, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x2}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4040001) [ 451.618025] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 451.626213] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 451.634318] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 451.642457] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 451.650466] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 451.657011] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 451.664568] Interruptibility = 00000000 ActivityState = 00000000 [ 451.670937] *** Host State *** [ 451.674294] RIP = 0xffffffff812b0dfc RSP = 0xffff8880646ff380 [ 451.680327] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 451.686885] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 451.694832] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 451.700760] CR0=0000000080050033 CR3=00000001fc05e000 CR4=00000000001426f0 [ 451.707969] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 451.714769] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 451.721944] *** Control State *** [ 451.725449] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 451.732327] EntryControls=0000d1ff ExitControls=002fefff [ 451.737827] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 451.744997] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 451.751721] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 451.758441] reason=80000021 qualification=0000000000000000 [ 451.764909] IDTVectoring: info=00000000 errcode=00000000 [ 451.770409] TSC Offset = 0xffffff0a2686c7d8 12:17:29 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:29 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x0, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) [ 451.774879] TPR Threshold = 0x00 [ 451.778287] EPT pointer = 0x00000000795a701e [ 451.839018] QAT: Invalid ioctl [ 451.879260] QAT: Invalid ioctl 12:17:30 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x100000000, 0x6, 0xfffffffffffffffa}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000080)={0x0, 0x400, 0x6, [0xa0, 0x1, 0x8, 0x7, 0x6488, 0x4]}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000100)={r2, 0xe3, "1f8567f71c4ea98a1f8f61e1ffca783c3facebe527a822dc8f09552ed622e059a17d8c9884b28b60c0993a1207becfecb0bee0fc305f7cb9e90d8cd70120efe576a6170a6ed3e8fb0075dