378
[  742.007694] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  742.014311] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  742.022499] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  742.028456] CR0=0000000080050033 CR3=00000000a10cd000 CR4=00000000001426f0
[  742.035727] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  742.042661] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  742.048757] *** Control State ***
[  742.052484] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  742.059197] EntryControls=0000d1ff ExitControls=002fefff
[  742.064836] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  742.071798] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  742.078675] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  742.085501]         reason=80000021 qualification=0000000000000000
[  742.091872] IDTVectoring: info=00000000 errcode=00000000
06:46:24 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x2000})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_pts(r0, 0x5)
r3 = dup3(r2, r0, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000200)={0x0, 0xfff})
write$UHID_INPUT(r3, &(0x7f0000001640)={0x8, "e52aac313baccb9b551156a2d7c12b7711c32a17d3c4c9ceef08c2046fe288a7036e513019e5e114cc4ae935d23a9990952824f5d0c1f52e2eb94e5396ba9dc9a02818038eaef46fc2c3ebbe46e4a6024c93823f66462ba3d68913fdeadd1087b06846aa3ddf6ed3dc2b61b4960f48c2edf5cdf23c7e8d3f2e6daa71e66b29bc19e377d7df4637d735194a52da503a0ac44383ba5b3da867e09ceae02a9bfc21e7f28814c2fab7da41344e207ca706dc37592abdb685e4b80eb6dc2b1dc550a1d16166d163a4a220a54d7844facbbb2648ee90aa05c3c03ee447d79e517df8ffe70c215bd0bf69e86a5f48d571b9337590d05e9947727c0d77d18a117f110252735ca6700a55fd26838935808cce7b7c222a75339e44230bdeb99bc39c0c1cc20de74fcb9744f4c4a988f3874a846d31abcf5504d78a3e14f35f6cbd123fcff22890cc17c730c3ea9f74616dfe60064552ec25568a6211bdc39483a28bed0df0afc7d7c6d13d301e080c8846ea512a8ccae7a99da8dd3009feaf204d22e32c5ecc333e616159d55328d375e59194c5c9a0b3843afb283d1d26f59e03105e91aa552386468432a09be73220e942394f34c559797b74bfe7c5c2c639a40e4d2e81e1004b127540a0bdd6be2f95698e75e4f1203a47d61f506ac9364be9d98ae46536f74afe08c450ecb902e00f188c9f32aed0677455e10bbe82c763a464f10f64c403c35376b7a675546835209f0e2809e9c2bd191f784dda4b727bfac512497a07474e6d3e13233601df81abcdb6fbfb152483ec61baaee45a5d733c62107f63c55a046401a5ddef70cef8d52cb4784e3efc34de554c8ff48f7ae3d6dc1ed4eb70fe1e610355fd66ce1af8ff63b6641fb3dadfab8a9b0b1f26ca11f7287258ad4766e08340f8f2fd53e7e5f287bb73c186f0290f225687040c762776a02e5e65f1b9b713e8ef98ffe111b3e4e7b761dd3ed763ed8dafd67625fb300ac752c0ff9c0c04b75be292c3f0247bd0b3560f1c76aff38791037fcf2b812f1601934a8fc769f7198e0df685841489263a1495a8a8bab1a63cb12b3089a3e30aab15ae872437e52a6f0dbc4df2d0e8df4c6bcd47beefc179d85b70b42b319453e6efaff96a509420bec299f227c4b676c58038916897f15430ff52087dd97dd329c6b6e207378053accaa31843a333e4f69586103424f44bd67eb355c1fbe078e62f07ebaae46c3e335372127dc5fa70a4579af715e531bda52761dc206aded4678079720603a577ef7e5fb5a81a525b7c96a4047d9d6bb80d7e0ce55cc0a4f73256ae9c515307f13fe54126786de425d7a674b05116104176faac5b9365b33fd2f5a710a5159d342abecede83ad421bbb712cd5b006671a958cec907311719eb3e0b5dc4fb51054e06656a7a2a066c0aac65ceb434ca3f242cb2b1d7a22179a85cbbeeacc2f0135d8dd4d1363a98d2543fa4973e19eb359e956d27f142c75f62c7aecaf47090236b9791847725bc6fde15cd4a119a4976a3f0f2d622973ad9000aae56f88b396fa1881ec0b0a5de9955fc8f864b36eacd635b88826e0a64897d605fa4a14f7786b037cf308bef61c7f860e38f1ae67fe8cb7802dbe85f9c0c082eed1a13e645370d0c95d63bba215ac8a637b8f968aef06329d62ba131b56b46bfcfa6a5e82016d5eeb6e7db45595d1acaaa5ec9886315d3dced9d0a15c44c043ac91e4ae7077139774607b76cbc017f636145beb84c1829a6030f4a895a56b8d141f743c9189a71387893f785804f85927a23ccd79c432ab686b621ec91706ef082b4ea4fa608ce2daca0d2e2e07ff51e6a8fdc22f1c8ee5ae53720f93b4547704fae580e5560e3c7b1ac2a38ffc294d3c96635e3b919339394843c8a171c7d12ceb9c0a11be25783694b177b399e7a495538e293a59d3ab44b176afed6894aa0e501d9b98981be3f2057bf6c9869403a34cb83ad57150c674301f39524a026f3608a3414287bc4e507355823c6f8640bb803a392fb8847023d1db3c39753e72414682c617de9bd0d5b6a55d46004d49f20d2f8f53cdd8eb11402f7895cd7c01b4964fd005c564b0b0e156969ccde818dda3a7cae02d1d3af95081e6549f28976fa81b5e90fbb0a62fea850ffaf0220132189c11a74996261f6de6001c50364f08c4f48fd46a0417ec8ee4d003efeead64b87d64b43cd6868f365e72e26dd9f5f9f74d135f64464cb38dd62051ae70c5a4daabebe700eb9b290b8ed4142db0090219e6186f8f71fa8fe1ebe42f621b8eed182ee8ad0401f0a3530fd48e4d1eb2637f1fbd2a7032b0f85715203c12ab8ff48131bc4ff28272b57119a76bc0b30fef5294c23c0b2bcadfbba37a00502b5e43d72148d9acc7cb7cb39dc830cd6f30262a09eecf29d1055c2edc3926cfd5076aa5f9f172ed145359fc974ca5ded652433d212607bed155df1aff269414548a39a644b6ce927de5de6e6750575c4fd7ea7fe10b1e51fde6975c0c23fc012a8b12fe3fa64e972e4e09eafea165ae5c1ffc9d761e1314a781959c223b96eefde0f4f45c7ac032a8d3f1bd304114c3329a3e4966eddcc8d44ae70bad2932f963100955e2d2d487347c2aa8356bc6bc3c84e418163c758f1372246884e6d80d87d7ab3fe660dda13ada65f200b4fb365223b93bbc29493ae6dbbbb1823edb8e9f045b60414edab955e1046b67a8d4908ab08ad90216125d2ffd8c7814a9a4940df0a653b1cf53cf456412228445ebc8e1584adfe13207ff24fe602e2a506218710483b5544347a3d515b7d2ddcaa1bb7ae3578841918a8ed00659d5f260d23ae17a9ffc77f79758844586fe53517097838a92dde8873e8be1cd5934f1a4bfdd9d0b5725b811c4a2c121b7729946993a736bd195c55684ea680304af4844a1b2f74e2c2b2ccaeceb00b9c2c515b70912efb27643c5624025e358b44853cc0efddc103ee514471af902cd9b68f102c95a91d2b825b473ce842e6367b0b7305ce8be6f9c812abe860bb632e00b69a0370e5c8f9ba0cebbcbe1b9276949c303a4e9e3b6db37a0716520c07512192364abb58399fca973a1b32106096eda8bb85745562e8a35c5e917fdf858091a4c29d6549e10098d6b205fc5cad546fe07b3a70756cf7079c88f3708f0c8527002b99e80cbd584a3737fb37953cd6dccf21add4d4b6e65894490840c008578737d5e208649d1cd34beb403c2226300297853a29cf6c661b426c13306575d81f6fd21712e0ec4366013883b95a71d5094acbf156e42de11cb873744983ec1ff9cfbee2278053b8b4e523388bd41dfd3c2ecaacc5d9d2958bbfa94f4bd0ac1c61c98ab295dd5c69020f1329818df9a2aa88ced03f4e6a4d1f8cb020afcd2384e65511ddeb908ba0c13a03dd32e8d4ccf0246008f35ef5184f81b8fed73b4aae4998bd8c7d784210042247d39396ba881bf43555d0ec58deede7b4729e79d31b2a346527594ca3a47a1723a792a701dc18d0124365e2c4a4fefed48c29a9f2fc747b302eaf92a100b2da211c91de4ab79d4aede483d852635c6f14d38095a5739d475c7aa67fdd54767a056eeb3098dfd8d1c21f32e76f0247f04118448273586856e641b83f540a643e72dc15804b78bac475f39e23291798aa45a2c10aa5fef2d5e4d7b8f529a66535d11c6149e9797f2fcce2804f2a5370345e98b0c02c7dd27135d414fe72f0740423920d68b64f6b8c05788c6693ee1b9abb5d4593a970dc3ee2528765fb739964f4fed7200d7e796a9f3d0d60834e638dd8c29d4e85011e4ba4f127fe765954a5b5bb5d1cc69f2376599d5a3e8c30714893f763c06061072c10cb0eee17eb2a2514acc584b04e169d4a33a330367bb725ff9462f5d50282a2e393293eec8ea1eaab8217cc108798a4a57eccdb00647ab9f07318993f7c59c395a93cbd681d0a967a56e3f13c832c48dcc0d0096870b0d51b754e70b12a849b6f376923f7f7d909f64d64e1d6e338d39166b725265b96ed21e36b12057148d66e5df04b7b734ed0957d47fde172be2473b9ac6fdb823abe3e11ec69a170a14511d5572d6c0d9f6b749acad7003f0567bb6f9381649e42d02764077330d5af3d93185968a9f8dfed16c4a7c768a2bb98304946a557182c0ce93e82b340074e384cc6bd6129483386c654a6ab3bb12fe8e86adafa93f218fdf5019c09292858acd8ef7aa6a78e3f846215856d630ae9c5fc4009693b2767ea55c469f9099693287b35d43ee0f7a5baf3328d37b2c536f2abd6e21e472c105ae982cdd26a5a20562122e71efb1486c28d9409c3114b608f297695958c5604cf0918c0c70c56c79170260d73bde297e47cae1c404cca0a96eed51a2dc8f6f6ad862fe767ee5b5e68f231096825d935b809b3c1b5d9a2cd76cae22652bed7d263b42612ed717eba0aaf2a3989c4520c402d29428010000000000000062fb3fdd073b91d4e2f6895fba9639ee78bd8ccb5bc3ce442fbeb9a1521314b82804293159fd7df4db66b78a06fe93e705bbc4e0d294a787c3cbf271b2acd15e7b4998c822f7724d3191e2265bd0d694dfb08063c9ff26a424884b46e26b5560d756c114ad1a7b92eee3f49dc2883b604ecc49c5ce92ce467778301326588a6577d44758e8d90710248d110dbf3d3d568779bd1c616369f84619dd089e38b51634f7c5d2ac9f1547a342877815a3864ad70b68b196bde9d810512f411d5235633ef65088788dfa3f152df7cee3a0803f6ac7ae192301dec07ff870ff3d7cf1c09cc9093263b225d01222376531007af9e6fb96e5ccaa8274f70adc786db7f33a20a752717b56b9a03bfce15a1aacd78c4adf8bdf41de8aaf421684c27526088c54322b5eea9175ef9c574c1f873218cc6f5df233892d7d5b0b0649ffc5a1c4909f2967a8c1f15b419ecde0448f071fa71e553f4f12cfa5e35022e75ddc5509edddc3de82d9097759b27f7c24776702e0ff64559281f796f11c1a9c77a156f390d2d18d1759b6be0347eb5bb4df912e9cfafa0db3be3243bacb378ca0946cece695a8099d6d7a24fc8bcca4c09695e3208f17f00bf404f6eb7852dfe73c163a19fd4e890e0edd5c7a727984b6f47a952373b95200bba061756c699c218b52c265b22bcd5cb24fdf056621fdd2126cede171e435320ca34e56e4c82a2afc9a59d3bf4647877658b6f23a6484f37acd8e2e184926993b5d1bbe6cdba64f486b4fb41bb94a644140540894f8fc14e585bc8beae88eabf926add289c82eb8cea99743baed842d76eb5c5573f7a7f3f2693960d6bfed697b5619afd942f41689dbd281a35e32478ba3a388dada82a2f4164481aa6a8f3946a84ea6186b20ce388c202be42996ae90feec7258d4a4a276353df84c96b160ac003d81cf395c0e61b0f0a9e692c32fab307f754cae5de7716a00cb96160cd39c931f4885d612862cecf6ba76502c9d266f97e4cf6cf0a16f787788e5471458a0dc24d3f2a28caa0f7ee00cf8bb113bd9c2b086037d765b5ec9a849df6f482fc01b48261e44299b0bc88321d837b6e2d221ebf2996b4140cd82e531de27f8de445f31c64469a5a145b031cd2569d19e27369c31ec63a989f0c9aaba7cc9d36d652001d40004f83a90d6465854f31bf15d1ef6bff4c02d60b948a37e3f50d250d7f85f545f507014aae5a35908283168c034f654acbb9d0fc261671d612e3d74261653e69e5e9cf7c8fda298b4d6c879cbbb97eafe648ba70150599089d65c1fdc0d5af879a2d46a443ac6dd21b33f72510742db4faf7eeb1580580ffe26e2d5ff", 0x1000}, 0x1006)

[  742.097604] TSC Offset = 0xfffffe6ce20cfd22
[  742.102360] TPR Threshold = 0x00
[  742.105785] EPT pointer = 0x00000000a12f301e
06:46:24 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:24 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(0xffffffffffffffff)
r1 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r1, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x6, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:24 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x0, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:24 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(0xffffffffffffffff, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  743.021294] *** Guest State ***
[  743.024977] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  743.034117] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  743.043144] CR3 = 0x0000000000000000
[  743.046925] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  743.053195] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  743.059967] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  743.067120] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  743.075297] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.083547] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.091592] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.099845] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.108095] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.116284] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  743.124455] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  743.132587] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  743.140656] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  743.148877] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  743.155472] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  743.163111] Interruptibility = 00000000  ActivityState = 00000000
[  743.169379] *** Host State ***
[  743.172805] RIP = 0xffffffff812cf768  RSP = 0xffff88809d3ef378
[  743.178853] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  743.185585] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  743.193895] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  743.199895] CR0=0000000080050033 CR3=000000009d244000 CR4=00000000001426f0
[  743.207192] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  743.214050] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  743.220159] *** Control State ***
[  743.223921] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  743.230695] EntryControls=0000d1ff ExitControls=002fefff
[  743.236472] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  743.243645] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  743.250387] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  743.257270]         reason=80000021 qualification=0000000000000000
[  743.263796] IDTVectoring: info=00000000 errcode=00000000
[  743.269297] TSC Offset = 0xfffffe6c41914cfc
[  743.273871] TPR Threshold = 0x00
[  743.277297] EPT pointer = 0x0000000161a4d01e
[  743.351359] *** Guest State ***
[  743.355213] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  743.364349] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  743.373365] CR3 = 0x0000000000000000
[  743.377320] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  743.383469] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  743.390203] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  743.397195] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  743.405338] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.413487] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.421516] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.429711] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.437874] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  743.446023] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  743.454178] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  743.462510] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  743.470544] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  743.478691] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  743.485363] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  743.492996] Interruptibility = 00000000  ActivityState = 00000000
[  743.499282] *** Host State ***
[  743.502697] RIP = 0xffffffff812cf768  RSP = 0xffff8880a13cf378
[  743.508740] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  743.515395] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  743.523435] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  743.529416] CR0=0000000080050033 CR3=000000009fa74000 CR4=00000000001426e0
[  743.536709] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  743.543546] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  743.549655] *** Control State ***
[  743.553435] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  743.560179] EntryControls=0000d1ff ExitControls=002fefff
[  743.565865] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  743.572957] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  743.579700] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  743.586544]         reason=80000021 qualification=0000000000000000
[  743.593064] IDTVectoring: info=00000000 errcode=00000000
06:46:25 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180), 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  743.598574] TSC Offset = 0xfffffe6c144b031f
[  743.603161] TPR Threshold = 0x00
[  743.606589] EPT pointer = 0x000000009ce6901e
06:46:25 executing program 5 (fault-call:7 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:25 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x2000})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_pts(r0, 0x5)
r3 = dup3(r2, r0, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000200)={0x0, 0xfff})
write$UHID_INPUT(r3, &(0x7f0000001640)={0x8, "e52aac313baccb9b551156a2d7c12b7711c32a17d3c4c9ceef08c2046fe288a7036e513019e5e114cc4ae935d23a9990952824f5d0c1f52e2eb94e5396ba9dc9a02818038eaef46fc2c3ebbe46e4a6024c93823f66462ba3d68913fdeadd1087b06846aa3ddf6ed3dc2b61b4960f48c2edf5cdf23c7e8d3f2e6daa71e66b29bc19e377d7df4637d735194a52da503a0ac44383ba5b3da867e09ceae02a9bfc21e7f28814c2fab7da41344e207ca706dc37592abdb685e4b80eb6dc2b1dc550a1d16166d163a4a220a54d7844facbbb2648ee90aa05c3c03ee447d79e517df8ffe70c215bd0bf69e86a5f48d571b9337590d05e9947727c0d77d18a117f110252735ca6700a55fd26838935808cce7b7c222a75339e44230bdeb99bc39c0c1cc20de74fcb9744f4c4a988f3874a846d31abcf5504d78a3e14f35f6cbd123fcff22890cc17c730c3ea9f74616dfe60064552ec25568a6211bdc39483a28bed0df0afc7d7c6d13d301e080c8846ea512a8ccae7a99da8dd3009feaf204d22e32c5ecc333e616159d55328d375e59194c5c9a0b3843afb283d1d26f59e03105e91aa552386468432a09be73220e942394f34c559797b74bfe7c5c2c639a40e4d2e81e1004b127540a0bdd6be2f95698e75e4f1203a47d61f506ac9364be9d98ae46536f74afe08c450ecb902e00f188c9f32aed0677455e10bbe82c763a464f10f64c403c35376b7a675546835209f0e2809e9c2bd191f784dda4b727bfac512497a07474e6d3e13233601df81abcdb6fbfb152483ec61baaee45a5d733c62107f63c55a046401a5ddef70cef8d52cb4784e3efc34de554c8ff48f7ae3d6dc1ed4eb70fe1e610355fd66ce1af8ff63b6641fb3dadfab8a9b0b1f26ca11f7287258ad4766e08340f8f2fd53e7e5f287bb73c186f0290f225687040c762776a02e5e65f1b9b713e8ef98ffe111b3e4e7b761dd3ed763ed8dafd67625fb300ac752c0ff9c0c04b75be292c3f0247bd0b3560f1c76aff38791037fcf2b812f1601934a8fc769f7198e0df685841489263a1495a8a8bab1a63cb12b3089a3e30aab15ae872437e52a6f0dbc4df2d0e8df4c6bcd47beefc179d85b70b42b319453e6efaff96a509420bec299f227c4b676c58038916897f15430ff52087dd97dd329c6b6e207378053accaa31843a333e4f69586103424f44bd67eb355c1fbe078e62f07ebaae46c3e335372127dc5fa70a4579af715e531bda52761dc206aded4678079720603a577ef7e5fb5a81a525b7c96a4047d9d6bb80d7e0ce55cc0a4f73256ae9c515307f13fe54126786de425d7a674b05116104176faac5b9365b33fd2f5a710a5159d342abecede83ad421bbb712cd5b006671a958cec907311719eb3e0b5dc4fb51054e06656a7a2a066c0aac65ceb434ca3f242cb2b1d7a22179a85cbbeeacc2f0135d8dd4d1363a98d2543fa4973e19eb359e956d27f142c75f62c7aecaf47090236b9791847725bc6fde15cd4a119a4976a3f0f2d622973ad9000aae56f88b396fa1881ec0b0a5de9955fc8f864b36eacd635b88826e0a64897d605fa4a14f7786b037cf308bef61c7f860e38f1ae67fe8cb7802dbe85f9c0c082eed1a13e645370d0c95d63bba215ac8a637b8f968aef06329d62ba131b56b46bfcfa6a5e82016d5eeb6e7db45595d1acaaa5ec9886315d3dced9d0a15c44c043ac91e4ae7077139774607b76cbc017f636145beb84c1829a6030f4a895a56b8d141f743c9189a71387893f785804f85927a23ccd79c432ab686b621ec91706ef082b4ea4fa608ce2daca0d2e2e07ff51e6a8fdc22f1c8ee5ae53720f93b4547704fae580e5560e3c7b1ac2a38ffc294d3c96635e3b919339394843c8a171c7d12ceb9c0a11be25783694b177b399e7a495538e293a59d3ab44b176afed6894aa0e501d9b98981be3f2057bf6c9869403a34cb83ad57150c674301f39524a026f3608a3414287bc4e507355823c6f8640bb803a392fb8847023d1db3c39753e72414682c617de9bd0d5b6a55d46004d49f20d2f8f53cdd8eb11402f7895cd7c01b4964fd005c564b0b0e156969ccde818dda3a7cae02d1d3af95081e6549f28976fa81b5e90fbb0a62fea850ffaf0220132189c11a74996261f6de6001c50364f08c4f48fd46a0417ec8ee4d003efeead64b87d64b43cd6868f365e72e26dd9f5f9f74d135f64464cb38dd62051ae70c5a4daabebe700eb9b290b8ed4142db0090219e6186f8f71fa8fe1ebe42f621b8eed182ee8ad0401f0a3530fd48e4d1eb2637f1fbd2a7032b0f85715203c12ab8ff48131bc4ff28272b57119a76bc0b30fef5294c23c0b2bcadfbba37a00502b5e43d72148d9acc7cb7cb39dc830cd6f30262a09eecf29d1055c2edc3926cfd5076aa5f9f172ed145359fc974ca5ded652433d212607bed155df1aff269414548a39a644b6ce927de5de6e6750575c4fd7ea7fe10b1e51fde6975c0c23fc012a8b12fe3fa64e972e4e09eafea165ae5c1ffc9d761e1314a781959c223b96eefde0f4f45c7ac032a8d3f1bd304114c3329a3e4966eddcc8d44ae70bad2932f963100955e2d2d487347c2aa8356bc6bc3c84e418163c758f1372246884e6d80d87d7ab3fe660dda13ada65f200b4fb365223b93bbc29493ae6dbbbb1823edb8e9f045b60414edab955e1046b67a8d4908ab08ad90216125d2ffd8c7814a9a4940df0a653b1cf53cf456412228445ebc8e1584adfe13207ff24fe602e2a506218710483b5544347a3d515b7d2ddcaa1bb7ae3578841918a8ed00659d5f260d23ae17a9ffc77f79758844586fe53517097838a92dde8873e8be1cd5934f1a4bfdd9d0b5725b811c4a2c121b7729946993a736bd195c55684ea680304af4844a1b2f74e2c2b2ccaeceb00b9c2c515b70912efb27643c5624025e358b44853cc0efddc103ee514471af902cd9b68f102c95a91d2b825b473ce842e6367b0b7305ce8be6f9c812abe860bb632e00b69a0370e5c8f9ba0cebbcbe1b9276949c303a4e9e3b6db37a0716520c07512192364abb58399fca973a1b32106096eda8bb85745562e8a35c5e917fdf858091a4c29d6549e10098d6b205fc5cad546fe07b3a70756cf7079c88f3708f0c8527002b99e80cbd584a3737fb37953cd6dccf21add4d4b6e65894490840c008578737d5e208649d1cd34beb403c2226300297853a29cf6c661b426c13306575d81f6fd21712e0ec4366013883b95a71d5094acbf156e42de11cb873744983ec1ff9cfbee2278053b8b4e523388bd41dfd3c2ecaacc5d9d2958bbfa94f4bd0ac1c61c98ab295dd5c69020f1329818df9a2aa88ced03f4e6a4d1f8cb020afcd2384e65511ddeb908ba0c13a03dd32e8d4ccf0246008f35ef5184f81b8fed73b4aae4998bd8c7d784210042247d39396ba881bf43555d0ec58deede7b4729e79d31b2a346527594ca3a47a1723a792a701dc18d0124365e2c4a4fefed48c29a9f2fc747b302eaf92a100b2da211c91de4ab79d4aede483d852635c6f14d38095a5739d475c7aa67fdd54767a056eeb3098dfd8d1c21f32e76f0247f04118448273586856e641b83f540a643e72dc15804b78bac475f39e23291798aa45a2c10aa5fef2d5e4d7b8f529a66535d11c6149e9797f2fcce2804f2a5370345e98b0c02c7dd27135d414fe72f0740423920d68b64f6b8c05788c6693ee1b9abb5d4593a970dc3ee2528765fb739964f4fed7200d7e796a9f3d0d60834e638dd8c29d4e85011e4ba4f127fe765954a5b5bb5d1cc69f2376599d5a3e8c30714893f763c06061072c10cb0eee17eb2a2514acc584b04e169d4a33a330367bb725ff9462f5d50282a2e393293eec8ea1eaab8217cc108798a4a57eccdb00647ab9f07318993f7c59c395a93cbd681d0a967a56e3f13c832c48dcc0d0096870b0d51b754e70b12a849b6f376923f7f7d909f64d64e1d6e338d39166b725265b96ed21e36b12057148d66e5df04b7b734ed0957d47fde172be2473b9ac6fdb823abe3e11ec69a170a14511d5572d6c0d9f6b749acad7003f0567bb6f9381649e42d02764077330d5af3d93185968a9f8dfed16c4a7c768a2bb98304946a557182c0ce93e82b340074e384cc6bd6129483386c654a6ab3bb12fe8e86adafa93f218fdf5019c09292858acd8ef7aa6a78e3f846215856d630ae9c5fc4009693b2767ea55c469f9099693287b35d43ee0f7a5baf3328d37b2c536f2abd6e21e472c105ae982cdd26a5a20562122e71efb1486c28d9409c3114b608f297695958c5604cf0918c0c70c56c79170260d73bde297e47cae1c404cca0a96eed51a2dc8f6f6ad862fe767ee5b5e68f231096825d935b809b3c1b5d9a2cd76cae22652bed7d263b42612ed717eba0aaf2a3989c4520c402d29428010000000000000062fb3fdd073b91d4e2f6895fba9639ee78bd8ccb5bc3ce442fbeb9a1521314b82804293159fd7df4db66b78a06fe93e705bbc4e0d294a787c3cbf271b2acd15e7b4998c822f7724d3191e2265bd0d694dfb08063c9ff26a424884b46e26b5560d756c114ad1a7b92eee3f49dc2883b604ecc49c5ce92ce467778301326588a6577d44758e8d90710248d110dbf3d3d568779bd1c616369f84619dd089e38b51634f7c5d2ac9f1547a342877815a3864ad70b68b196bde9d810512f411d5235633ef65088788dfa3f152df7cee3a0803f6ac7ae192301dec07ff870ff3d7cf1c09cc9093263b225d01222376531007af9e6fb96e5ccaa8274f70adc786db7f33a20a752717b56b9a03bfce15a1aacd78c4adf8bdf41de8aaf421684c27526088c54322b5eea9175ef9c574c1f873218cc6f5df233892d7d5b0b0649ffc5a1c4909f2967a8c1f15b419ecde0448f071fa71e553f4f12cfa5e35022e75ddc5509edddc3de82d9097759b27f7c24776702e0ff64559281f796f11c1a9c77a156f390d2d18d1759b6be0347eb5bb4df912e9cfafa0db3be3243bacb378ca0946cece695a8099d6d7a24fc8bcca4c09695e3208f17f00bf404f6eb7852dfe73c163a19fd4e890e0edd5c7a727984b6f47a952373b95200bba061756c699c218b52c265b22bcd5cb24fdf056621fdd2126cede171e435320ca34e56e4c82a2afc9a59d3bf4647877658b6f23a6484f37acd8e2e184926993b5d1bbe6cdba64f486b4fb41bb94a644140540894f8fc14e585bc8beae88eabf926add289c82eb8cea99743baed842d76eb5c5573f7a7f3f2693960d6bfed697b5619afd942f41689dbd281a35e32478ba3a388dada82a2f4164481aa6a8f3946a84ea6186b20ce388c202be42996ae90feec7258d4a4a276353df84c96b160ac003d81cf395c0e61b0f0a9e692c32fab307f754cae5de7716a00cb96160cd39c931f4885d612862cecf6ba76502c9d266f97e4cf6cf0a16f787788e5471458a0dc24d3f2a28caa0f7ee00cf8bb113bd9c2b086037d765b5ec9a849df6f482fc01b48261e44299b0bc88321d837b6e2d221ebf2996b4140cd82e531de27f8de445f31c64469a5a145b031cd2569d19e27369c31ec63a989f0c9aaba7cc9d36d652001d40004f83a90d6465854f31bf15d1ef6bff4c02d60b948a37e3f50d250d7f85f545f507014aae5a35908283168c034f654acbb9d0fc261671d612e3d74261653e69e5e9cf7c8fda298b4d6c879cbbb97eafe648ba70150599089d65c1fdc0d5af879a2d46a443ac6dd21b33f72510742db4faf7eeb1580580ffe26e2d5ff", 0x1000}, 0x1006)

06:46:25 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  744.039062] FAULT_INJECTION: forcing a failure.
[  744.039062] name failslab, interval 1, probability 0, space 0, times 0
[  744.050697] CPU: 0 PID: 17668 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #88
[  744.058043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  744.060476] Call Trace:
[  744.060476]  dump_stack+0x32d/0x480
[  744.060476]  should_fail+0x11e5/0x13c0
[  744.060476]  __should_failslab+0x278/0x2a0
[  744.079534]  should_failslab+0x29/0x70
[  744.079534]  kmem_cache_alloc+0x146/0xe20
[  744.079534]  ? mmu_topup_memory_caches+0x119/0x900
[  744.079534]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  744.079534]  ? kvm_vcpu_kick+0x32d/0x390
[  744.079534]  mmu_topup_memory_caches+0x119/0x900
[  744.079534]  ? kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  744.079534]  kvm_mmu_load+0xb3/0x3510
[  744.079534]  ? kvm_lapic_enabled+0x7c/0x440
[  744.079534]  ? kvm_lapic_enabled+0x3c3/0x440
[  744.079534]  kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  744.079534]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  744.079534]  ? kmsan_set_origin+0x7f/0x100
[  744.079534]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  744.079534]  ? kstrtoull+0x6fe/0x7e0
[  744.079534]  ? kmsan_set_origin+0x7f/0x100
[  744.079534]  ? __msan_poison_alloca+0x1e0/0x270
[  744.079534]  ? kmsan_set_origin+0x7f/0x100
[  744.079534]  ? put_pid+0x71/0x410
[  744.079534]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  744.079534]  ? put_pid+0x330/0x410
[  744.079534]  ? get_task_pid+0x19d/0x290
[  744.079534]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  744.079534]  ? do_vfs_ioctl+0x184/0x2f70
[  744.079534]  ? __se_sys_ioctl+0x1da/0x270
[  744.079534]  ? kvm_vm_release+0x90/0x90
[  744.197172]  do_vfs_ioctl+0xfbc/0x2f70
[  744.197172]  ? security_file_ioctl+0x92/0x200
[  744.197172]  __se_sys_ioctl+0x1da/0x270
[  744.197172]  __x64_sys_ioctl+0x4a/0x70
[  744.197172]  do_syscall_64+0xcf/0x110
[  744.197172]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  744.197172] RIP: 0033:0x457569
[  744.197172] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  744.240829] RSP: 002b:00007f588e0c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  744.240829] RAX: ffffffffffffffda RBX: 00007f588e0c0c90 RCX: 0000000000457569
[  744.255915] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  744.255915] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  744.255915] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588e0c16d4
06:46:26 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba40", 0x21)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  744.255915] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000006
06:46:26 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:26 executing program 5 (fault-call:7 fault-nth:1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  744.718641] *** Guest State ***
[  744.722184] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  744.731099] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  744.740365] CR3 = 0x0000000000000000
[  744.744281] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  744.750320] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  744.757363] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  744.764327] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  744.772648] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  744.780714] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  744.789010] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  744.797329] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  744.805670] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  744.813879] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  744.822251] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  744.830329] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  744.838689] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  744.846895] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  744.853589] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  744.861149] Interruptibility = 00000000  ActivityState = 00000000
[  744.867662] *** Host State ***
[  744.870929] RIP = 0xffffffff812cf768  RSP = 0xffff88809fbaf378
[  744.877263] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  744.883899] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  744.891770] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  744.897984] CR0=0000000080050033 CR3=00000000a10a8000 CR4=00000000001426f0
[  744.905227] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  744.912268] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  744.918413] *** Control State ***
[  744.922155] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  744.928888] EntryControls=0000d1ff ExitControls=002fefff
[  744.934678] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  744.941672] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  744.948644] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  744.955426]         reason=80000021 qualification=0000000000000000
[  744.961801] IDTVectoring: info=00000000 errcode=00000000
[  744.967654] TSC Offset = 0xfffffe6b59a2cc3b
[  744.972150] TPR Threshold = 0x00
[  744.975563] EPT pointer = 0x00000000a775601e
[  745.110043] FAULT_INJECTION: forcing a failure.
[  745.110043] name failslab, interval 1, probability 0, space 0, times 0
[  745.121794] CPU: 0 PID: 17691 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #88
[  745.129168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  745.131551] Call Trace:
[  745.131551]  dump_stack+0x32d/0x480
[  745.131551]  should_fail+0x11e5/0x13c0
[  745.131551]  __should_failslab+0x278/0x2a0
[  745.131551]  should_failslab+0x29/0x70
[  745.131551]  kmem_cache_alloc+0x146/0xe20
[  745.131551]  ? mmu_topup_memory_caches+0x119/0x900
[  745.131551]  mmu_topup_memory_caches+0x119/0x900
[  745.131551]  kvm_mmu_load+0xb3/0x3510
[  745.131551]  ? kvm_lapic_enabled+0x7c/0x440
[  745.131551]  ? kvm_lapic_enabled+0x3c3/0x440
[  745.131551]  kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  745.131551]  ? kmsan_set_origin+0x7f/0x100
[  745.131551]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  745.131551]  ? kstrtoull+0x6fe/0x7e0
[  745.131551]  ? kmsan_set_origin+0x7f/0x100
[  745.208555] *** Guest State ***
[  745.131551]  ? __msan_poison_alloca+0x1e0/0x270
[  745.131551]  ? kmsan_set_origin+0x7f/0x100
[  745.131551]  ? put_pid+0x71/0x410
[  745.131551]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  745.212595] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  745.131551]  ? put_pid+0x330/0x410
[  745.221315] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  745.131551]  ? get_task_pid+0x19d/0x290
[  745.131551]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  745.131551]  ? do_vfs_ioctl+0x184/0x2f70
[  745.131551]  ? __se_sys_ioctl+0x1da/0x270
[  745.229371] CR3 = 0x0000000000000000
[  745.131551]  ? kvm_vm_release+0x90/0x90
[  745.131551]  do_vfs_ioctl+0xfbc/0x2f70
[  745.131551]  ? security_file_ioctl+0x92/0x200
[  745.242012] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  745.131551]  __se_sys_ioctl+0x1da/0x270
[  745.131551]  __x64_sys_ioctl+0x4a/0x70
[  745.131551]  do_syscall_64+0xcf/0x110
[  745.131551]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  745.255026] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  745.131551] RIP: 0033:0x457569
[  745.263169] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  745.131551] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  745.271240] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.131551] RSP: 002b:00007f588e0c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  745.131551] RAX: ffffffffffffffda RBX: 00007f588e0c0c90 RCX: 0000000000457569
[  745.131551] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  745.131551] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  745.131551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588e0c16d4
[  745.131551] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000006
[  745.279285] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.405344] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  745.413678] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.421727] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.429990] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.438148] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  745.446378] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.454584] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  745.462929] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  745.471011] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  745.477699] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  745.485349] Interruptibility = 00000000  ActivityState = 00000000
[  745.491639] *** Host State ***
[  745.495059] RIP = 0xffffffff812cf768  RSP = 0xffff88809cf4f378
[  745.501104] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  745.507809] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  745.515803] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  745.521765] CR0=0000000080050033 CR3=000000009f692000 CR4=00000000001426e0
[  745.529052] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  745.535893] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  745.542354] *** Control State ***
[  745.545864] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  745.552703] EntryControls=0000d1ff ExitControls=002fefff
06:46:27 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b0000", 0x31)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  745.558208] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  745.565343] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  745.572171] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  745.578802]         reason=80000021 qualification=0000000000000000
[  745.585292] IDTVectoring: info=00000000 errcode=00000000
[  745.590802] TSC Offset = 0xfffffe6b2b2d8f11
[  745.595319] EPT pointer = 0x000000009cfb301e
06:46:27 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:27 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x2000})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_pts(r0, 0x5)
r3 = dup3(r2, r0, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000200)={0x0, 0xfff})
write$UHID_INPUT(r3, &(0x7f0000001640)={0x8, "e52aac313baccb9b551156a2d7c12b7711c32a17d3c4c9ceef08c2046fe288a7036e513019e5e114cc4ae935d23a9990952824f5d0c1f52e2eb94e5396ba9dc9a02818038eaef46fc2c3ebbe46e4a6024c93823f66462ba3d68913fdeadd1087b06846aa3ddf6ed3dc2b61b4960f48c2edf5cdf23c7e8d3f2e6daa71e66b29bc19e377d7df4637d735194a52da503a0ac44383ba5b3da867e09ceae02a9bfc21e7f28814c2fab7da41344e207ca706dc37592abdb685e4b80eb6dc2b1dc550a1d16166d163a4a220a54d7844facbbb2648ee90aa05c3c03ee447d79e517df8ffe70c215bd0bf69e86a5f48d571b9337590d05e9947727c0d77d18a117f110252735ca6700a55fd26838935808cce7b7c222a75339e44230bdeb99bc39c0c1cc20de74fcb9744f4c4a988f3874a846d31abcf5504d78a3e14f35f6cbd123fcff22890cc17c730c3ea9f74616dfe60064552ec25568a6211bdc39483a28bed0df0afc7d7c6d13d301e080c8846ea512a8ccae7a99da8dd3009feaf204d22e32c5ecc333e616159d55328d375e59194c5c9a0b3843afb283d1d26f59e03105e91aa552386468432a09be73220e942394f34c559797b74bfe7c5c2c639a40e4d2e81e1004b127540a0bdd6be2f95698e75e4f1203a47d61f506ac9364be9d98ae46536f74afe08c450ecb902e00f188c9f32aed0677455e10bbe82c763a464f10f64c403c35376b7a675546835209f0e2809e9c2bd191f784dda4b727bfac512497a07474e6d3e13233601df81abcdb6fbfb152483ec61baaee45a5d733c62107f63c55a046401a5ddef70cef8d52cb4784e3efc34de554c8ff48f7ae3d6dc1ed4eb70fe1e610355fd66ce1af8ff63b6641fb3dadfab8a9b0b1f26ca11f7287258ad4766e08340f8f2fd53e7e5f287bb73c186f0290f225687040c762776a02e5e65f1b9b713e8ef98ffe111b3e4e7b761dd3ed763ed8dafd67625fb300ac752c0ff9c0c04b75be292c3f0247bd0b3560f1c76aff38791037fcf2b812f1601934a8fc769f7198e0df685841489263a1495a8a8bab1a63cb12b3089a3e30aab15ae872437e52a6f0dbc4df2d0e8df4c6bcd47beefc179d85b70b42b319453e6efaff96a509420bec299f227c4b676c58038916897f15430ff52087dd97dd329c6b6e207378053accaa31843a333e4f69586103424f44bd67eb355c1fbe078e62f07ebaae46c3e335372127dc5fa70a4579af715e531bda52761dc206aded4678079720603a577ef7e5fb5a81a525b7c96a4047d9d6bb80d7e0ce55cc0a4f73256ae9c515307f13fe54126786de425d7a674b05116104176faac5b9365b33fd2f5a710a5159d342abecede83ad421bbb712cd5b006671a958cec907311719eb3e0b5dc4fb51054e06656a7a2a066c0aac65ceb434ca3f242cb2b1d7a22179a85cbbeeacc2f0135d8dd4d1363a98d2543fa4973e19eb359e956d27f142c75f62c7aecaf47090236b9791847725bc6fde15cd4a119a4976a3f0f2d622973ad9000aae56f88b396fa1881ec0b0a5de9955fc8f864b36eacd635b88826e0a64897d605fa4a14f7786b037cf308bef61c7f860e38f1ae67fe8cb7802dbe85f9c0c082eed1a13e645370d0c95d63bba215ac8a637b8f968aef06329d62ba131b56b46bfcfa6a5e82016d5eeb6e7db45595d1acaaa5ec9886315d3dced9d0a15c44c043ac91e4ae7077139774607b76cbc017f636145beb84c1829a6030f4a895a56b8d141f743c9189a71387893f785804f85927a23ccd79c432ab686b621ec91706ef082b4ea4fa608ce2daca0d2e2e07ff51e6a8fdc22f1c8ee5ae53720f93b4547704fae580e5560e3c7b1ac2a38ffc294d3c96635e3b919339394843c8a171c7d12ceb9c0a11be25783694b177b399e7a495538e293a59d3ab44b176afed6894aa0e501d9b98981be3f2057bf6c9869403a34cb83ad57150c674301f39524a026f3608a3414287bc4e507355823c6f8640bb803a392fb8847023d1db3c39753e72414682c617de9bd0d5b6a55d46004d49f20d2f8f53cdd8eb11402f7895cd7c01b4964fd005c564b0b0e156969ccde818dda3a7cae02d1d3af95081e6549f28976fa81b5e90fbb0a62fea850ffaf0220132189c11a74996261f6de6001c50364f08c4f48fd46a0417ec8ee4d003efeead64b87d64b43cd6868f365e72e26dd9f5f9f74d135f64464cb38dd62051ae70c5a4daabebe700eb9b290b8ed4142db0090219e6186f8f71fa8fe1ebe42f621b8eed182ee8ad0401f0a3530fd48e4d1eb2637f1fbd2a7032b0f85715203c12ab8ff48131bc4ff28272b57119a76bc0b30fef5294c23c0b2bcadfbba37a00502b5e43d72148d9acc7cb7cb39dc830cd6f30262a09eecf29d1055c2edc3926cfd5076aa5f9f172ed145359fc974ca5ded652433d212607bed155df1aff269414548a39a644b6ce927de5de6e6750575c4fd7ea7fe10b1e51fde6975c0c23fc012a8b12fe3fa64e972e4e09eafea165ae5c1ffc9d761e1314a781959c223b96eefde0f4f45c7ac032a8d3f1bd304114c3329a3e4966eddcc8d44ae70bad2932f963100955e2d2d487347c2aa8356bc6bc3c84e418163c758f1372246884e6d80d87d7ab3fe660dda13ada65f200b4fb365223b93bbc29493ae6dbbbb1823edb8e9f045b60414edab955e1046b67a8d4908ab08ad90216125d2ffd8c7814a9a4940df0a653b1cf53cf456412228445ebc8e1584adfe13207ff24fe602e2a506218710483b5544347a3d515b7d2ddcaa1bb7ae3578841918a8ed00659d5f260d23ae17a9ffc77f79758844586fe53517097838a92dde8873e8be1cd5934f1a4bfdd9d0b5725b811c4a2c121b7729946993a736bd195c55684ea680304af4844a1b2f74e2c2b2ccaeceb00b9c2c515b70912efb27643c5624025e358b44853cc0efddc103ee514471af902cd9b68f102c95a91d2b825b473ce842e6367b0b7305ce8be6f9c812abe860bb632e00b69a0370e5c8f9ba0cebbcbe1b9276949c303a4e9e3b6db37a0716520c07512192364abb58399fca973a1b32106096eda8bb85745562e8a35c5e917fdf858091a4c29d6549e10098d6b205fc5cad546fe07b3a70756cf7079c88f3708f0c8527002b99e80cbd584a3737fb37953cd6dccf21add4d4b6e65894490840c008578737d5e208649d1cd34beb403c2226300297853a29cf6c661b426c13306575d81f6fd21712e0ec4366013883b95a71d5094acbf156e42de11cb873744983ec1ff9cfbee2278053b8b4e523388bd41dfd3c2ecaacc5d9d2958bbfa94f4bd0ac1c61c98ab295dd5c69020f1329818df9a2aa88ced03f4e6a4d1f8cb020afcd2384e65511ddeb908ba0c13a03dd32e8d4ccf0246008f35ef5184f81b8fed73b4aae4998bd8c7d784210042247d39396ba881bf43555d0ec58deede7b4729e79d31b2a346527594ca3a47a1723a792a701dc18d0124365e2c4a4fefed48c29a9f2fc747b302eaf92a100b2da211c91de4ab79d4aede483d852635c6f14d38095a5739d475c7aa67fdd54767a056eeb3098dfd8d1c21f32e76f0247f04118448273586856e641b83f540a643e72dc15804b78bac475f39e23291798aa45a2c10aa5fef2d5e4d7b8f529a66535d11c6149e9797f2fcce2804f2a5370345e98b0c02c7dd27135d414fe72f0740423920d68b64f6b8c05788c6693ee1b9abb5d4593a970dc3ee2528765fb739964f4fed7200d7e796a9f3d0d60834e638dd8c29d4e85011e4ba4f127fe765954a5b5bb5d1cc69f2376599d5a3e8c30714893f763c06061072c10cb0eee17eb2a2514acc584b04e169d4a33a330367bb725ff9462f5d50282a2e393293eec8ea1eaab8217cc108798a4a57eccdb00647ab9f07318993f7c59c395a93cbd681d0a967a56e3f13c832c48dcc0d0096870b0d51b754e70b12a849b6f376923f7f7d909f64d64e1d6e338d39166b725265b96ed21e36b12057148d66e5df04b7b734ed0957d47fde172be2473b9ac6fdb823abe3e11ec69a170a14511d5572d6c0d9f6b749acad7003f0567bb6f9381649e42d02764077330d5af3d93185968a9f8dfed16c4a7c768a2bb98304946a557182c0ce93e82b340074e384cc6bd6129483386c654a6ab3bb12fe8e86adafa93f218fdf5019c09292858acd8ef7aa6a78e3f846215856d630ae9c5fc4009693b2767ea55c469f9099693287b35d43ee0f7a5baf3328d37b2c536f2abd6e21e472c105ae982cdd26a5a20562122e71efb1486c28d9409c3114b608f297695958c5604cf0918c0c70c56c79170260d73bde297e47cae1c404cca0a96eed51a2dc8f6f6ad862fe767ee5b5e68f231096825d935b809b3c1b5d9a2cd76cae22652bed7d263b42612ed717eba0aaf2a3989c4520c402d29428010000000000000062fb3fdd073b91d4e2f6895fba9639ee78bd8ccb5bc3ce442fbeb9a1521314b82804293159fd7df4db66b78a06fe93e705bbc4e0d294a787c3cbf271b2acd15e7b4998c822f7724d3191e2265bd0d694dfb08063c9ff26a424884b46e26b5560d756c114ad1a7b92eee3f49dc2883b604ecc49c5ce92ce467778301326588a6577d44758e8d90710248d110dbf3d3d568779bd1c616369f84619dd089e38b51634f7c5d2ac9f1547a342877815a3864ad70b68b196bde9d810512f411d5235633ef65088788dfa3f152df7cee3a0803f6ac7ae192301dec07ff870ff3d7cf1c09cc9093263b225d01222376531007af9e6fb96e5ccaa8274f70adc786db7f33a20a752717b56b9a03bfce15a1aacd78c4adf8bdf41de8aaf421684c27526088c54322b5eea9175ef9c574c1f873218cc6f5df233892d7d5b0b0649ffc5a1c4909f2967a8c1f15b419ecde0448f071fa71e553f4f12cfa5e35022e75ddc5509edddc3de82d9097759b27f7c24776702e0ff64559281f796f11c1a9c77a156f390d2d18d1759b6be0347eb5bb4df912e9cfafa0db3be3243bacb378ca0946cece695a8099d6d7a24fc8bcca4c09695e3208f17f00bf404f6eb7852dfe73c163a19fd4e890e0edd5c7a727984b6f47a952373b95200bba061756c699c218b52c265b22bcd5cb24fdf056621fdd2126cede171e435320ca34e56e4c82a2afc9a59d3bf4647877658b6f23a6484f37acd8e2e184926993b5d1bbe6cdba64f486b4fb41bb94a644140540894f8fc14e585bc8beae88eabf926add289c82eb8cea99743baed842d76eb5c5573f7a7f3f2693960d6bfed697b5619afd942f41689dbd281a35e32478ba3a388dada82a2f4164481aa6a8f3946a84ea6186b20ce388c202be42996ae90feec7258d4a4a276353df84c96b160ac003d81cf395c0e61b0f0a9e692c32fab307f754cae5de7716a00cb96160cd39c931f4885d612862cecf6ba76502c9d266f97e4cf6cf0a16f787788e5471458a0dc24d3f2a28caa0f7ee00cf8bb113bd9c2b086037d765b5ec9a849df6f482fc01b48261e44299b0bc88321d837b6e2d221ebf2996b4140cd82e531de27f8de445f31c64469a5a145b031cd2569d19e27369c31ec63a989f0c9aaba7cc9d36d652001d40004f83a90d6465854f31bf15d1ef6bff4c02d60b948a37e3f50d250d7f85f545f507014aae5a35908283168c034f654acbb9d0fc261671d612e3d74261653e69e5e9cf7c8fda298b4d6c879cbbb97eafe648ba70150599089d65c1fdc0d5af879a2d46a443ac6dd21b33f72510742db4faf7eeb1580580ffe26e2d5ff", 0x1000}, 0x1006)

06:46:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x0, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  746.076525] *** Guest State ***
[  746.080059] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  746.089247] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  746.098278] CR3 = 0x0000000000000000
[  746.102171] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  746.108200] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  746.115104] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  746.122112] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  746.130161] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  746.138342] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  746.146628] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  746.154856] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  746.163013] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  746.171055] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  746.179229] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  746.187491] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  746.195675] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  746.203805] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  746.210256] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  746.217878] Interruptibility = 00000000  ActivityState = 00000000
[  746.224306] *** Host State ***
[  746.227560] RIP = 0xffffffff812cf768  RSP = 0xffff88809f9ef378
[  746.233845] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  746.240317] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  746.248359] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  746.254453] CR0=0000000080050033 CR3=000000009d3b3000 CR4=00000000001426e0
[  746.261531] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  746.268517] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x18, [0x6, 0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  746.274800] *** Control State ***
[  746.278309] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  746.285220] EntryControls=0000d1ff ExitControls=002fefff
[  746.291238] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  746.298368] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  746.305314] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  746.312081]         reason=80000021 qualification=0000000000000000
[  746.318906] IDTVectoring: info=00000000 errcode=00000000
06:46:28 executing program 5 (fault-call:7 fault-nth:2):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:28 executing program 4 (fault-call:0 fault-nth:0):
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  746.324671] TSC Offset = 0xfffffe6a9d23af8f
[  746.329081] TPR Threshold = 0x00
[  746.332668] EPT pointer = 0x000000019978a01e
06:46:28 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000", 0x39)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:28 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  746.550201] *** Guest State ***
[  746.553840] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  746.562964] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  746.571870] CR3 = 0x0000000000000000
[  746.575841] RSP = 0x0000000000000f7a  RIP = 0x000000000000003f
[  746.581871] RFLAGS=0x00010086         DR7 = 0x0000000000000400
[  746.588111] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  746.595116] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.603286] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.611366] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  746.619666] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.627844] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.636089] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.644356] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  746.652690] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.660733] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  746.661475] FAULT_INJECTION: forcing a failure.
[  746.661475] name failslab, interval 1, probability 0, space 0, times 0
[  746.668992] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  746.680397] CPU: 0 PID: 17712 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #88
[  746.688490] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  746.690236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  746.690236] Call Trace:
[  746.690236]  dump_stack+0x32d/0x480
[  746.690236]  should_fail+0x11e5/0x13c0
[  746.702354] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  746.690236]  __should_failslab+0x278/0x2a0
[  746.714404] Interruptibility = 00000000  ActivityState = 00000000
[  746.690236]  should_failslab+0x29/0x70
[  746.721795] *** Host State ***
[  746.721832] RIP = 0xffffffff812cf768  RSP = 0xffff88809fa9f378
[  746.690236]  kmem_cache_alloc+0x146/0xe20
[  746.690236]  ? mmu_topup_memory_caches+0x119/0x900
[  746.690236]  mmu_topup_memory_caches+0x119/0x900
[  746.733804] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  746.690236]  kvm_mmu_load+0xb3/0x3510
[  746.744048] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  746.690236]  ? kvm_lapic_enabled+0x7c/0x440
[  746.753243] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  746.690236]  ? kvm_lapic_enabled+0x3c3/0x440
[  746.762394] CR0=0000000080050033 CR3=000000009f90b000 CR4=00000000001426e0
[  746.690236]  kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  746.773542] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  746.690236]  ? kmsan_set_origin+0x7f/0x100
[  746.785150] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  746.690236]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  746.795421] *** Control State ***
[  746.690236]  ? kstrtoull+0x6fe/0x7e0
[  746.806856] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  746.690236]  ? kmsan_set_origin+0x7f/0x100
[  746.818557] EntryControls=0000d1ff ExitControls=002fefff
[  746.690236]  ? __msan_poison_alloca+0x1e0/0x270
[  746.690236]  ? kmsan_set_origin+0x7f/0x100
[  746.828853] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  746.690236]  ? put_pid+0x71/0x410
[  746.690236]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  746.690236]  ? put_pid+0x330/0x410
[  746.837937] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000
[  746.690236]  ? get_task_pid+0x19d/0x290
[  746.848477] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  746.690236]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  746.690236]  ? do_vfs_ioctl+0x184/0x2f70
[  746.690236]  ? __se_sys_ioctl+0x1da/0x270
[  746.858343]         reason=80000021 qualification=0000000000000000
[  746.690236]  ? kvm_vm_release+0x90/0x90
[  746.690236]  do_vfs_ioctl+0xfbc/0x2f70
[  746.690236]  ? security_file_ioctl+0x92/0x200
[  746.867313] IDTVectoring: info=00000000 errcode=00000000
[  746.690236]  __se_sys_ioctl+0x1da/0x270
[  746.690236]  __x64_sys_ioctl+0x4a/0x70
[  746.690236]  do_syscall_64+0xcf/0x110
[  746.690236]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  746.877891] TSC Offset = 0xfffffe6a6006f97c
[  746.690236] RIP: 0033:0x457569
[  746.690236] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  746.690236] RSP: 002b:00007f588e0c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  746.690236] RAX: ffffffffffffffda RBX: 00007f588e0c0c90 RCX: 0000000000457569
[  746.885914] EPT pointer = 0x000000009d30801e
[  746.690236] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  746.690236] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  746.690236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588e0c16d4
[  746.690236] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000006
[  746.940647] FAULT_INJECTION: forcing a failure.
[  746.940647] name failslab, interval 1, probability 0, space 0, times 0
[  747.045765] CPU: 0 PID: 17714 Comm: syz-executor4 Not tainted 4.20.0-rc2+ #88
[  747.053108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  747.055647] Call Trace:
[  747.055647]  dump_stack+0x32d/0x480
[  747.055647]  should_fail+0x11e5/0x13c0
[  747.055647]  __should_failslab+0x278/0x2a0
[  747.055647]  should_failslab+0x29/0x70
[  747.055647]  __kmalloc_node+0x257/0x1520
[  747.055647]  ? __msan_poison_alloca+0x1e0/0x270
[  747.055647]  ? __get_vm_area_node+0x27b/0x7f0
[  747.055647]  ? unlock_page_memcg+0x99/0x1e0
[  747.055647]  __get_vm_area_node+0x27b/0x7f0
[  747.055647]  __vmalloc_node_range+0x2a2/0x10f0
[  747.055647]  ? bpf_prog_alloc+0xe1/0x4f0
[  747.055647]  ? kmsan_set_origin+0x7f/0x100
[  747.055647]  __vmalloc+0xe2/0x100
[  747.055647]  ? bpf_prog_alloc+0xe1/0x4f0
[  747.055647]  bpf_prog_alloc+0xe1/0x4f0
[  747.055647]  ? strcmp+0x83/0x160
[  747.055647]  __do_sys_bpf+0x6bd5/0x10fd0
[  747.055647]  ? kmsan_set_origin+0x7f/0x100
[  747.055647]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  747.055647]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  747.055647]  ? prepare_exit_to_usermode+0x182/0x4c0
[  747.055647]  __se_sys_bpf+0x8e/0xa0
[  747.055647]  __x64_sys_bpf+0x4a/0x70
[  747.055647]  do_syscall_64+0xcf/0x110
[  747.055647]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  747.055647] RIP: 0033:0x457569
[  747.055647] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  747.055647] RSP: 002b:00007fc5bb8b0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  747.055647] RAX: ffffffffffffffda RBX: 00007fc5bb8b0c90 RCX: 0000000000457569
[  747.055647] RDX: 0000000000000048 RSI: 0000000020b7a000 RDI: 0000000000000005
[  747.055647] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  747.055647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc5bb8b16d4
[  747.055647] R13: 00000000004bd97c R14: 00000000004cc688 R15: 0000000000000003
[  747.241336] syz-executor4: vmalloc: allocation failure: 4096 bytes, mode:0x6280c0(GFP_USER|__GFP_ZERO), nodemask=(null)
[  747.252488] syz-executor4 cpuset=syz4 mems_allowed=0
[  747.257724] CPU: 0 PID: 17714 Comm: syz-executor4 Not tainted 4.20.0-rc2+ #88
[  747.262392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  747.262392] Call Trace:
[  747.262392]  dump_stack+0x32d/0x480
[  747.262392]  warn_alloc+0x4e9/0x720
[  747.262392]  __vmalloc_node_range+0xd64/0x10f0
[  747.262392]  ? kmsan_set_origin+0x7f/0x100
[  747.292027]  __vmalloc+0xe2/0x100
[  747.292027]  ? bpf_prog_alloc+0xe1/0x4f0
[  747.292027]  bpf_prog_alloc+0xe1/0x4f0
[  747.292027]  ? strcmp+0x83/0x160
[  747.292027]  __do_sys_bpf+0x6bd5/0x10fd0
[  747.292027]  ? kmsan_set_origin+0x7f/0x100
[  747.292027]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  747.292027]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  747.292027]  ? prepare_exit_to_usermode+0x182/0x4c0
[  747.292027]  __se_sys_bpf+0x8e/0xa0
[  747.292027]  __x64_sys_bpf+0x4a/0x70
[  747.292027]  do_syscall_64+0xcf/0x110
[  747.345019]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  747.345019] RIP: 0033:0x457569
[  747.345019] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  747.345019] RSP: 002b:00007fc5bb8b0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  747.345019] RAX: ffffffffffffffda RBX: 00007fc5bb8b0c90 RCX: 0000000000457569
[  747.345019] RDX: 0000000000000048 RSI: 0000000020b7a000 RDI: 0000000000000005
[  747.345019] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  747.345019] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc5bb8b16d4
[  747.345019] R13: 00000000004bd97c R14: 00000000004cc688 R15: 0000000000000003
[  747.417756] Mem-Info:
[  747.420358] active_anon:125860 inactive_anon:3068 isolated_anon:0
[  747.420358]  active_file:7693 inactive_file:36773 isolated_file:0
[  747.420358]  unevictable:2315 dirty:88 writeback:0 unstable:0
[  747.420358]  slab_reclaimable:4434 slab_unreclaimable:15651
[  747.420358]  mapped:57946 shmem:3756 pagetables:1865 bounce:0
[  747.420358]  free:602563 free_pcp:805 free_cma:0
[  747.454816] Node 0 active_anon:503440kB inactive_anon:12272kB active_file:30772kB inactive_file:147092kB unevictable:9260kB isolated(anon):0kB isolated(file):0kB mapped:231784kB dirty:352kB writeback:0kB shmem:15024kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 147456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[  747.483955] Node 0 DMA free:15904kB min:144kB low:180kB high:216kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  747.510513] lowmem_reserve[]: 0 2796 7221 7221
[  747.515344] Node 0 DMA32 free:2342184kB min:26108kB low:32632kB high:39156kB active_anon:121512kB inactive_anon:24kB active_file:0kB inactive_file:2672kB unevictable:2372kB writepending:140kB present:3129332kB managed:2867816kB mlocked:0kB kernel_stack:1792kB pagetables:1364kB bounce:0kB free_pcp:1152kB local_pcp:620kB free_cma:0kB
[  747.545192] lowmem_reserve[]: 0 0 4425 4425
[  747.549640] Node 0 Normal free:51596kB min:41328kB low:51660kB high:61992kB active_anon:381924kB inactive_anon:12248kB active_file:30772kB inactive_file:144420kB unevictable:6888kB writepending:212kB present:4718592kB managed:4532172kB mlocked:0kB kernel_stack:15040kB pagetables:6096kB bounce:0kB free_pcp:2372kB local_pcp:1388kB free_cma:0kB
[  747.580468] lowmem_reserve[]: 0 0 0 0
[  747.584485] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15904kB
[  747.598135] Node 0 DMA32: 0*4kB 15*8kB (UME) 26*16kB (UM) 8*32kB (UME) 8*64kB (UM) 4*128kB (UM) 2*256kB (UE) 2*512kB (ME) 0*1024kB 2*2048kB (ME) 570*4096kB (M) = 2342168kB
[  747.614154] Node 0 Normal: 37*4kB (UME) 15*8kB (ME) 20*16kB (ME) 484*32kB (UME) 394*64kB (UME) 21*128kB (UME) 2*256kB (U) 2*512kB (U) 0*1024kB 3*2048kB (UM) 0*4096kB = 51660kB
[  747.630391] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  747.639533] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  747.648317] 50536 total pagecache pages
06:46:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  747.652562] 0 pages in swap cache
[  747.656079] Swap cache stats: add 0, delete 0, find 0/0
[  747.661486] Free swap  = 0kB
[  747.664780] Total swap = 0kB
[  747.667856] 1965979 pages RAM
[  747.671017] 0 pages HighMem/MovableOnly
[  747.675211] 112006 pages reserved
[  747.678736] 0 pages cma reserved
[  747.835303] *** Guest State ***
[  747.838772] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  747.847921] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  747.856980] CR3 = 0x0000000000000000
[  747.860800] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  747.866987] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  747.873209] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  747.879949] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.888489] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.896808] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  747.905116] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.913386] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.921440] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.929759] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  747.938043] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.946317] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  747.954694] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  747.962999] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  747.969469] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  747.977219] Interruptibility = 00000000  ActivityState = 00000000
[  747.983655] *** Host State ***
[  747.987031] RIP = 0xffffffff812cf768  RSP = 0xffff8880a13ff378
[  747.993337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  747.999819] FSBase=00007fb69a05c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  748.007942] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  748.014046] CR0=0000000080050033 CR3=00000000a33ee000 CR4=00000000001426f0
[  748.021136] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  748.028252] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  748.034505] *** Control State ***
[  748.038070] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  748.045055] EntryControls=0000d1ff ExitControls=002fefff
[  748.050603] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  748.057859] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  748.064754] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  748.071433]         reason=80000021 qualification=0000000000000000
[  748.078030] IDTVectoring: info=00000000 errcode=00000000
06:46:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:30 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:30 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8", 0x3d)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  748.083683] TSC Offset = 0xfffffe69b4e1acc7
[  748.088071] EPT pointer = 0x00000000a14e601e
06:46:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  748.393505] *** Guest State ***
[  748.397065] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  748.406230] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  748.415387] CR3 = 0x0000000000000000
[  748.419164] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  748.425444] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  748.432634] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  748.439410] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  748.447794] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.456085] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.464420] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.472804] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.480922] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.485216] *** Guest State ***
[  748.489207] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  748.489275] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  748.492931] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  748.500748] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  748.508874] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  748.508910] CR3 = 0x0000000000000000
[  748.508932] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  748.508960] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  748.508993] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  748.509030] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  748.509089] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.509132] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.509182] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.518261] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  748.518298] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  748.526477] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.535465] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  748.539199] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  748.545318] Interruptibility = 00000000  ActivityState = 00000000
[  748.552137] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  748.552180] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  748.558849] *** Host State ***
[  748.567074] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  748.575369] RIP = 0xffffffff812cf768  RSP = 0xffff8880a05ef378
[  748.583375] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  748.591307] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  748.599444] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  748.605996] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  748.614174] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  748.621679] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  748.629899] Interruptibility = 00000000  ActivityState = 00000000
[  748.636266] CR0=0000000080050033 CR3=00000000a1331000 CR4=00000000001426f0
[  748.644369] *** Host State ***
[  748.644423] RIP = 0xffffffff812cf768  RSP = 0xffff88809cf9f378
[  748.644473] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  748.652602] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  748.655813] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  748.663954] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  748.669940] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  748.678107] *** Control State ***
[  748.684692] CR0=0000000080050033 CR3=00000000a12f3000 CR4=00000000001426e0
[  748.691110] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  748.699304] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  748.706776] EntryControls=0000d1ff ExitControls=002fefff
[  748.712802] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  748.719049] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  748.726216] *** Control State ***
[  748.729429] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  748.735564] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  748.742231] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  748.748817] EntryControls=0000d1ff ExitControls=002fefff
[  748.748854] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  748.756860]         reason=80000021 qualification=0000000000000000
[  748.763076] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  748.768951] IDTVectoring: info=00000000 errcode=00000000
[  748.772555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  748.772582]         reason=80000021 qualification=0000000000000000
[  748.772628] IDTVectoring: info=00000000 errcode=00000000
[  748.779663] TSC Offset = 0xfffffe69637dad3d
[  748.786533] TSC Offset = 0xfffffe69560fc7d5
06:46:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  748.793350] TPR Threshold = 0x00
[  748.798805] TPR Threshold = 0x00
[  748.805083] EPT pointer = 0x000000009d29201e
[  748.812161] EPT pointer = 0x000000009e05e01e
06:46:31 executing program 4:
accept(0xffffffffffffff9c, &(0x7f0000000280)=@can, &(0x7f0000000200)=0x80)
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x392)
getsockname$packet(r0, &(0x7f0000000400)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0xfffffffffffffe69)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x1ffffff0, &(0x7f0000000040)=@raw=[@alu={0x7, 0xffff, 0xa, 0xf, 0xf, 0x18, 0xfffffffffffffff4}, @call={0x85, 0x0, 0x0, 0x25}, @generic={0x3, 0xfffffffffffffffb, 0x3, 0xce78, 0x80000000}, @generic={0x1, 0x5, 0x3f, 0x2, 0x1}, @exit, @jmp={0x5, 0xc31, 0xd, 0x0, 0x9, 0x0, 0x10}, @exit, @ldst={0x0, 0x0, 0x7, 0x7, 0x9, 0xfffffffffffffffc}], &(0x7f0000000240)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251, 0x0, 0x0, [], r1}, 0x48)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000080)={{{@in6=@ipv4={[], [], @multicast2}, @in=@local}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000000180)=0xe8)

06:46:31 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54", 0x3f)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  749.321793] *** Guest State ***
[  749.325472] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  749.334607] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  749.343762] CR3 = 0x0000000000000000
[  749.347569] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  749.353743] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  749.359770] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  749.366713] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.374875] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.383033] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  749.391073] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.399249] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.407417] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.415583] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  749.423863] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.432056] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  749.440104] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  749.448256] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  749.454917] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  749.462548] Interruptibility = 00000000  ActivityState = 00000000
[  749.468843] *** Host State ***
[  749.472303] RIP = 0xffffffff812cf768  RSP = 0xffff88809d28f378
[  749.478363] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  749.485022] FSBase=00007fb69a05c700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  749.493000] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  749.498965] CR0=0000000080050033 CR3=000000009e094000 CR4=00000000001426e0
[  749.506244] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  749.513129] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  749.519229] *** Control State ***
[  749.522945] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  749.529665] EntryControls=0000d1ff ExitControls=002fefff
[  749.535406] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  749.542529] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  749.549253] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  749.556138]         reason=80000021 qualification=0000000000000000
[  749.562632] IDTVectoring: info=00000000 errcode=00000000
[  749.568135] TSC Offset = 0xfffffe68e72e5de8
06:46:31 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:31 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da", 0x40)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  749.572734] EPT pointer = 0x00000000a16c601e
06:46:31 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x10000000008, 0x4, &(0x7f0000346fc8)=ANY=[@ANYBLOB="1800000000000000200000000000000061128800000000009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffdff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:32 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:32 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
getpeername$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x1, &(0x7f0000346fc8)=ANY=[@ANYBLOB="b50a000000000000"], &(0x7f0000000000)="47504c0024eb5d0fd8c07a763d8a75efe4cb73c59a3e758544b82803f172effee6175806b0cbdf07c0489a491ca7e3a551b572f6cce359bdc174ef674c35e32c228f04c37ad857e45399f2ccafa9b1b483357423f8ee0e2b9aa7dd0e2c9fdd462171414b63ad26f6433838687e8af474eb44d7c969d2eeecfca3754c1b9c7aa0a89636707a237979d3bf7aa612242f1a7ed0", 0xffffffffffdfffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:32 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

[  750.228362] *** Guest State ***
[  750.232455] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  750.241367] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  750.250498] CR3 = 0x0000000000000000
[  750.254405] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  750.260451] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  750.266657] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  750.273633] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.281709] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.289988] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  750.298211] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.306379] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.314597] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.323161] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  750.331211] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.339415] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  750.347643] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  750.355810] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  750.362415] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  750.369952] Interruptibility = 00000000  ActivityState = 00000000
[  750.376398] *** Host State ***
[  750.379673] RIP = 0xffffffff812cf768  RSP = 0xffff88809cecf378
[  750.385879] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  750.392507] FSBase=00007fb69a05c700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  750.400388] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  750.406501] CR0=0000000080050033 CR3=000000009d3fa000 CR4=00000000001426f0
[  750.413794] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  750.420570] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  750.426906] *** Control State ***
[  750.430421] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  750.437403] EntryControls=0000d1ff ExitControls=002fefff
[  750.443069] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  750.450067] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  750.457028] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  750.463809]         reason=80000021 qualification=0000000000000000
[  750.470191] IDTVectoring: info=00000000 errcode=00000000
[  750.475947] TSC Offset = 0xfffffe686efedd88
[  750.480387] EPT pointer = 0x00000000a14ed01e
06:46:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fstat(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000100)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@broadcast}, 0x0, @in=@rand_addr}}, &(0x7f0000000300)=0xe8)
getresuid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000004c0)=<r5=>0x0)
stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
stat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
r8 = syz_open_dev$midi(&(0x7f0000000c00)='/dev/midi#\x00', 0x100000000, 0x40)
ioctl$ASHMEM_GET_NAME(r8, 0x81007702, &(0x7f0000000c40))
getresuid(&(0x7f0000000780), &(0x7f00000007c0), &(0x7f0000000800)=<r9=>0x0)
stat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
fstat(r1, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
stat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
lstat(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getgroups(0x1, &(0x7f0000000b00)=[<r14=>0x0])
r15 = getgid()
r16 = getgid()
fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000b40)={{}, {0x1, 0x1}, [{0x2, 0x2, r3}, {0x2, 0x4, r4}, {0x2, 0x7, r5}, {0x2, 0x1, r6}, {0x2, 0x0, r7}, {0x2, 0x1, r9}], {0x4, 0x5}, [{0x8, 0x0, r10}, {0x8, 0x2, r11}, {0x8, 0x3, r12}, {0x8, 0x3, r13}, {0x8, 0x1, r14}, {0x8, 0x2, r15}, {0x8, 0x0, r16}], {0x10, 0x2}, {0x20, 0x1}}, 0x8c, 0x1)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x100, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
syz_genetlink_get_family_id$fou(&(0x7f0000000000)='fou\x00')
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:32 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x10, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:32 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfffffffffffffd42, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x20b02)
accept4$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000240)=0x14, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x7, &(0x7f0000000040)=@raw=[@exit, @map={0x18, 0xf, 0x1, 0x0, r0}, @exit, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x52}], &(0x7f0000000080)='GPL\x00', 0x2, 0x5a, &(0x7f00000000c0)=""/90, 0x41f00, 0x0, [], r1}, 0x48)

[  751.012908] *** Guest State ***
[  751.016309] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  751.025527] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  751.034665] CR3 = 0x0000000000000000
[  751.038442] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  751.044875] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  751.051769] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:46:33 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  751.058854] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  751.067179] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  751.075463] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  751.083755] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  751.091807] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  751.100103] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  751.108350] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  751.116670] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  751.124867] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  751.133143] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  751.141185] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  751.147952] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  751.155608] Interruptibility = 00000000  ActivityState = 00000000
[  751.162154] *** Host State ***
[  751.165433] RIP = 0xffffffff812cf768  RSP = 0xffff88809d2af378
[  751.171481] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  751.178183] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  751.186196] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  751.192598] CR0=0000000080050033 CR3=00000000a1331000 CR4=00000000001426f0
[  751.199729] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  751.206686] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  751.213200] *** Control State ***
[  751.216722] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  751.223747] EntryControls=0000d1ff ExitControls=002fefff
[  751.229303] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  751.236553] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  751.243444] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  751.250080]         reason=80000021 qualification=0000000000000000
[  751.256748] IDTVectoring: info=00000000 errcode=00000000
[  751.262397] TSC Offset = 0xfffffe67fa42647a
[  751.266770] TPR Threshold = 0x00
[  751.270190] EPT pointer = 0x000000009cfe001e
06:46:33 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:33 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:33 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x880, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040))

06:46:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendfile(r1, r2, &(0x7f0000000000), 0x4)

06:46:33 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

06:46:33 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:34 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  752.030020] *** Guest State ***
[  752.033576] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  752.042789] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  752.051688] CR3 = 0x0000000000000000
[  752.055753] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  752.061793] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  752.068769] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  752.075733] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  752.084074] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.092297] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.100351] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.108673] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.116895] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.125209] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  752.133473] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  752.141537] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  752.149868] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  752.158225] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  752.164986] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  752.172747] Interruptibility = 00000000  ActivityState = 00000000
[  752.179040] *** Host State ***
[  752.182620] RIP = 0xffffffff812cf768  RSP = 0xffff8880a115f378
[  752.188904] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  752.195646] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  752.203719] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  752.209704] CR0=0000000080050033 CR3=00000000a135d000 CR4=00000000001426f0
[  752.217082] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  752.224023] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  752.230134] *** Control State ***
[  752.233959] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  752.240703] EntryControls=0000d1ff ExitControls=002fefff
[  752.246441] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  752.253644] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  752.260412] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  752.267401]         reason=80000021 qualification=0000000000000000
[  752.273931] IDTVectoring: info=00000000 errcode=00000000
06:46:34 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x0, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  752.279620] TSC Offset = 0xfffffe676f039d12
[  752.284249] TPR Threshold = 0x00
[  752.287720] EPT pointer = 0x000000009f76e01e
06:46:34 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180084a700000000000000000000000061128800000000009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:34 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

06:46:34 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:34 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  752.654902] *** Guest State ***
[  752.658269] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  752.667454] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  752.676555] CR3 = 0x0000000000000000
[  752.680333] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  752.686489] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  752.693335] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  752.700200] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  752.708406] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.716623] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.724855] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.733097] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.741146] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  752.749307] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  752.757570] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  752.765764] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  752.773953] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  752.782102] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  752.788562] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  752.796209] Interruptibility = 00000000  ActivityState = 00000000
[  752.802653] *** Host State ***
[  752.805904] RIP = 0xffffffff812cf768  RSP = 0xffff88809f75f378
[  752.812078] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  752.818548] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  752.826550] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  752.832621] CR0=0000000080050033 CR3=00000000a13dd000 CR4=00000000001426e0
[  752.839701] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  752.846573] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  752.852820] *** Control State ***
[  752.856424] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  752.863264] EntryControls=0000d1ff ExitControls=002fefff
[  752.868787] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  752.875904] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  752.882755] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  752.889397]         reason=80000021 qualification=0000000000000000
[  752.895923] IDTVectoring: info=00000000 errcode=00000000
[  752.901431] TSC Offset = 0xfffffe671827e8f9
[  752.905931] TPR Threshold = 0x00
[  752.909349] EPT pointer = 0x000000009cf4101e
06:46:35 executing program 5:
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000340)='/dev/audio\x00', 0x0, 0x0)
ioctl$VT_RELDISP(r1, 0x5605)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc0\x00', 0x101000, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000500)=@assoc_value={<r4=>0x0}, &(0x7f0000000700)=0x3)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000740)=ANY=[@ANYRES32=r4, @ANYBLOB="08000a00a922d00ca97cfbfad13c916b6b447b77d9dbf4984c6e27bf26b8bc17c4b1de7f2007d5703932387ed4169bdad092a4d1da81c321437253eae1c932507bf9a81dabedfc73217b610052959e004c493de1fc0ac1ed3fa1a4abd93f2df5875cfe45ca4e4d71ad24e2d4f412138659d067bddda8a0453a03032029055e6fab53b096346d87dd516742bd9f4f18cf38f27054e68adff2f20c387ccf1745497305db7b5e1c88d4f1f18e6a6c54cc519f38a50258c92378b13d33e249306459b3fddf843b8fa4ed4052d24018b670bcd150c625b1e53b31a168c631d896eebab07e9f75a208b3894fa77fcd6769e278e219"], 0x12)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000100)={0x1, 0x0, @pic={0x1, 0x3, 0x8, 0x0, 0x80000000, 0x8, 0xfffffffffffffff9, 0xffff, 0xfffffffffffffffe, 0x76ce, 0x10000, 0x5, 0x9, 0x100, 0x401, 0x8}})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
r6 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x80000)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r6, 0x84, 0x12, &(0x7f0000000080)=0x9, 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000004c0)={r4, 0x0, 0x30}, &(0x7f0000000540)=0xc)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
acct(&(0x7f0000000040)='./file0\x00')
ioctl$BLKROSET(r3, 0x125d, &(0x7f0000000380)=0x5)

06:46:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:35 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1ff, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000040)={0x2, 0x1, [0x2ba3, 0xfffffffffffffffb, 0x4, 0x0, 0x3, 0xb41, 0x80000000, 0x1ff000000000000]})
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:35 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

06:46:35 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  753.486483] *** Guest State ***
[  753.489870] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  753.499044] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  753.508089] CR3 = 0x0000000000000000
[  753.511866] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  753.518114] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  753.525077] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  753.532060] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  753.540114] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  753.548405] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  753.556600] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  753.564870] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  753.573125] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  753.581157] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  753.589456] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  753.597733] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  753.605993] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  753.614182] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  753.620660] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  753.628398] Interruptibility = 00000000  ActivityState = 00000000
[  753.634807] *** Host State ***
[  753.638057] RIP = 0xffffffff812cf768  RSP = 0xffff88809ce4f378
[  753.644360] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  753.650837] FSBase=00007f588e0c1700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  753.658922] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  753.665010] CR0=0000000080050033 CR3=000000009cfad000 CR4=00000000001426f0
[  753.672293] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  753.679020] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  753.685365] *** Control State ***
[  753.688896] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  753.695862] EntryControls=0000d1ff ExitControls=002fefff
[  753.701382] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  753.708596] VMEntry: intr_info=80000008 errcode=00000000 ilen=00000000
[  753.715457] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  753.722456]         reason=80000021 qualification=0000000000000000
[  753.728842] IDTVectoring: info=00000000 errcode=00000000
[  753.734570] TSC Offset = 0xfffffe66a6602af5
[  753.738950] TPR Threshold = 0x00
[  753.742567] EPT pointer = 0x000000009d3ec01e
06:46:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:35 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:36 executing program 4:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}, &(0x7f0000000140)=0x10)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x0, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:36 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  754.172935] *** Guest State ***
[  754.176450] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  754.185750] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  754.195055] CR3 = 0x0000000000000000
[  754.198822] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  754.205095] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  754.212053] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  754.218816] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  754.227113] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.235288] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.243521] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.251570] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.260078] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.268257] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  754.276507] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  754.284727] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  754.292996] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  754.301026] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  754.307786] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  754.315443] Interruptibility = 00000000  ActivityState = 00000000
[  754.321843] *** Host State ***
[  754.325529] RIP = 0xffffffff812cf768  RSP = 0xffff88809e12f378
[  754.331626] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  754.338310] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  754.346358] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  754.352506] CR0=0000000080050033 CR3=000000009d20f000 CR4=00000000001426f0
[  754.359598] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  754.366566] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  754.372825] *** Control State ***
[  754.376344] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  754.383284] EntryControls=0000d1ff ExitControls=002fefff
[  754.388812] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  754.396036] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  754.402921] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  754.409551]         reason=80000021 qualification=0000000000000000
[  754.416138] IDTVectoring: info=00000000 errcode=00000000
[  754.421697] TSC Offset = 0xfffffe66481cec3b
[  754.426280] TPR Threshold = 0x00
[  754.429698] EPT pointer = 0x000000009fe8c01e
06:46:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x0, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:36 executing program 5:
r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x9, 0x0)
r1 = getpgid(0xffffffffffffffff)
fcntl$setownex(r0, 0xf, &(0x7f0000000140)={0x0, r1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7fff, 0x4002)
write$tun(r5, &(0x7f0000000040)={@void, @val={0x2, 0x0, 0x63ff8a7, 0x80000001, 0x3, 0x2}, @llc={@snap={0x1, 0x1, '6', "cc228b", 0x6000, "f5876713de1941c7b84ae9daffdcbe3bca7de7fce82806007c320806fad28c10b9656a2534339e60d14caae24278c4c3ee44d9f99f8138a67607d0669ef27b6fc5bfde0d2147b824ba1e07d84b38c3de65b6f8a6cd45038b28e05ba0e13b7b51ae80484ec9658842dbc04c7cd24b0c2808f001fedc5b3c55cf15e0ac214dc7fa8c75ca9a03cb097ec2569af0ee87f5fa0a4be9087f28a0bb2477bfa2bb317b105be257fd750147340569d3ee73"}}}, 0xbf)

06:46:36 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:36 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0x2, &(0x7f0000346fc8)=@raw=[@call={0x85, 0x0, 0x0, 0x32}, @generic={0x80000001, 0x2, 0x4, 0x7fffffff}], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='clear_refs\x00')
ioctl$TCSETA(r0, 0x5406, &(0x7f00000000c0)={0x4, 0x1, 0x727ffc9b, 0x9, 0x6, 0x5, 0x458f, 0x9, 0x4, 0xfff})

[  754.903192] *** Guest State ***
[  754.906740] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  754.915839] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  754.924881] CR3 = 0x0000000000000000
[  754.928655] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  754.934807] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  754.941682] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  754.948528] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  754.956696] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.964868] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.973053] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.981096] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.989494] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  754.997713] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  755.005868] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  755.014106] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  755.022279] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  755.030311] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  755.036965] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  755.044588] Interruptibility = 00000000  ActivityState = 00000000
[  755.050878] *** Host State ***
[  755.054354] RIP = 0xffffffff812cf768  RSP = 0xffff88809ceaf378
[  755.060436] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  755.067101] FSBase=00007f7c28f76700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  755.075063] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  755.081106] CR0=0000000080050033 CR3=00000001975bb000 CR4=00000000001426e0
[  755.088348] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  755.095211] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  755.101357] *** Control State ***
[  755.105070] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  755.111789] EntryControls=0000d1ff ExitControls=002fefff
[  755.117505] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  755.124605] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  755.131341] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  755.138131]         reason=80000021 qualification=0000000000000000
[  755.144651] IDTVectoring: info=00000000 errcode=00000000
[  755.150153] TSC Offset = 0xfffffe65e926fcf4
[  755.154690] TPR Threshold = 0x00
[  755.158122] EPT pointer = 0x000000009c87801e
06:46:37 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:37 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x0, 0x2)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000ac0)="16c2ed5a57399c9db8c475cb5b4b9ce7c660a7050c98cd80a0631f6ecbe9a80e73e5771545db9acdf97735883e77463b93f02f0ad45af721606c3aaed471b73fcbc7a297bc9069a8b1773678d9ef1efcc3e39e72901e96ac9484a18d8809ecf3c34a68cc44048300d0fba69b75e4b47279f0e0b2baed07e3c3a084ce76469b731d809716cc8ea13c7a33262ead1b9c4eaf19ab9e5a882a4e97644e45691577c3da27ef4eb0bc4629d93045b38d4f85f13e3fbc18005e76ebc955e448e43ddb36b984bc2343249ee7f239c13c6348f769df05c51f54b53f1d68bdcc7bce2244f6b3cda8927ba3429d6c5f6196b02c94bc43", 0xf1)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x101000)
ioctl$KVM_SET_XSAVE(r3, 0x5000aea5, &(0x7f00000006c0)={"3b1040a23646d089e6f6a4615da1d8d4a75cacebb712f319a5a2c178c29623af57df40030555c4787c25b087c61a0ce4b89b04e8fcbd3cc5e0a5f08c46768f1a941502749dad6a074d682b1005aea806303d5f4d10ee4e8e1cb8f1b875a0d83e69cf8618232cb23b92048ff61e9046cbfff0596af5220af8743e214e100aa93d02b28b6879489e5e818a9320e672b8a2b0ef6735cdcc84f8a16251717cf6dc7a3a77c529c0076e168da1944c2bae709c5b942cf67393cdd238b75a54be49c88dbbb744a865ca91e2d4e8ebcd2d331e2326e78366a6d199204cc6f9748fe0d9219c0a2ba9038c46ed45d381d8cf6cee6554dedd97b35b711f033573afa469e8040b548af76325eafb0672228f72729b2c462150b999253131bb6f3965a8e9d05c776183f5f82bca90d650065638e322a2cbe1c5bcc0ed8078a6a61901be58f697eb6d6702a762aa47cd2951ce1ed331dbf32ee9d97c33641719435a886d637c29be84a90319696d39927db7d6fca5d7b0a9fb9ba8a31dd4c15040f9165e316f600cc6a9a353cf21e6b7b0099e350df3d143032fbd71804270eb9144f88b0ca6ec4110c0b4dfb00ffdbc6450954b75955db3e1eecdfa27a56192fd66532b38cfb855804e4bfd4bdf0696161d114d65170d9046e0240406accd5d25966b157bfd83ab69c243b222a4e42c74cfea768ebd345ef2da408aafad94b54060f7a3696fb96fd2a13331a349f815fe3fbf98ade810a5c67901b605e11b7716ce04e66fe89d737b26b98c8799613c754e9ba053e3d3d3981569bc180a352f363e5acf04c89eebfa8cf9085a1d20794c334f95de361d6714e160c6d1e743d9591a4b63d5226ceb34d0201f4cbc4a0dbda4b82a453723866b6f61150c8213db53f5796d1f552e8feafea1fd689551e601c7bf306a1527fb11afa5618f95028ca73c4f15c52787e74577cc6adb878fd817a24aa73312d72aa05ed0a32e3e2bb6ae1dc63623b3fe2d39f912f9ac63376521f485e47204cea8aeea436d08445444b8642d1bf7a219c01cae5a6da2652d57f1467dddce1ead72139e9010371b46477ee54be05208f8ac241b9a48f9c53b36498d8ba51306cb4d9cc814c7ff7682b06f52fe08613aa3c7e96fdfcb48e8b50462e3fb3804920e84f7e1cd8b25a7e62836e9de7c7a757fddfe4118f503064f09b00e0dc6be6a1c7dc8923f54797a2056edfbd7b87de34272f10c4586b0cdedb5fbe98cbefe01698d3ced6946507d78b947234ca1faa2ae850a60688de09d5863e2aa2e5d8fc2201055a7be8e7ee13cf7ff02861727020095621456070bd7622cde765b2246a11ab5d11ef300cef2a1d2339f0fad245dd15bd4a4773a1067d0a86d85196c0dd35df9c8e29d2fce6db3775e3752b653d2109551523d138feffb054e57993a0ec9e61defd920daaf1250be9cead28984ba5f"})
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x1, 0x4)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:46:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  755.917850] *** Guest State ***
[  755.921222] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  755.930397] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  755.939414] CR3 = 0x0000000000000000
[  755.943458] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  755.949523] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  755.956494] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  755.961177] *** Guest State ***
[  755.963393] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  755.963455] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  755.963518] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  755.963566] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  755.963621] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  755.963669] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  755.963710] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  755.967011] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  755.975156] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  755.975206] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  755.983347] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  755.991318] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  755.991348] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  755.991378] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  755.991418] Interruptibility = 00000000  ActivityState = 00000000
[  755.999524] CR3 = 0x0000000000000000
[  756.007601] *** Host State ***
[  756.007652] RIP = 0xffffffff812cf768  RSP = 0xffff8880a20bf378
[  756.015756] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  756.024181] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  756.032952] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  756.040947] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  756.049105] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  756.058121] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  756.058156] CR0=0000000080050033 CR3=000000009e103000 CR4=00000000001426e0
[  756.058202] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  756.066334] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  756.072919] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  756.080385] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.086779] *** Control State ***
[  756.090536] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.093875] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  756.099838] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.105929] EntryControls=0000d1ff ExitControls=002fefff
[  756.105963] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  756.106005] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  756.112558] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.119227] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  756.127194] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.133955]         reason=80000021 qualification=0000000000000000
[  756.133988] IDTVectoring: info=00000000 errcode=00000000
[  756.139895] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
06:46:38 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
getitimer(0x2, &(0x7f0000000000))

[  756.147026] TSC Offset = 0xfffffe6557cde554
[  756.147056] TPR Threshold = 0x00
[  756.153894] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  756.161850] EPT pointer = 0x00000000a3b0601e
[  756.168076] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  756.294215] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  756.302643] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  756.309134] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  756.316788] Interruptibility = 00000000  ActivityState = 00000000
[  756.323566] *** Host State ***
[  756.326855] RIP = 0xffffffff812cf768  RSP = 0xffff8880a142f378
[  756.333167] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  756.339661] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  756.348077] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  756.354161] CR0=0000000080050033 CR3=000000009ce6c000 CR4=00000000001426f0
[  756.361236] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  756.368191] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  756.374515] *** Control State ***
[  756.378048] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  756.385013] EntryControls=0000d1ff ExitControls=002fefff
[  756.390552] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  756.397765] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  756.404632] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  756.411261]         reason=80000021 qualification=0000000000000000
06:46:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:38 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  756.417899] IDTVectoring: info=00000000 errcode=00000000
[  756.423528] TSC Offset = 0xfffffe6555d206f2
[  756.427899] TPR Threshold = 0x00
[  756.431310] EPT pointer = 0x000000009c88301e
[  756.562863] *** Guest State ***
[  756.566347] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  756.575537] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  756.584593] CR3 = 0x0000000000000000
[  756.588373] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  756.594690] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  756.601586] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  756.608593] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  756.616867] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.625180] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.628437] *** Guest State ***
[  756.633356] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.633405] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.633454] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  756.633491] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  756.633539] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  756.633582] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  756.636886] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  756.645040] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  756.645084] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  756.653177] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  756.653216] CR3 = 0x0000000000000000
[  756.661188] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  756.661217] Interruptibility = 00000000  ActivityState = 00000000
[  756.661234] *** Host State ***
[  756.661266] RIP = 0xffffffff812cf768  RSP = 0xffff8880a123f378
[  756.661329] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  756.669429] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  756.677532] FSBase=00007f7c28f76700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  756.677565] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  756.677606] CR0=0000000080050033 CR3=000000009c8e1000 CR4=00000000001426f0
[  756.685761] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  756.694706] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  756.702794] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  756.702826] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.702864] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.702902] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  756.702940] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.702998] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.709416] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  756.718425] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.722243] *** Control State ***
[  756.729714] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  756.736100] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  756.739323] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.745418] EntryControls=0000d1ff ExitControls=002fefff
[  756.751848] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  756.757955] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  756.765878] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  756.771779] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  756.778951] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  756.778978] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  756.779003] Interruptibility = 00000000  ActivityState = 00000000
[  756.779019] *** Host State ***
[  756.779049] RIP = 0xffffffff812cf768  RSP = 0xffff88809e05f378
[  756.779096] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  756.779132] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  756.779173] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  756.785279] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  756.792088] CR0=0000000080050033 CR3=000000019ee92000 CR4=00000000001426e0
[  756.792130] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  756.798820]         reason=80000021 qualification=0000000000000000
[  756.806959] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  756.806989] *** Control State ***
[  756.815088] IDTVectoring: info=00000000 errcode=00000000
[  756.823174] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  756.823210] EntryControls=0000d1ff ExitControls=002fefff
[  756.831187] TSC Offset = 0xfffffe65017ec4e8
[  756.839336] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  756.845571] TPR Threshold = 0x00
[  756.853637] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  756.853672] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  756.857117] EPT pointer = 0x00000000a022801e
[  757.053097]         reason=80000021 qualification=0000000000000000
[  757.059469] IDTVectoring: info=00000000 errcode=00000000
06:46:39 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x80)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  757.065194] TSC Offset = 0xfffffe65028dda09
[  757.069568] EPT pointer = 0x000000009c91701e
06:46:39 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x0, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:39 executing program 4:
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x2, 0xf})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251, 0x2}, 0x48)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000100)=0x9)
getdents(r1, &(0x7f0000000000)=""/1, 0x1)

06:46:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  757.959867] *** Guest State ***
[  757.963712] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  757.972828] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  757.981732] CR3 = 0x0000000000000000
[  757.985709] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  757.991741] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  757.998660] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  758.005571] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  758.013821] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.021879] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.030120] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.038337] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.046562] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.054784] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  758.062936] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  758.070969] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  758.079213] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  758.087361] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  758.094042] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  758.101563] Interruptibility = 00000000  ActivityState = 00000000
[  758.108021] *** Host State ***
[  758.111276] RIP = 0xffffffff812cf768  RSP = 0xffff88809f6cf378
[  758.117523] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  758.124106] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  758.132117] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  758.138071] CR0=0000000080050033 CR3=000000019eadb000 CR4=00000000001426e0
[  758.145325] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  758.152161] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  758.158261] *** Control State ***
[  758.161802] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  758.168757] EntryControls=0000d1ff ExitControls=002fefff
[  758.174432] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  758.181420] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  758.188307] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  758.195065]         reason=80000021 qualification=0000000000000000
[  758.201430] IDTVectoring: info=00000000 errcode=00000000
06:46:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:40 executing program 2 (fault-call:9 fault-nth:0):
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:40 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  758.207047] TSC Offset = 0xfffffe6444d3091f
[  758.211430] TPR Threshold = 0x00
[  758.215039] EPT pointer = 0x000000009cf4c01e
06:46:40 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18001500000000000000000000000000611288000000000095020400000000009b3d9bd1a420587f208f1244ad49bd67b2f5cbc6d3f72c294fa73816499cefd1a31c29bcaa4906580ab2fa443190608d2e51850bfdcb123b9f6d112fbb1333ee7becf1da32ede316858e1ac99f332bfed11766e052d6aeaea08b12db21c06d8d393419a5f9842b80a060a67976a641e4f10e9ee6ebb2e35babe6cb1d7d159170667bf5db3a211ab7253dd92c8dca7efa84936068782f1f2662e509a9414d6b90b5d4f24851ea22131c416ac642ed270992d349492a071dcfcf88bb94c3360962d4dc7f9efbe9273aead5cc4c8ce44e05cde5914b5634"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  758.400556] *** Guest State ***
[  758.404244] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  758.413432] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  758.422556] CR3 = 0x0000000000000000
[  758.426330] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  758.432591] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  758.438641] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  758.445726] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.453897] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.462151] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  758.470203] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.478482] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.486715] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.494947] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  758.503323] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.511368] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  758.519677] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  758.527845] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  758.534520] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  758.542159] Interruptibility = 00000000  ActivityState = 00000000
[  758.548449] *** Host State ***
[  758.551697] RIP = 0xffffffff812cf768  RSP = 0xffff8880a123f378
[  758.558037] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  758.564659] FSBase=00007fb69a07d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  758.572756] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  758.578713] CR0=0000000080050033 CR3=00000000b3fca000 CR4=00000000001426e0
[  758.586004] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  758.592876] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  758.599001] *** Control State ***
[  758.602769] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  758.609494] EntryControls=0000d1ff ExitControls=002fefff
[  758.615243] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  758.622358] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[  758.623926] FAULT_INJECTION: forcing a failure.
[  758.623926] name failslab, interval 1, probability 0, space 0, times 0
[  758.629090] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  758.629121]         reason=80000021 qualification=0000000000000000
[  758.629162] IDTVectoring: info=00000000 errcode=00000000
[  758.629187] TSC Offset = 0xfffffe64061e70d0
[  758.629216] EPT pointer = 0x00000000a13b801e
[  758.655848] *** Guest State ***
[  758.659665] CPU: 0 PID: 17924 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #88
[  758.659705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  758.664197] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  758.663996] Call Trace:
[  758.671775] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  758.663996]  dump_stack+0x32d/0x480
[  758.663996]  ? __should_failslab+0x278/0x2a0
[  758.663996]  should_fail+0x11e5/0x13c0
[  758.688741] CR3 = 0x0000000000000000
[  758.663996]  __should_failslab+0x278/0x2a0
[  758.663996]  should_failslab+0x29/0x70
[  758.663996]  kmem_cache_alloc+0x146/0xe20
[  758.700316] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  758.663996]  ? getname_flags+0x136/0xac0
[  758.663996]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  758.663996]  ? fsnotify+0x20fa/0x2110
[  758.713082] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  758.663996]  ? vfs_write+0x622/0x8f0
[  758.721380] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  758.663996]  getname_flags+0x136/0xac0
[  758.663996]  getname+0x55/0x60
[  758.663996]  do_sys_open+0x538/0x960
[  758.729506] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  758.663996]  __se_sys_open+0xad/0xc0
[  758.663996]  __x64_sys_open+0x4a/0x70
[  758.663996]  do_syscall_64+0xcf/0x110
[  758.737691] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.663996]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  758.663996] RIP: 0033:0x457569
[  758.663996] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  758.663996] RSP: 002b:00007f7c28f75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  758.747884] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.663996] RAX: ffffffffffffffda RBX: 00007f7c28f75c90 RCX: 0000000000457569
[  758.663996] RDX: 0000000000000000 RSI: 0000000000008040 RDI: 0000000020000040
[  758.663996] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  758.663996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c28f766d4
[  758.663996] R13: 00000000004f00bf R14: 00000000004d45c0 R15: 0000000000000006
[  758.894393] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.902682] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.910742] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  758.919019] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  758.928230] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  758.936453] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  758.944600] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  758.952866] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  758.959402] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  758.967158] Interruptibility = 00000000  ActivityState = 00000000
[  758.973551] *** Host State ***
[  758.976808] RIP = 0xffffffff812cf768  RSP = 0xffff88809e16f378
[  758.983037] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  758.989504] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  758.997587] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  759.003667] CR0=0000000080050033 CR3=000000009fe56000 CR4=00000000001426e0
[  759.010744] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  759.017785] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  759.024021] *** Control State ***
[  759.027525] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  759.034422] EntryControls=0000d1ff ExitControls=002fefff
[  759.039952] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  759.047205] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  759.054137] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  759.060781]         reason=80000021 qualification=0000000000000000
[  759.067411] IDTVectoring: info=00000000 errcode=00000000
[  759.073041] TSC Offset = 0xfffffe63e0967905
[  759.077409] TPR Threshold = 0x00
[  759.080820] EPT pointer = 0x000000009fd6801e
06:46:41 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:41 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0485619, &(0x7f00000000c0)={0xed79, 0x800fa, "90c296bffd0afdc145cd07e74428d392f24f980fbfbfd84b", {0x7, 0x2}})
socketpair$inet_sctp(0x2, 0x0, 0x84, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x1, [0x4]}, 0x6)

06:46:41 executing program 2:
r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r3 = memfd_create(&(0x7f00000002c0), 0x400)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
ioctl$EXT4_IOC_MIGRATE(r2, 0x6609)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$KIOCSOUND(r3, 0x4b2f, 0x3)
fcntl$setflags(r0, 0x2, 0x1)

06:46:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x100, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:41 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:41 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x0, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:42 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r3=>0x0)
fcntl$lock(r0, 0x27, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, r3})

06:46:42 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
fcntl$addseals(r1, 0x409, 0x2)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
perf_event_open(&(0x7f0000000200)={0x7, 0x70, 0x5, 0x5, 0x1, 0x4, 0x0, 0x20, 0x20, 0x3, 0xffffffffffffffc0, 0xfffffffffffffff9, 0x6b, 0x8, 0x1, 0xaf, 0x75, 0x9, 0xa000, 0x7f, 0x8, 0x7, 0x9, 0x7, 0x100000000, 0x400, 0x2, 0x4, 0x0, 0x6, 0x2, 0xe2, 0x1, 0x1, 0x6, 0x6, 0x5, 0x401, 0x0, 0x80000000, 0x4, @perf_config_ext={0x9, 0x5}, 0x142, 0x1, 0x3, 0x7, 0x0, 0x80000000, 0x8}, 0xffffffffffffffff, 0x0, r2, 0x9)

06:46:42 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0xffffffffffffff43)

06:46:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  760.775178] *** Guest State ***
[  760.778755] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  760.787919] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  760.797077] CR3 = 0x0000000000000000
[  760.800854] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  760.807196] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  760.813378] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  760.820112] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.828489] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.836796] SS:   sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000
[  760.845075] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.853315] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.861478] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.869791] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  760.878006] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.886248] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  760.894472] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  760.902748] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  760.909240] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  760.916983] Interruptibility = 00000000  ActivityState = 00000000
[  760.923412] *** Host State ***
[  760.926677] RIP = 0xffffffff812cf768  RSP = 0xffff8880a025f378
[  760.933029] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  760.939510] FSBase=00007fb69a07d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  760.947622] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  760.953727] CR0=0000000080050033 CR3=00000000a11de000 CR4=00000000001426f0
[  760.954150] *** Guest State ***
[  760.960802] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  760.960838] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  760.960857] *** Control State ***
[  760.960896] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  760.960925] EntryControls=0000d1ff ExitControls=002fefff
[  760.960962] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  760.960994] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  760.961026] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  760.961054]         reason=80000021 qualification=0000000000000000
[  760.961082] IDTVectoring: info=00000000 errcode=00000000
[  760.961107] TSC Offset = 0xfffffe62c78f43f9
[  760.961133] EPT pointer = 0x000000009ff1201e
[  761.034976] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  761.044035] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  761.053044] CR3 = 0x0000000000000000
[  761.056810] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  761.062973] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  761.069703] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  761.076739] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  761.084965] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  761.093139] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  761.101188] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  761.109419] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  761.117590] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  761.125863] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  761.134033] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  761.142244] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  761.150308] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  761.158534] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  761.165146] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  761.172857] Interruptibility = 00000000  ActivityState = 00000000
[  761.179143] *** Host State ***
[  761.182687] RIP = 0xffffffff812cf768  RSP = 0xffff88809ceaf378
[  761.188946] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  761.195621] FSBase=00007fe867946700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  761.203601] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  761.209555] CR0=0000000080050033 CR3=000000009fd69000 CR4=00000000001426e0
[  761.216836] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  761.223687] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  761.229784] *** Control State ***
[  761.233507] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  761.240224] EntryControls=0000d1ff ExitControls=002fefff
[  761.245932] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  761.253025] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  761.259747] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  761.266668]         reason=80000021 qualification=0000000000000000
06:46:43 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x3, &(0x7f0000000000)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xb5, 0x0, 0x0, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd500000000}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x4}], &(0x7f0000000040)="47504c006fabf9aa99732d0e8d54e8428a76f431f2d2c089aabc819c5aecdbec0f5e7b072074555244520c14cc1c0c7f1a2f27321e23e34fbbaa75ffaf4ace004dee9ab39e305145b0bb4611c988cd871c8467a6d89304445bfd84ef9e08d4be26f0525c71ad0e5314a2827cf53be2c42d83b89be8403df73d8e2492d8257c664090d20ed0a5247f6f7d031b3fad4614ac532cc8c7b91ed748a5659bdfbbd5a8604f8dc4002645c1cb631e5143c87248950bf1", 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251, 0x200000000}, 0xffffffffffffff49)

[  761.273152] IDTVectoring: info=00000000 errcode=00000000
[  761.278653] TSC Offset = 0xfffffe62ac570f93
[  761.283256] TPR Threshold = 0x00
[  761.286681] EPT pointer = 0x000000009ce2b01e
06:46:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x7c, r3, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000001}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x12}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2f}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x33}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7c}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7c}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xa4ca}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1000}]}, 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x44)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x1fe, 0x2, 0x5000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000300)=0x4a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
epoll_create1(0x80000)

06:46:43 executing program 1 (fault-call:0 fault-nth:0):
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:43 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$UI_SET_ABSBIT(r2, 0x40045567, 0x1)

06:46:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  761.472831] FAULT_INJECTION: forcing a failure.
[  761.472831] name failslab, interval 1, probability 0, space 0, times 0
[  761.484395] CPU: 1 PID: 17986 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #88
[  761.491714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  761.494211] Call Trace:
[  761.494211]  dump_stack+0x32d/0x480
[  761.494211]  should_fail+0x11e5/0x13c0
[  761.494211]  __should_failslab+0x278/0x2a0
[  761.494211]  should_failslab+0x29/0x70
[  761.494211]  __kmalloc_node+0x257/0x1520
[  761.494211]  ? __msan_poison_alloca+0x1e0/0x270
[  761.494211]  ? __get_vm_area_node+0x27b/0x7f0
[  761.533015]  ? unlock_page_memcg+0x99/0x1e0
[  761.536317]  __get_vm_area_node+0x27b/0x7f0
[  761.536317]  __vmalloc_node_range+0x2a2/0x10f0
[  761.536317]  ? bpf_prog_alloc+0xe1/0x4f0
[  761.536317]  ? kmsan_set_origin+0x7f/0x100
[  761.536317]  __vmalloc+0xe2/0x100
[  761.536317]  ? bpf_prog_alloc+0xe1/0x4f0
[  761.536317]  bpf_prog_alloc+0xe1/0x4f0
[  761.536317]  ? strcmp+0x83/0x160
[  761.536317]  __do_sys_bpf+0x6bd5/0x10fd0
[  761.536317]  ? kmsan_set_origin+0x7f/0x100
[  761.536317]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  761.536317]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  761.536317]  ? prepare_exit_to_usermode+0x182/0x4c0
[  761.536317]  __se_sys_bpf+0x8e/0xa0
[  761.536317]  __x64_sys_bpf+0x4a/0x70
[  761.536317]  do_syscall_64+0xcf/0x110
[  761.536317]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  761.536317] RIP: 0033:0x457569
[  761.536317] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  761.536317] RSP: 002b:00007fb09ed19c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  761.536317] RAX: ffffffffffffffda RBX: 00007fb09ed19c90 RCX: 0000000000457569
[  761.536317] RDX: 0000000000000048 RSI: 0000000020b7a000 RDI: 0000000000000005
[  761.536317] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  761.536317] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb09ed1a6d4
[  761.536317] R13: 00000000004bd97c R14: 00000000004cc688 R15: 0000000000000003
[  761.679353] syz-executor1: vmalloc: allocation failure: 4096 bytes, mode:0x6280c0(GFP_USER|__GFP_ZERO), nodemask=(null)
[  761.690451] syz-executor1 cpuset=syz1 mems_allowed=0
[  761.695763] CPU: 1 PID: 17986 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #88
[  761.703082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  761.705657] Call Trace:
[  761.705657]  dump_stack+0x32d/0x480
[  761.705657]  warn_alloc+0x4e9/0x720
[  761.705657]  __vmalloc_node_range+0xd64/0x10f0
[  761.705657]  ? kmsan_set_origin+0x7f/0x100
[  761.705657]  __vmalloc+0xe2/0x100
[  761.732085]  ? bpf_prog_alloc+0xe1/0x4f0
[  761.732085]  bpf_prog_alloc+0xe1/0x4f0
[  761.732085]  ? strcmp+0x83/0x160
[  761.732085]  __do_sys_bpf+0x6bd5/0x10fd0
[  761.732085]  ? kmsan_set_origin+0x7f/0x100
[  761.732085]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  761.732085]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[  761.732085]  ? prepare_exit_to_usermode+0x182/0x4c0
[  761.732085]  __se_sys_bpf+0x8e/0xa0
[  761.773976]  __x64_sys_bpf+0x4a/0x70
[  761.773976]  do_syscall_64+0xcf/0x110
[  761.773976]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  761.773976] RIP: 0033:0x457569
[  761.773976] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  761.802043] RSP: 002b:00007fb09ed19c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  761.802043] RAX: ffffffffffffffda RBX: 00007fb09ed19c90 RCX: 0000000000457569
[  761.802043] RDX: 0000000000000048 RSI: 0000000020b7a000 RDI: 0000000000000005
[  761.802043] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  761.802043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb09ed1a6d4
[  761.802043] R13: 00000000004bd97c R14: 00000000004cc688 R15: 0000000000000003
[  761.855221] Mem-Info:
[  761.857807] active_anon:124849 inactive_anon:3069 isolated_anon:0
[  761.857807]  active_file:7693 inactive_file:36828 isolated_file:0
[  761.857807]  unevictable:2315 dirty:150 writeback:0 unstable:0
[  761.857807]  slab_reclaimable:4407 slab_unreclaimable:15784
[  761.857807]  mapped:57958 shmem:3756 pagetables:1911 bounce:0
[  761.857807]  free:603036 free_pcp:836 free_cma:0
[  761.892257] Node 0 active_anon:499396kB inactive_anon:12276kB active_file:30772kB inactive_file:147312kB unevictable:9260kB isolated(anon):0kB isolated(file):0kB mapped:231832kB dirty:600kB writeback:0kB shmem:15024kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 147456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[  761.921251] Node 0 DMA free:15904kB min:144kB low:180kB high:216kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  761.947701] lowmem_reserve[]: 0 2796 7221 7221
[  761.952464] Node 0 DMA32 free:2331432kB min:26108kB low:32632kB high:39156kB active_anon:121684kB inactive_anon:36kB active_file:0kB inactive_file:2880kB unevictable:2372kB writepending:348kB present:3129332kB managed:2867816kB mlocked:0kB kernel_stack:1728kB pagetables:1348kB bounce:0kB free_pcp:1736kB local_pcp:1496kB free_cma:0kB
[  761.982362] lowmem_reserve[]: 0 0 4425 4425
[  761.986771] Node 0 Normal free:51612kB min:41328kB low:51660kB high:61992kB active_anon:381904kB inactive_anon:12240kB active_file:30772kB inactive_file:144432kB unevictable:6888kB writepending:252kB present:4718592kB managed:4532172kB mlocked:0kB kernel_stack:15168kB pagetables:6296kB bounce:0kB free_pcp:1728kB local_pcp:1288kB free_cma:0kB
[  762.017450] lowmem_reserve[]: 0 0 0 0
[  762.021336] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15904kB
[  762.034880] Node 0 DMA32: 12*4kB (ME) 4*8kB (UE) 8*16kB (ME) 3*32kB (E) 3*64kB (UME) 2*128kB (E) 2*256kB (UM) 3*512kB (UE) 3*1024kB (U) 3*2048kB (UME) 566*4096kB (UM) = 2330352kB
[  762.051302] Node 0 Normal: 79*4kB (UME) 50*8kB (UME) 23*16kB (UME) 481*32kB (UME) 392*64kB (UME) 20*128kB (UME) 1*256kB (U) 2*512kB (U) 0*1024kB 3*2048kB (UM) 0*4096kB = 51548kB
[  762.067645] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  762.076642] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  762.085371] 50599 total pagecache pages
[  762.089398] 0 pages in swap cache
[  762.093015] Swap cache stats: add 0, delete 0, find 0/0
[  762.098425] Free swap  = 0kB
[  762.101475] Total swap = 0kB
[  762.104635] 1965979 pages RAM
[  762.107781] 0 pages HighMem/MovableOnly
[  762.111798] 112006 pages reserved
[  762.115392] 0 pages cma reserved
06:46:44 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006112880000790be3c4f7dac1500000008b1d86dd2bd877dee9192a9074fdcfeb422e978b4da035e02681"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:44 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = shmat(0xffffffffffffffff, &(0x7f0000000000/0x2000)=nil, 0x3000)
shmdt(r1)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r2)
r3 = memfd_create(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0)
ioctl$VIDIOC_G_AUDIO(r2, 0x80345621, &(0x7f0000000200))
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f00000000c0)="0f460b650fe2652765f3260f330fc79f77000fc76f00642ef7e70ff4350fc72966b96b0b00000f32ef", 0x29}], 0x1, 0x32, &(0x7f0000000140)=[@dstype0, @flags={0x3, 0x40}], 0x2)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f00000006c0)={0x3, 0x0, 0x2080, {0x10000, 0x1, 0x2}, [], "ed0d55c70583f4ce05668dcbd27489c7792bef628809d1c678fe48ab83ef5e18faa056739341fe1b8d948b1a6510b676a2d9858edc3b183ca551cbfc1dbc103f9b783a44433688f697411118eada05b5406a1403c4f0b2fa3d8c67f5bd31863f95b8ec6ae849b1c577eb4024dfa3d4673a99de5e448c2500820704e38242b34d3867132bb6ec1da9fd0e9373c700fb01fcdb8faf1b8320a98b515720423cf4247d26fbbf611514eac7cc48e203b63c1908ea8549957e7313a33b77ede9fe37331a63be245a20a90f47ecf841126f0df139d129e0c906e44b5d4292165976405578df1d6af9bf8b8478163ee3631dccdb3b43d06b41d865819ead5d20a9c5aac8646ef2881044a86471148d8405433f9db8ca11016dd86acc01b4a75708c1ac1985aefd37e54b9695be0ccc3749b7b2f83a10287b42618581176ee1430a1c07145da4f0d845a170a8fc7262fd33b8bacfe4a637945ee0f63bf6148e9463729617a4437b320a3583685eac442099516f0352e4ad4676ca150aed4958e6fb50808e981336fc0ec465fbfd5ce0ca40f434990bd968ab474d22c80ae965b13580de262a973f99d01025502c80f2853bd65360256047e626d2188b4df7d93fcba7cbb138ed01efec6b3836a47d88d94b6792a3fc811dafa56c177e74d31bf6c1fd204413b2ca9455abfc52a82b6ff8beb3e8f1fee500ef7d30122671628ca298b798d8937fba599090ff9f3315e027931a85ed6488587d7c29cb500741ad31d2ea4af2f5f1ac99aee3a6f83faa489c16bea1c55bfdd0d7632baea8282ce6369b056c0ea928b451dd8b61f032c06bca4aaaecaa119e30327a95ccf47e2555e9f2457aa8dd3a6d3d1853affca184e06008ed39104294a6043cdbfcfc67a657c810f86a69a4a958418775e6a29f7964bef6b1c623681da2133727010a4dc958fd865134d012461dace2cf43b90a1b014f8b3a351e903e9a0489830a63dd9476b0b6c216e81912cb2f30d8988f768d1bb8e3a00e064b174b467c126bbb3da8600b1bffb4ca0a0facd39bc215148c0747e2f6bcff1d20a361e618755588a3004bb234b3d76517faa46105911ad9f3b9448f59d4d1a1c218c850d803a4a3dbaa03ca26cb4e9f5022adb29d2639123c0082bfa1e0dc84c31ed2769f932e043bd1c0a213571319a47868c996efaf27be6710495367e0a8517994f629430dff9e8fe11590f57250190327407722fa3d080ba95a2d31e23273ef3bda15831fb0b148dbe822b406bebe3fcb8b4fd371bb0834dea17fc3f0a57acc249ba20df6fd1180bc6fdafec623c759f6e8b5a8d0fd7dafc68bb54121197649db7c8cd80a39ce98b065c22251d9610c71a4390dec680f21b5100225c569cdc75841fa45e286d9cf741608632fa61982135a0ae20e69171d72a1005099c0a473bbf421bd8b1ffdf1b87c62d5e329b45f3d32f63dc68209968586898714fdc65ee1cb341d1d67d0ccf9103725860a8ec408b5bb103a482063844f31b86e4a206dd2521fb5a4aee657f643bdc224ef368eb328219ce5d72faac97e55fb4811fea468e5faa91521894b0aa801ec3f74270cd2258729e240157eb7753015e2d6d97181a46a4272017fb53d7c447824d7241f88eabdbc7b5e5af9e5f2a6c37a61bc8f162fb6fe7b99e7ee6b79a7ebd19ace2e1d022703fe29be7d4b0719c7a9d7c2f78c707d819d4e22d298b9d030e9fe53e486f4d03cd5acbeaef9b852fb33936d0810ad80360a530f66e9c5086c8f69122608e0b6e1e781ff3e8e6bc8cf8698c4bb954b810cec5b326f1bf9f23421ab07c21f9dc36477953bff4144b697f373674e63c7b501a1a3167f463c489f702d10918e11a3ccad94f5ec84dcb1452bd221da0a84c727cb77f1806fa04ee683795acd416d1535ca31b52d39ed00bddf44939875cc9e772489d77a5cfe312d615f0ca3066d77148208daceda637cd38d028cef5caa292bccbdeb1849dd407eb533f987241fcaa355ae010175df5c21fde7f6f795287decc0b6301a9bf849b9dc1ed92459ad1e66253a00f738bee1879322136225474635039db89f93dbfd8c18c2dbe938039277bfa55acb2cc6ebb3635cee8fbf9c77efec86f59a961b6d58baf2d339936080f1f11288ee086988f912093637c1abeeaddef902bbad696a8ef34ef1baa34af45209690af9fbd13a134e98f5e33fac76ce9e452eeb6404670771557fd8f39dd4a26ab0c4cb8f48610d083ef468d28957855386646a028d3fe0ec455435351566d690e39564216ff1e8a727ed15c1622aa054c7226ea99cc2e3e694a4d0cb6b0a64f92d1f5c00e686462a27bded6e3a8a957c53d4d3df128903dd1cc694a418bb6374ec216f677a96afc9d6a0cbd943d46e523b06f84533a281113475a920b7c562c3ef61fa99f1f392cbdbc2420a53563487af850a9f3aab21fcbb2fe687ac702875181c7014c3f1df63f1345d8da24604793e5b9848713f0f8b887c77797c58f24e4680da8c3ddfe7ba7681ea684a5efc8ad901f368af555993e038533ae9afecd79c764dc3c7301466b5467e2b21cc91a02b3ca3b2cc022312a27c7bd70fe84b7a5cf328a4b7ff9a9bdf5d908674d4dff67916ae9197b5f1771b64fd49896a3e0652c5f2d6cb5dc679b100ea81b6215331c353b05d13a41293afe90cb385c6a23590c764b35f34b6574ee20897806dab0710ad65984985f6733ab94cff11073729723f59b09057b4d5fff6d0186c3f87da656c900fb661192823a3e239ef789e9f076940e546f081c5a4ccea75be2feaec9a6abef8cb1e55f1d87ec9af8168d93d627e606e1c0d382388aa8b91b0d83ce66130654e5542a6125c79587c57469cb37b40d177a4923cf6818011a0f66918a97e611cd2d6f6bb05939bda9787b184368bd139b24937e97ca6425d9b801eb28a8f3c0929c05348d7429e7e82bd998b36fbf768699d7f668000313b184effd4d16ff68a44110fba8c6e18f1f00765c5f17e681f181991c7faae5226a837374938090e725b405a50156b6ca43575082abd3cbc4e829727f2aa889229b9295365e7647c2c681a66a50bd727d6a66c22d75bccdc3daefa568e3568a38bd556965abe8edc41e7ef7044f92a342be57f42cf6a70c98eff019e094015396544648fcd66c27612dca72ad6156a759856802228170cf76aa47e11487cafc6ec033a16e52c12365d72f720ea54e91d4fa44c144c2807d098e0e4040c7cb328529c51c698d8ba7386041926a3706c2ba0c965592c080b78fa0dc668c296c8d6a52eeebc3934bb9670735d6a33a4ac8dc90a0ca894caa60050cd1ba0b63a0b9f2b20c8c212c9929340d9a9ac0beffc78abb870414d1b514a83c723f8c9310e59813b4f03f09ef272d0cf6e7324a733028c0f57240ee5ae56d13a8c55c1055be997c60106a956f9df6f1b84bb399427046938a275cec1db8c20e368b502846967ad4a7a4b1851717b6dd563ebcea99965ed1540959dac8381b20d44b6eaf5fa14b5e206d27492bd2027a2a31332b82a22edea0b06c55e2e272971105d8225f8720c18c42b2a39c57290b42a75858335fcc5fd0b7240576b6ce6edcaacf5e94bba36bce3d4eeb29598e04f42fd2c302096614215f0659f41fa58ccf49bec473d56a15ff84f46c772c970c52b1b5a9a1591852797c7f99cb31b058d80968ebc4f381e7ae2488ef5fb0b4ea50fc1b313b3641c836665768e0a630ae56ce5a38d6f0e18a22188ebcc7c6d1d59bedffe5dcde8f009edd3397c6f2c24190657efcae9919d0c2e09ae9e22b880928dd42c03a4da6b555f8c3da44e61490c9aea3b3ac6631cb83777463eb866d132f32341719d5a58b5b0403d97b9919386662ae67dfcc00e254d89cda6baf6ddf36795cb55629f492beb318fb04f0ca3beca96beba4a54db163e70ee29db5a8f44d8b669594ccf19793b9b86f61502208b0ab8aaed26c1d11c946530cf33ad53d65e0fa51f1e77a0b5ffb23f5f7c2497e1ed4b3e426a85dac5d1e256281653d700f7cbb156bcd5ad2181216752bfdd6eefd773980a600195c03d7cf40bd3108efcad6beb78d99edc6b8e2f7196c594ec32aa1c3e673b06006d49fe3d30019067240b0f550fb910d87efc4e90f644777be3c28076c7337217dfc52608f512e0a082843afc9c58b39ba9b5c2d4559e73859b32440e38a3d0fb34177256cf378e3bf2b9a6d938b3711b8cfa859298883b2ef42bbc544fca1f96a7b8a1de2f09896001f98ad2197f88cf65495b6f7cfd8c316948289a273ef9654b3294888890be27277a032ae5bfb48c7e8c0c32c9b6fc3df8fadb3bd2c1fa1a93c454edf87182d78476d962435314d711b13112b450e6ba988d4804a033d459a7887345fd80a3c63bf5200369645770e6cc9641854f40c5e85e79f1aac9c9ee714cab5b2cc44f9198645cf7ce0626ffa1327ed35f77bafe58a9a3543633105bbf3f7de1072ea6e32e30d64c5efd9d48155eaf9e7e2b5a5c5cc0f75793665a6fd1cd421603c0b53ca6ff1c1b8b59b999aea7bec2bb11186e211813f74bd4762e7ef244b7d061ed19955de657c19cc05362998e0060334273a7d75d334947cb133d15e5510f06a595edd32a1a2138bb29837af21d4e5c2ea36759e955bbaa1d95fe6ff8f991357d1ebe3d752c3f01aa4ec5d87039d6ead9cbc212b53ef049db6cc4f5d34aeb30872e301b3b4cd92d19afcad302eca78905093dae5d575e036139249b7fd8cdab2dda222d589e673f7dff45d817249409236290d1b3da4ebd406eae57bac01cdfdf859d9fc8d33d79e2422a0dd3a2702fe4da9c510e4a1d8fd8429307634d060dcb905d674ec273add3c55a717fdc5d2cc687d1796f19b6e4d86219f8b4d7b5d1035b5428714d1468137cf1f23595d5e02ea5141997267b8cef79d72a9bca95cc9f141c8c038bd0eab0e1bdae64da7d644d1fc3b19b4d93c79c2d9d60d6be02f09a677fb72d6cec591f49108ca6dc96868189576e49f14e94509aeeaa83e7302ffcb028a15585ad6f46c74bc0444d9804ba1951034cadd00ffcdf66372e40716526cc8468eceef26264686649886bd3265e7c59ed708b16f8c3c0676bb232f531ea0602c88176d6e7d3c7827f0afcd55adc97234bc87fdc60a5c932da61a0b452314adc94fc9999024abefaba898477181cd87f78da9a94389376077ffacb13f307695176b3519d3266e9f4c519189eedc7631da66ceff647077a4eceb77c5d00f3027df17cd87d0d54be2fb0393a27f697ecb9cd191b17dd5785c99d4e62592471c6097011652da18b90ac56fdfb424fcbf8bdbfe13abee14570213a8f6c0923487b509afdf94a300fb28b4cff55ea5c4df727760ec0d347c9f01752a2a99c4cc328887389d54a082efe41ad6c3ef9489d1ec93b98a05a239ec4ba8f7714ae851e4f76385a0d4a90635e78f4388f73b4d9cda4e19c3535bd76a27d4c9a977278bc4b50830792c4d222473b5a89018e24d4515fec1d3c21f37cd1367b799b3153799bd49878078187af6ba1a213378b8e1df35d91d3ece2756f0eb4cd0474b4fe474df4bbc5b3c8ade75e4a096ba15419fc4517afcd1155ff6b8b85749ee7c3cbc7e9907644d32f74474c5365f24b85806284d430cccb96be7b0215e9705619067b348b81a05695f92081929c3fbe913eff0e1717ba2ef505e41f970fa404080de0285f0c8254e892a7a0e1a017ed98d0ab1af5bfb3b3de229329aa4024b527eeb7a11f99c42329e7c3bae34ce77789caf1d742209a046139820629dd78020b985db9aacdc6698a0a", "1e6af579fca5e1011185eed5e6be00bf4fb33a800e1b5884d24e888f5507862e2428311ef40213b99a755627156c10f1be42b9308bd4fdf2b572cbac67bac8927bc911a0ec6dca9e214648167e6615a2d0e2859db15ba25c4980c54f47ded5583c39d89b137ba13a6447dcac8c6e4fcafc3c61d23e20ff0d9825a3f929c7ee0b8f717441a062ea3558f62134d43d7926b506a79db6cb3e18d0ca66cde07d76bc9f6de76f36dffaad651c358e297028008d6753b298a75184ca6958615cefd8e5b12742f2d070fecfccfb799cef0df56e991c74ee8cd2280c729730c132e1c2d9e47a4cabbeda716f38b5db00806c8d5731ae419cfb91fa485385c7a6edc92e5c27d9ba52d6901a798b07854ad07a2796028b7418c178f57bfe0bd01ee5994a4dbfa49d97ce0543cf939221cf58461fd8d0cdc57de11c8a87436fbf5e5514aebe5efd3b01cda99e388b55ccee4a2c7457098f7797be3ce303f92f90d97adddf0adb605539767eff84f87eb583c5e95b22f3d3ab51575ecb2542f70caeced3a9a953fdca85a79080eb2ad5479775fbfe69842ba2c8ba3b3783ad5f78a8e33fde1b3aec9135bbaa28d0ecbdaddc3cef3143c11321e6b684d3b67319e4e27688ba326c2fbc6caeddbf0051dcbf58cce7744c8398eb0db9ba0075139f2bede33c605a60e4a2f55110a759d83d2eef3d34f6ab4a3a945227f365f3108f4ad52102ff2a97f0407f9b09a81202827bcd8a0d613e002be2c732fff027fce0ef17f1705cc8aef02445c3dc6db52eb2eaf3b10f438a7275cb8b4e7024dc93b6bc0893132a6bc04857906eb95eaa2248d1f9e05b3d8c366009d35e87546bfff5e0d7f4a59f93c2ff08743ca03df588e70477977b9d2fbd15e06455cf03d1d3800d0b8b4b18804b24f2a0536b18659a991e211bdfc568eb0c2d565aa482355df582ae513e8d793296cc8f3585da58c9f576f60ff9e2affebf8a42915e067151b20cf4ba12476d7c99af356257bf37fd4fc67151c552b66ecd02fb8cadeb5826f4d5e81fbaf203bdf7d98b70a4ef596b34d4ff2b5c621561078259c0902877233f0a0e6cb3f0961932a9cb3221a1cb10451e74454a038c91eaa2d927ed8d737b5be3d7bc63f21265431db23731cebc23757cdf24e7def5e522deb017ece8df4d5f731cd474e82805be208a66c0e05d926fb73d75216b5b1a01e453216901b130eaeebec30eb86465f0b3df647901df738440b1511c3ca21f3617caec321c3c015906ea10e1c85cd45bacaf69989e9764f5506651aa24e94d10a1d4bcdef25bd45af77435c99e2366260dfbfff8dd0e8a2ae4cddbc6959708aa2e8acb1988d4885acef0d3ee03bd0f54f900c190e3feef0635d1de16343b4128ea07932d7d022f09fd9544fb6fa5b43953a98b0c99152e6d8b4be41d24772e60bf94c7a8279cb8e3ddb73f0a789d02f23d3d03e8601534d01b46fd9ef6b2a93b19604f05d814e5f52894fcff7c6fbb4e5751b6e6eedf503bb3afbf30b076aa5051d76d38a6e15c4e62601b85413fda87182fc0bf45c01c7b4fb050cb1f33639a11477dcbb4f0ecdc45d93f744b024c5b81805cca7b0433abb779cc244cb99047b7e6de54a1fdc0629c3221aee4ea92437bdba659e74aeeeb4cb8f9546c3bd19fe7fb1f8e75324d20fee47a7b16e531a5a0108d1b8914a3a554d8d07255d4846ffa6c835364dc046b01d9727a595796111e6a2b090e11bc8dd1666c701ec1d3efb84ed0c562b67ffd12c11df7967f5f33c83e72ac92179b4e2b18750a635bb2e28fae4e0e41f70bb01cdd897196570dfaf0f519a201f1922fdaedb122b9765c8c35ce9c0a59b2c741c5d559450b734c59707bb80e3dd563ab66795a4eb6ea3dbd49e3ffa13f14d42624d36ab1346d6d84dcc17c5c911216304e8ebd7e9ba3475ce1d8bfe93669002789bb63416138650d6543691e96c4360a508b234200ddedee34a86eea3df75f168373dcbf36b2fcaefaee17ac10c4723d42c01900a4c90d70f493c78f3935aa6208212ce27c72f9f2294dbcffec07a2055e7305e6d731e616f8c2798fccbaff926417e788d7bbc4374f5ee58433d761441c53f6ae1d788eaedc0b9d4745106ac277e24734cdf21c809e22e76f5cc6abd064636b41e0e4900107851c6508677293c260e2132dca82c0de8ea72c1dcc21f07df7a31f099f013b85bc0ea276894b6120aedbb4e0c8cb568df75f7f0949b8fd12a4eb8d804c9b376003a835106cdf6141ab75caf46b249067d5f098b76d82607208f08e2963ce2d18a46aa4f94af5f4e88e98351b9e96859ae5c120ff6b391b6e87595af40b737e6db44842327cb95e9f4c8b9fb1bc2b4440ea8f5cca8e3213c642a38d35e1034d856727bd8e6d13d59d5d455b3f7e5125a0b5520d5055b0f91358ed4b15e00c0a3aa71870f0d8e4e8de9de851e9238c6896558cf5940065b60c313c344167037c1d2eb28681f43afd773e01da98afbc0a898364859234fcb77b7136b46f9f92047bbeb05ca1aae7aab5dfdf82261289311195a0a57aac0dc66b92d338e7b23a7d2c61e20b09213722caf072fd77a0b020a6b1c51db333161dc78c1ffa76b3b883a45dbcc1368847cbbe309b820ddf806375d3b03b4dabba0b7ab6b5d825a64db33eb6e33190c31e9f3dfc7a87e5365ebe2232466b958b79d0e199b051ac782acb5436ef1bd2c6acfff1c7cc65cd4065e3f925c38517962720d8f99b418aef7a75283f8cce719eb456e630f4d8fba365e00f02c4b8d0a59d61635adbe1fe87db33fd5f9e8976507d39b5779a4f847aed724da4c5af3426e3357301e0e92ed612c0110440caecf417e929e9f073e63e15fe6b35dbc34bf4317dbe903ea6a4a520b19d51129dba3c9704d8a753b3266992bc5137bd9d6444af451dbac5b6b30d2882f38b256c60793f71de521aabf4acea89db12e616e36b655476c09f8f75054e8d2b44f80b2e1ef68dff0ec1ecec923357a58bcc1888e159ac2f2a717b669ee188e89238b8a2bf3e7d6c5dcae3a3a8662b42e5e301feb1b39b96e11b8326e772e47a31d5bdf4e1ec9a7ebd4e901977ceb8c2b3b6f9658bc4bfa3dd554cb26877c6e7a15bd3f2f7f869cb4dc38fadae7fe24b18d7443cf3fe275fd7bf1d3bc9d07e8479a6bd02c59986f0fc90f67f940c7518bf7f9df4b06bebc10fd28e5bf8f95a2696e6f72bee848282ffa192a55a1b52aba1610a591f07dd2ccd762554ea8b9b6592f369305fc9ceda04ec7e25f6cbc066f05f62f36b36ab5dc6f369933373cc636aa7ae75482d8de3060caeda3f76bed88080b96dc62f4ba21a865c12f72907b88e99670a1e68dd92779b383f3210d81090ca8a402ad571ff36c2318c7e96af1556e76ec2708c0e8b0eac988df0cff31d8938b265af86aa0f3f95b295dd25928d24f1ec2236d47e8c09de9323d7081995404e88f00bffb3279db7c444d2fb72167e75ec82ac5683ef3e5f622c32ccec9998dca87fad0373208026e935fa61be982f4a68075a933c23d95ea5549988f3b0cae43c487c967b1fa04d3c6faa6060ac08da5264a1af5cb28e749fcec0dcf280e91cfe8e530e5d7c1d402b8120d04391376fd2a80d75ee0e20a571c8baca9a9d294bc30ecec12d28b5e5ea06002ac91f0479d6b271a4eb22f71577e481a5c170281adcd4597da08ec4ef3a85ec0087c3184b6dad84af5835928d6d9a28f5943d9352e55c3b9b276dd11e40de5fe3ad2a232e84c7d72eae1852eae99a1f3ae8e6d3f44cb371b6aac951c560a6b573c37f42f6982ba42164fc2aea895e806700a5733bd457888a4a3e2b9954987264345d8d4b7ca7e699ffc2e98aa3577829a1fee397fecedb5985ad61bac5000ebbb57ed1517f68be2a6fd0ea63c9919b26a4a37b304819bbf5291d3e5d848dc67d03258588d91d351714386e3167b43d62231462013fdd2960523908da26084686c494dbbd0ef587bdd9ab3faceeda00021b5b697cabc6a734d5c5ce3ee03b99384e1443e74d89a854b129b8ac647f127543889fa26e861e5c66faf4867070dddbcc57562046cb59dcff9f2f569595a03fab282423a48cb562db25abb8e25726c35b2730fc83442609752b59504337a920499e898522effd828c740bbc7e1c0eeb9d528e816a94e0ff99b0d5009fa01c744b44fffb635e5af0c37f8387fd8188871f8f3edb45f3c0651dc2d964d886a84a74c527188ba77d579836851a1721ee273ef8e651596e5ae9e5945afa47b6d001d83eb683b62eee683aaf669cf9a7b62eb3c89468527fee398233fcd1815b96df1243730e78e41de83eb1ef337539b0b078a28a4e83ec34ac5091996a0759d5321f5c71843cbbf9fadd5ad128e2e83cbe9b4ba6d1840659e357ae24749279c48de919f97f2fca1f23745177f51b0fe073224b63f2070f367b0ff46f9455314cd05cb57354af99d9b6581de05bd7b565e4d1e398f6ccb202a371fbca1d809c21c1618472f30b510553322b114457436172404e185f389394e8a5838a83a0ffc1cf5cc56c6b55c311818d5d9f10868ca0a438648f6da9e80db325560cf02225771cc4b2e12337818ee7d3efe11a423869567598f3acdf63d62b70eb206eb5365cd60e12ec3205cb2504b33759bba0fd2994801b354eaf5a4f52656499f0fb790eb6d3260469c0da0a3878adcc506af3bfca3da08ff0b65f7d1cab273c938aee6251ae5b39881d5f46b95ab24b5e6b16148bb1f0adf0ecfae668cac8be9bb97e0ee062177befeb3ffb8301960ca80159f7c7b26fa1d29d64e1335ce283deaa59710388844da3cf307088b517cf969d9bb710653873824a3657b36298c9ce36d8b7813f3b5f44bd73e6d7693f39ab591ad470d5a46cc07cb4a5b67debd875c369b9a4fbdff186e656f0fbe39a0afbf37edb8d27b3e6b336af9f1121bdb434a526cc4ccd5d8733f95e4be8d9d10fef4748e9d244f5af64685d8b04132c402451ec58b3f5ff1d159cdce562a07ba79f8ac322f9299d9356c6e5cabeb48837f85bbd7274d8801798ad0a4a13d2e8eb977183012e461201495d804027fb5211a5d6133e348f65b81b9733b61652304253b57916a14a94ad93f777492b4db4ac93153c17edca6874631fda6320173164b7436facc1a9f77fcd6ed9797eb6fd688d049739090b257e1ab7bb4d20e54b15f9175a09eaa512d3d19004dcc01a4e82d7ef72ced66cd6bcaf3e4330340d34c1acb7729753cce60de44a16573e868db3cc251da7bd8ace249b8a9bd71908f4e1f485a4dddbf05ed2f8961cd2ffef522e5f2c404e37439b08954c1065f82e01198cea0a0b9d30655353e6fb01bce4a4ef8f8b690a4a57b6e8bbb66db1bd3024719768b25e98020d5e56a930c58be62bff489e4c937ebf9608e91ad867581c5398be85fc61aad868edc081babd706adfd80ebde8a0c6e1283538cbec681317dc6c54dd406ab4cc8311977e6e5f2601739ff789115024b336c6b35f1c7bfc63a7704d903ed09808ffb724be6f2dc884b1216031522680e8ad613fa87812f22b834dd381c46276a99a16347935d7f84721dfa0e77aacb846df9bf030d6be377265adeded04fe80c71ac7a9aa24acfbfdcccf7a2ac653fa6a47d5f824469959d59236b5251ce4592d2ca1c2006bcf33fc8bd38b4df6a765603d02a12906a58717bee8cbfae351b46fb61e53cba3c3c890f8d04f64a28c4ad890aa11c7ccd36bfc1e4f48a960dadfefc376646f5c242fa9099a350122565a78f39445ad992ca825f026f3c67adabb31a6493f98b9ea8816d1883ee55149"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={<r3=>0x0, 0xffffffffffffff9c, 0x0, 0x9, &(0x7f0000000180)='/dev/kvm\x00'}, 0x30)
sched_setaffinity(r3, 0x8, &(0x7f00000002c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:44 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0xffffffffffffff09)

06:46:45 executing program 4:
socketpair(0x3, 0x7, 0x1, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$NBD_DO_IT(r0, 0xab03)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251, 0x4}, 0x48)

[  763.065595] *** Guest State ***
[  763.069249] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  763.078440] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  763.087496] CR3 = 0x0000000000000000
[  763.091262] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  763.097417] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  763.104323] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
06:46:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  763.111336] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  763.119561] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.127748] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.135924] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.144187] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.152350] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
06:46:45 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x20003, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
fcntl$setflags(r0, 0x2, 0x1)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  763.160891] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  763.169256] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  763.177419] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  763.185661] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  763.194244] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  763.200717] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  763.208415] Interruptibility = 00000000  ActivityState = 00000000
[  763.214800] *** Host State ***
[  763.218053] RIP = 0xffffffff812cf768  RSP = 0xffff8880a011f378
[  763.224277] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  763.230750] FSBase=00007f588e09f700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  763.238832] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  763.244898] CR0=0000000080050033 CR3=00000000a1285000 CR4=00000000001426e0
[  763.252162] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  763.258911] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  763.265244] *** Control State ***
[  763.268769] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  763.275730] EntryControls=0000d1ff ExitControls=002fefff
[  763.281248] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  763.288375] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  763.295206] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  763.301836]         reason=80000021 qualification=0000000000000000
[  763.308345] IDTVectoring: info=00000000 errcode=00000000
06:46:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  763.313969] TSC Offset = 0xfffffe618e3625af
[  763.318341] TPR Threshold = 0x00
[  763.321754] EPT pointer = 0x000000009c9f001e
06:46:45 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
dup3(r0, r0, 0x80000)

06:46:45 executing program 4:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
read$eventfd(r0, &(0x7f0000000040), 0x8)
close(r0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0)
fcntl$setstatus(r2, 0x4, 0x40000)
splice(r0, 0x0, r1, 0x0, 0x8001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  763.779491] *** Guest State ***
[  763.783347] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  763.792502] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  763.801380] CR3 = 0x0000000000000000
[  763.805290] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  763.811329] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  763.818266] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  763.825135] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  763.833371] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.841403] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.849647] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.857906] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.866119] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  763.874306] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  763.882520] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  763.890549] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  763.898757] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  763.906926] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  763.913520] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  763.921023] Interruptibility = 00000000  ActivityState = 00000000
[  763.927451] *** Host State ***
[  763.930700] RIP = 0xffffffff812cf768  RSP = 0xffff8880a02df378
[  763.936935] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  763.943537] FSBase=00007f588e05d700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  763.951390] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  763.957556] CR0=0000000080050033 CR3=00000000a1285000 CR4=00000000001426f0
[  763.964812] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  763.971545] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:46 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$EXT4_IOC_RESIZE_FS(r1, 0x40086610, &(0x7f0000000200)=0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score_adj\x00')
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0xffffffffffffffff)
fanotify_mark(r0, 0x30, 0x11, r3, &(0x7f0000000240)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3, 0x204881)

[  763.977901] *** Control State ***
[  763.981480] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[  763.988499] EntryControls=0000d1ff ExitControls=002fefff
[  763.994144] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  764.001139] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  764.008139] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  764.015130]         reason=80000021 qualification=0000000000000000
[  764.021537] IDTVectoring: info=00000000 errcode=00000000
[  764.027335] TSC Offset = 0xfffffe6128dcea67
[  764.031720] EPT pointer = 0x000000009e02101e
06:46:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:46 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r0)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:46 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000080bc6bb81bd3010000000000000000006110000000000029b6458b0a0ca189fa842c94f907b524500025009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:46 executing program 4:

06:46:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f00000006c0))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
syz_extract_tcp_res(&(0x7f0000000040), 0x673, 0x4)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x9, 0x200000)
ioctl$VIDIOC_G_PRIORITY(r3, 0x80045643, 0x0)
membarrier(0x50, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xea2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:46 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(r1, 0x400442c9, &(0x7f00000000c0))
close(r1)

06:46:47 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000611288000000000095000000000000008bf949b4caaccdcb03b6aa015db606057a0c79e1ea95a447684eeb0b465d913cd106ad55cc35f03c3ca07e244b6085c1cb499437174ff7ce1ba3b9525c7b5ac048f255bcd572ee63a0592e541a77fdd287c948476a467723e3d13ce14c8b1933dacf065c27a11697a81b489f5a1568bf"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x60040, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000040)={{{@in=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast1}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
r2 = getuid()
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000340)=0x21, 0x4)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000180)={{{@in6=@ipv4={[], [], @multicast1}, @in=@multicast1, 0x4e24, 0x0, 0x4e21, 0x2, 0xa, 0x20, 0x20, 0xff, r1, r2}, {0x4, 0x1000, 0xca4, 0x10000, 0x9, 0x9e, 0x80000001, 0x8835}, {0x6, 0x99c7, 0x0, 0x6}, 0x42ab, 0x6e6bbb, 0x1, 0x1, 0x1, 0x3}, {{@in=@remote, 0x4d2, 0xff}, 0x2, @in6=@dev={0xfe, 0x80, [], 0x1f}, 0x3500, 0x2, 0x1, 0x1, 0x4, 0xfffffffffffffff9, 0xffffffff}}, 0xe8)

06:46:47 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=ANY=[@ANYBLOB="1800000000000000000000000000000061100000000000009500000300000000"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:47 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
write$binfmt_elf32(r2, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0xfffffffffffffffa, 0x2, 0xfc, 0x0, 0x3, 0x3e, 0x7f, 0xee, 0x38, 0x270, 0x1, 0x401, 0x20, 0x2, 0x5, 0x0, 0x7}, [{0x3, 0x800, 0x9, 0x10001, 0x8, 0x3, 0x9, 0xa5}, {0x0, 0x7, 0x3, 0x2, 0x0, 0x2, 0x4, 0x2e5d}], "c5847df027e58e20c56bd412b358f06270cda1a53438e1f7b596f21682efe19f4bc051cd6cd82ba6d7f35458ecd4b083849967746308b43050a29d230d7b8ae154003bb238ef32417c02c70735cea259c7226021f55469ae752102931bc5b7c459b6e5c60320738d10c89a8391c866e3bb4648b2422ef021a4d00afbb467", [[], [], [], [], [], [], [], [], []]}, 0x9f6)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x22180, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:47 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x1c, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000000001040000000000611288000000000095000000000000005fd1d8f958f37a1bcc69ecbb0de9a4e2abd6129a497889596909790c75193132509ea1e00da2f0f5106c5b86a60a3ee2536b4b34be4112cea923e4e6286f90e2c275d5070167ac1e1f5c7618484a391cbd304dbe05fe4c411d38190d59e88994d6dad594ef1fa59ceedfba80e77500da39ac7b3eb7be6ec5aed1d15dfb5e948381bb0ce9090f470aba33725d83a2595891768b5145d04709de9a5595e73b486096844a74c395d1716c524833d4d1974e134466f3b394161c520702449e0587c1b4f49dcf46"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251, 0x8}, 0x48)

06:46:48 executing program 1:

06:46:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = semget(0x3, 0x3, 0x400)
semctl$GETZCNT(r3, 0x1, 0xf, &(0x7f00000006c0)=""/4096)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:48 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
prctl$getname(0x10, &(0x7f00000000c0)=""/46)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:48 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x12000, 0x0)
r1 = getpid()
fcntl$setown(r0, 0x8, r1)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x8, 0x59, 0x585, 0x8, 0x3ff, 0x94, 0xdaa, 0x7fffffff, 0x7ff800000000000, 0x7, 0x3}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e54b134880c906588f0000000000611288000000000095000000000000007212dfef61104eb53248c9bd9d6693fbf279edaca7bb6090c111c8a18f6e24e5db0b0859ef9629ef3bfa3c3b13e377ef7bdd434e067980c36459ed87dd8442749e49fc0e00cba8421efacb745d4414c4bb7ecac022797bfd9bbc258ec43f0f387a57f788c49d3134a9768bc65980897db04dec1953a9335fff27309ec2bbaecb1273c3a16537580207a61ba1245400a69ccf6f0cb00eb8a640b7718bb01b5e793ba6244625fb8522484066cc87f859d130f9f83e8ba0bddd1dbb7a7cd1c29fcae67ec28b84b0dd361afbd48a6720999ee64abe4c8a4feed00eb25b26d0b0d5a0333e"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:48 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000061100000000000009500000000000000495afa111f83e4ef5285c6ef6732b81d9fca2b4eaf"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
socketpair(0x11, 0x805, 0x8, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast2, @in=@multicast1}}, {{@in6=@mcast1}, 0x0, @in=@remote}}, &(0x7f0000000180)=0xe8)

[  766.660165] *** Guest State ***
[  766.663813] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  766.672938] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  766.681831] CR3 = 0x0000000000000000
[  766.685749] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  766.691780] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  766.698727] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  766.705572] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  766.713749] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  766.721786] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  766.730022] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  766.738187] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  766.746348] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  766.754585] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  766.762792] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  766.770831] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  766.779023] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  766.787187] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  766.793847] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  766.801366] Interruptibility = 00000000  ActivityState = 00000000
[  766.807774] *** Host State ***
[  766.811047] RIP = 0xffffffff812cf768  RSP = 0xffff8880a015f378
[  766.817283] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  766.823868] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  766.831739] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  766.837826] CR0=0000000080050033 CR3=000000009de92000 CR4=00000000001426e0
[  766.845026] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  766.851779] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  766.858121] *** Control State ***
[  766.861639] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  766.868491] EntryControls=0000d1ff ExitControls=002fefff
[  766.874110] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  766.881097] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  766.887964] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  766.894730]         reason=80000021 qualification=0000000000000000
[  766.901110] IDTVectoring: info=00000000 errcode=00000000
[  766.906768] TSC Offset = 0xfffffe5f98a3ad84
06:46:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  766.911161] TPR Threshold = 0x00
[  766.914744] EPT pointer = 0x00000000a037501e
06:46:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

06:46:49 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$admmidi(&(0x7f0000000200)='/dev/admmidi#\x00', 0x6, 0xc00)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000240)=0xff)
ioctl$KVM_NMI(r2, 0xae9a)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
ioctl$PPPIOCSMRU(r3, 0x40047452, &(0x7f00000000c0)=0x8)
fchdir(r3)
r4 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r4, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
r5 = fcntl$getown(r0, 0x9)
fcntl$lock(r4, 0x26, &(0x7f0000000300)={0x2, 0x5, 0x1, 0x5, r5})
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:49 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x8, 0x200000)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x2, 0x4)

06:46:49 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000))

06:46:49 executing program 0:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
read$eventfd(r0, &(0x7f0000000040), 0x8)
close(r0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0)
fcntl$setstatus(r2, 0x4, 0x40000)
splice(r0, 0x0, r1, 0x0, 0x8001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:50 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4000, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000240)={0x5, 0xfffffffffffffffb, 0x9, 0x3, 0x401}, 0xffffffffffffffe9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r2)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:50 executing program 1:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1ff, 0x210000)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x17, &(0x7f0000000080)=ANY=[@ANYBLOB="2cb06877a993758e7dbc38b99580c437bf0a0287fc8ed4a33e94757b42b00eeb7d3148c723ec85f1fa9be60a3491ea2d41ee7d16d81f0e51a2faa33be1b7a6f5b24edb805eeda9d0d78678898c197b85daacb6fb1f081db3d63eb831aabaa05aeac1afaa8a7d08cfbb6a9e6dc61060ee9e0965d022ae6581268e9c4b1316499c3767ee9746b57479cdb714bf735c8c1a0532f0f2eec8ff262a692d61b41167af002fbc42f3c496cb", @ANYRESOCT=r0], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

06:46:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:50 executing program 4:
syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x5, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000009fb0008000000007000000434d0000006112116f7be43d97f0f2630180b08800"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x2ac)

06:46:50 executing program 0 (fault-call:7 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:50 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2020000, 0x11, r0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x20)

06:46:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$inet_tcp_buf(r1, 0x6, 0x1a, &(0x7f0000000000)=""/77, &(0x7f0000000080)=0x4d)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x10000, 0x14002)
ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f0000000100))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  768.646952] FAULT_INJECTION: forcing a failure.
[  768.646952] name failslab, interval 1, probability 0, space 0, times 0
[  768.658599] CPU: 0 PID: 18153 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #88
[  768.665953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  768.668450] Call Trace:
[  768.668450]  dump_stack+0x32d/0x480
[  768.668450]  should_fail+0x11e5/0x13c0
[  768.668450]  __should_failslab+0x278/0x2a0
[  768.668450]  should_failslab+0x29/0x70
[  768.668450]  kmem_cache_alloc+0x146/0xe20
[  768.668450]  ? mmu_topup_memory_caches+0x119/0x900
[  768.668450]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  768.668450]  ? kvm_vcpu_kick+0x32d/0x390
[  768.668450]  mmu_topup_memory_caches+0x119/0x900
[  768.668450]  ? kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  768.668450]  kvm_mmu_load+0xb3/0x3510
[  768.724220]  ? kvm_lapic_enabled+0x7c/0x440
[  768.724220]  ? kvm_lapic_enabled+0x3c3/0x440
[  768.724220]  kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040
[  768.724220]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  768.745016] *** Guest State ***
[  768.724220]  ? kmsan_set_origin+0x7f/0x100
[  768.724220]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  768.724220]  ? kstrtoull+0x6fe/0x7e0
[  768.750406] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  768.724220]  ? kmsan_set_origin+0x7f/0x100
[  768.724220]  ? __msan_poison_alloca+0x1e0/0x270
[  768.724220]  ? kmsan_set_origin+0x7f/0x100
[  768.724220]  ? put_pid+0x71/0x410
[  768.760466] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  768.724220]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  768.724220]  ? put_pid+0x330/0x410
[  768.724220]  ? get_task_pid+0x19d/0x290
[  768.773332] CR3 = 0x0000000000000000
[  768.724220]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  768.782265] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  768.724220]  ? do_vfs_ioctl+0x184/0x2f70
[  768.724220]  ? __se_sys_ioctl+0x1da/0x270
[  768.724220]  ? kvm_vm_release+0x90/0x90
[  768.790149] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  768.724220]  do_vfs_ioctl+0xfbc/0x2f70
[  768.724220]  ? security_file_ioctl+0x92/0x200
[  768.724220]  __se_sys_ioctl+0x1da/0x270
[  768.803630] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  768.724220]  __x64_sys_ioctl+0x4a/0x70
[  768.811043] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  768.724220]  do_syscall_64+0xcf/0x110
[  768.724220]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  768.724220] RIP: 0033:0x457569
[  768.724220] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  768.818967] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.724220] RSP: 002b:00007fe867945c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  768.724220] RAX: ffffffffffffffda RBX: 00007fe867945c90 RCX: 0000000000457569
[  768.724220] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  768.724220] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  768.724220] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe8679466d4
[  768.724220] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000006
[  768.829174] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.968806] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.977145] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.985457] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.994047] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.002223] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  769.010259] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.018496] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  769.026654] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  769.033536] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  769.041046] Interruptibility = 00000000  ActivityState = 00000000
[  769.047448] *** Host State ***
[  769.050722] RIP = 0xffffffff812cf768  RSP = 0xffff8880a9f7f378
[  769.056893] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  769.063481] FSBase=00007f588e0c1700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  769.071333] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  769.077432] CR0=0000000080050033 CR3=00000000a1426000 CR4=00000000001426e0
[  769.084642] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  769.091362] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
06:46:51 executing program 1:
socketpair(0x9, 0x80006, 0x1, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0xc, &(0x7f0000000080)=@raw=[@exit, @exit, @alu={0x4, 0xffffffffffffd899, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc}, @generic={0x80, 0x7, 0x600000000000000, 0x10000, 0x7}, @ldst={0x2, 0x3, 0x1, 0xf, 0xb, 0x10}, @ldst={0x3, 0x2, 0x3, 0xe, 0x5, 0xfffffffffffffffc, 0x10}, @jmp={0x5, 0x2, 0xf, 0x8, 0x5, 0x1, 0x10}, @map={0x18, 0x0, 0x1, 0x0, r0}, @map={0x18, 0x7, 0x1, 0x0, r1}, @call={0x85, 0x0, 0x0, 0x20}], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

[  769.097599] *** Control State ***
[  769.101144] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  769.108109] EntryControls=0000d1ff ExitControls=002fefff
[  769.113928] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  769.120964] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  769.127890] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  769.134661]         reason=80000021 qualification=0000000000000000
[  769.141031] IDTVectoring: info=00000000 errcode=00000000
06:46:51 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x6e, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000061258809000000009500000000000500"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfffffffffffffeb5, &(0x7f00001a7f05)=""/251, 0x0, 0x0, [], 0x0, 0x4}, 0x48)

06:46:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  769.146731] TSC Offset = 0xfffffe5e79cc1d6e
[  769.151095] TPR Threshold = 0x00
[  769.154707] EPT pointer = 0x00000000a9e9901e
06:46:51 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x800, 0x0)
ioctl$RTC_AIE_OFF(r1, 0x7002)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000200))
fchdir(r2)
r3 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r3, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:51 executing program 4:
r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x1, 0xc240)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1d, &(0x7f0000000100)={@remote, <r1=>0x0}, &(0x7f0000000140)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0xa, &(0x7f0000000080)=@raw=[@map={0x18, 0xa, 0x1, 0x0, r0}, @initr0={0x18, 0x0, 0x0, 0x0, 0xd98b, 0x0, 0x0, 0x0, 0xeb}, @ldst={0x2, 0x3, 0x7, 0x0, 0xa, 0x4e, 0xfffffffffffffffc}, @alu={0x7, 0x9, 0xc, 0x9, 0x4, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x7fffffff}, @generic={0x2, 0x3, 0x7, 0x400, 0x5}, @generic={0x80, 0x8, 0x40, 0x8, 0x6}], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x74, &(0x7f00001a7f05)=""/251, 0x0, 0x4, [], r1}, 0x48)

06:46:51 executing program 1:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xffff, 0x80)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x2000, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r1, 0x4)
syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x200000)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)

[  769.622722] *** Guest State ***
[  769.626122] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  769.635347] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  769.644495] CR3 = 0x0000000000000000
[  769.648265] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  769.654469] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  769.661199] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  769.668101] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  769.676277] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.684514] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.692696] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.700746] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.708982] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.717144] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.725370] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  769.733529] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.741639] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  769.749864] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  769.756455] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  769.764154] Interruptibility = 00000000  ActivityState = 00000000
[  769.770445] *** Host State ***
[  769.773884] RIP = 0xffffffff812cf768  RSP = 0xffff8880a019f378
[  769.779965] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  769.786629] FSBase=00007f588e05d700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000
[  769.794622] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000
[  769.800572] CR0=0000000080050033 CR3=00000000a1426000 CR4=00000000001426e0
[  769.807870] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260
[  769.814768] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  769.820863] *** Control State ***
[  769.824597] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  769.831359] EntryControls=0000d1ff ExitControls=002fefff
[  769.837046] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  769.844162] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  769.850891] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  769.857721]         reason=80000021 qualification=0000000000000000
[  769.864200] IDTVectoring: info=00000000 errcode=00000000
[  769.869698] TSC Offset = 0xfffffe5e79cc015f
[  769.874273] TPR Threshold = 0x00
[  769.877693] EPT pointer = 0x00000000a9e9901e
06:46:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x8000, 0x0)
ioctl$GIO_SCRNMAP(r3, 0x4b40, &(0x7f0000000100)=""/31)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r3, 0x408c5333, &(0x7f0000000040)={0x200, 0x5393, 0x5, 'queue0\x00', 0x9})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000005c0)={0x2, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x8000, 0x6, 0x10000, [], 0x3}, {0x9, 0x0, 0x2, [], 0x6}, {0x2fe, 0x0, 0x3, [], 0xfffffffffffffffd}, {0x7fff, 0x0, 0x7, [], 0x1}, {0x1926, 0xfffffffffffffffa}, {0x0, 0x9, 0x0, [], 0x6}, {0x7}, {0x0, 0x7, 0x4}, {0x0, 0x10001, 0x80000001}, {0x1, 0x0, 0xffffffffffffff01}, {0x9, 0x8, 0x9, [], 0x9}, {0x9a, 0x8, 0x0, [], 0x5}, {0xfff, 0x1, 0x38, [], 0x80}, {0x0, 0x100, 0x0, [], 0xafc}, {0x9, 0x1}, {0x6, 0x0, 0x10001}, {0x2000, 0x0, 0x3ff, [], 0x6}, {0x4, 0x0, 0x401, [], 0x100}, {0x80000000, 0xdf, 0x5}, {0x0, 0x0, 0x9}]}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

06:46:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0xe8e, 0x14, [0x0, 0x8000, 0x4, 0x5, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:46:52 executing program 5:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200000, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x100, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000005c0)={0x0, 0x0, @ioapic={0x0, 0x5387a453, 0x0, 0x0, 0x0, [{0x0, 0x6, 0x0, [], 0x3}, {0x9, 0x0, 0x0, [], 0x6}, {0x0, 0x80000000000000}, {0x7fff, 0x4}, {0x1926, 0xfffffffffffffffa, 0x0, [], 0x7ff}, {0xfc, 0x9}, {0x7, 0x0, 0x0, [], 0x8}, {0x8, 0x7}, {0x7fffffff, 0x10001, 0x0, [], 0x800}, {0x1}, {0x0, 0x8, 0x9}, {0x9a, 0x8, 0xd8, [], 0x5}, {0xfff, 0x0, 0x38}, {0x81}, {0x9, 0x0, 0x1}, {0x6}, {0x2000}, {0x4, 0x0, 0x401}, {0x80000000, 0x0, 0x5, [], 0x1}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

06:46:52 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)="66640cf3b007000000c65b6ed599b897ff1ccaf223e5c47b00a56714199e8e663e0ea9f34f669f641a2a941327f453b426174506cde9ad6498bef5930939c34311b40e7fa1bca83008b1ec6aa930fe6475166fe936b2fc0d6942912aeb1a5c731b605e1b4965eea72884b222e1")
fchdir(r1)
r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0)
write(r2, &(0x7f0000000180)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

06:46:52 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x10000000000008, 0x200000000000022b, &(0x7f0000000000)=ANY=[@ANYBLOB="f70ffeff00000000fc5b80000800000006010900001000003917ffff1000000013ff2000f0ffffff850000013007000018000000970900000000000003000000950000000000000018000000ff0000000000000006000000"], &(0x7f0000f6bffb)='GPL\x00', 0xffffffffdffffffb, 0xfb, &(0x7f0000000180)=""/251, 0x0, 0x1, [], 0x0, 0xd}, 0x10282)
r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x43af, 0x20000)
ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000440))

[  770.513397] *** Guest State ***
[  770.516974] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  770.526329] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  770.535420] CR3 = 0x0000000000000000
[  770.539189] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  770.545445] RFLAGS=0xfffffffffffffffe         DR7 = 0x0000000000000400
[  770.552416] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  770.559194] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  770.567448] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.575652] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.583850] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.592077] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.600127] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.608374] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  770.616650] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  770.624846] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  770.633064] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  770.641090] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  770.647725] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  770.655444] Interruptibility = 00000000  ActivityState = 00000000
[  770.661724] *** Host State ***
[  770.665129] RIP = 0xffffffff812cf768  RSP = 0xffff8880a9faf378
[  770.671189] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  770.677821] FSBase=00007fe867946700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000
[  770.685822] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  770.691790] CR0=0000000080050033 CR3=00000000b081c000 CR4=00000000001426f0
[  770.699112] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260
[  770.705970] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  770.712220] *** Control State ***
[  770.715761] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  770.722649] EntryControls=0000d1ff ExitControls=002fefff
[  770.728161] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  770.735374] VMEntry: intr_info=80000003 errcode=00000000 ilen=00000000
[  770.742250] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  770.748890]         reason=80000021 qualification=0000000000000000
[  770.755509] IDTVectoring: info=00000000 errcode=00000000
06:46:52 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x88}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0x14e, &(0x7f00001a7f05)=""/251}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x28, &(0x7f0000000000)={0x0, <r0=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r0, 0x180000000000000, 0x10}, 0xc)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)

[  770.761018] TSC Offset = 0xfffffe5d8d667977
[  770.765624] TPR Threshold = 0x00
[  770.769043] EPT pointer = 0x00000000a119801e
[  770.803171] ==================================================================
[  770.810602] BUG: KMSAN: uninit-value in native_apic_mem_read+0x54/0x60
[  770.811940] CPU: 1 PID: 18193 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #88
[  770.822950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  770.822950] Call Trace:
[  770.822950]  <IRQ>
[  770.822950]  dump_stack+0x32d/0x480
[  770.822950]  ? native_apic_mem_read+0x54/0x60
[  770.822950]  kmsan_report+0x19f/0x300
[  770.822950]  ? native_apic_mem_write+0xa0/0xa0
[  770.854451]  __msan_warning+0x76/0xc0
[  770.854451]  native_apic_mem_read+0x54/0x60
[  770.854451]  smp_spurious_interrupt+0x38e/0x770
[  770.854451]  spurious_interrupt+0xf/0x20
[  770.854451]  </IRQ>
[  770.854451] RIP: 0010:vmx_handle_external_intr+0x1e2/0x280
[  770.854451] Code: e3 20 4c 09 fb 48 89 c1 48 c1 e1 20 4c 09 e9 0f 85 95 00 00 00 4c 89 f4 48 89 e0 48 83 e4 f0 6a 18 50 9c 6a 10 e8 ce cd f3 09 <eb> 05 e8 97 f9 79 00 65 48 8b 04 25 28 00 00 00 48 3b 45 d0 75 7d
[  770.854451] RSP: 0018:ffff8880a318f538 EFLAGS: 00000086 ORIG_RAX: ffffffffffffff00
[  770.854451] RAX: ffff8880a318f538 RBX: ffffffff8b001520 RCX: 0000000000000000
[  770.854451] RDX: ffffffff8c91d000 RSI: fffffe0080000ef8 RDI: 0000758000000ef8
[  770.854451] RBP: ffff8880a318f590 R08: ffff888000000000 R09: 0000000000000002
[  770.854451] R10: 0000000000000000 R11: ffffffff812c9a50 R12: fffffe0000000ef8
[  770.854451] R13: 0000000000000000 R14: ffff8880a318f538 R15: 000000008b001520
[  770.854451]  ? error_interrupt+0x20/0x20
[  770.854451]  ? free_kvm_area+0x250/0x250
[  770.854451]  ? vmx_handle_external_intr+0x1b1/0x280
[  770.854451]  ? free_kvm_area+0x250/0x250
[  770.854451]  kvm_arch_vcpu_ioctl_run+0xac74/0x12040
[  770.854451]  ? kmsan_internal_unpoison_shadow+0x30/0xd0
[  770.854451]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  770.854451]  ? kmsan_set_origin+0x7f/0x100
[  770.854451]  ? __msan_poison_alloca+0x1e0/0x270
[  770.854451]  ? kmsan_set_origin+0x7f/0x100
[  770.854451]  ? put_pid+0x71/0x410
[  770.854451]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  770.854451]  ? put_pid+0x330/0x410
[  770.854451]  ? get_task_pid+0x19d/0x290
[  770.854451]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  770.854451]  ? do_vfs_ioctl+0x184/0x2f70
[  770.854451]  ? __se_sys_ioctl+0x1da/0x270
[  770.854451]  ? kvm_vm_release+0x90/0x90
[  770.854451]  do_vfs_ioctl+0xfbc/0x2f70
[  770.854451]  ? security_file_ioctl+0x92/0x200
[  770.854451]  __se_sys_ioctl+0x1da/0x270
[  770.854451]  __x64_sys_ioctl+0x4a/0x70
[  770.854451]  do_syscall_64+0xcf/0x110
[  770.854451]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  770.854451] RIP: 0033:0x457569
[  770.854451] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  770.854451] RSP: 002b:00007f588e0c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.854451] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  770.854451] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  770.854451] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  770.854451] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588e0c16d4
[  770.854451] R13: 00000000004c028e R14: 00000000004d06d8 R15: 00000000ffffffff
[  770.854451] 
[  770.854451] Local variable description: ----regs.i.i@vmx_vcpu_run
[  770.854451] Variable was created at:
[  770.854451]  vmx_vcpu_run+0xb7/0x7d80
[  770.854451]  kvm_arch_vcpu_ioctl_run+0xa315/0x12040
[  770.854451] ==================================================================
[  770.854451] Disabling lock debugging due to kernel taint
[  770.854451] Kernel panic - not syncing: panic_on_warn set ...
[  770.854451] CPU: 1 PID: 18193 Comm: syz-executor5 Tainted: G    B             4.20.0-rc2+ #88
[  770.854451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  770.854451] Call Trace:
[  770.854451]  <IRQ>
[  770.854451]  dump_stack+0x32d/0x480
[  770.854451]  panic+0x624/0xc08
[  770.854451]  kmsan_report+0x300/0x300
[  770.854451]  ? native_apic_mem_write+0xa0/0xa0
[  770.854451]  __msan_warning+0x76/0xc0
[  770.854451]  native_apic_mem_read+0x54/0x60
[  770.854451]  smp_spurious_interrupt+0x38e/0x770
[  770.854451]  spurious_interrupt+0xf/0x20
[  770.854451]  </IRQ>
[  770.854451] RIP: 0010:vmx_handle_external_intr+0x1e2/0x280
[  770.854451] Code: e3 20 4c 09 fb 48 89 c1 48 c1 e1 20 4c 09 e9 0f 85 95 00 00 00 4c 89 f4 48 89 e0 48 83 e4 f0 6a 18 50 9c 6a 10 e8 ce cd f3 09 <eb> 05 e8 97 f9 79 00 65 48 8b 04 25 28 00 00 00 48 3b 45 d0 75 7d
[  770.854451] RSP: 0018:ffff8880a318f538 EFLAGS: 00000086 ORIG_RAX: ffffffffffffff00
[  770.854451] RAX: ffff8880a318f538 RBX: ffffffff8b001520 RCX: 0000000000000000
[  770.854451] RDX: ffffffff8c91d000 RSI: fffffe0080000ef8 RDI: 0000758000000ef8
[  770.854451] RBP: ffff8880a318f590 R08: ffff888000000000 R09: 0000000000000002
[  770.854451] R10: 0000000000000000 R11: ffffffff812c9a50 R12: fffffe0000000ef8
[  770.854451] R13: 0000000000000000 R14: ffff8880a318f538 R15: 000000008b001520
[  770.854451]  ? error_interrupt+0x20/0x20
[  770.854451]  ? free_kvm_area+0x250/0x250
[  770.854451]  ? vmx_handle_external_intr+0x1b1/0x280
[  770.854451]  ? free_kvm_area+0x250/0x250
[  770.854451]  kvm_arch_vcpu_ioctl_run+0xac74/0x12040
[  770.854451]  ? kmsan_internal_unpoison_shadow+0x30/0xd0
[  770.854451]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  770.854451]  ? kmsan_set_origin+0x7f/0x100
[  770.854451]  ? __msan_poison_alloca+0x1e0/0x270
[  770.854451]  ? kmsan_set_origin+0x7f/0x100
[  770.854451]  ? put_pid+0x71/0x410
[  770.854451]  ? kvm_vcpu_ioctl+0x1f85/0x1f90
[  770.854451]  ? put_pid+0x330/0x410
[  770.854451]  ? get_task_pid+0x19d/0x290
[  770.854451]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  770.854451]  ? do_vfs_ioctl+0x184/0x2f70
[  770.854451]  ? __se_sys_ioctl+0x1da/0x270
[  770.854451]  ? kvm_vm_release+0x90/0x90
[  770.854451]  do_vfs_ioctl+0xfbc/0x2f70
[  770.854451]  ? security_file_ioctl+0x92/0x200
[  770.854451]  __se_sys_ioctl+0x1da/0x270
[  770.854451]  __x64_sys_ioctl+0x4a/0x70
[  770.854451]  do_syscall_64+0xcf/0x110
[  770.854451]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  770.854451] RIP: 0033:0x457569
[  770.854451] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  770.854451] RSP: 002b:00007f588e0c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.854451] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  770.854451] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  770.854451] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  770.854451] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588e0c16d4
[  770.854451] R13: 00000000004c028e R14: 00000000004d06d8 R15: 00000000ffffffff
[  770.854451] Kernel Offset: disabled
[  770.854451] Rebooting in 86400 seconds..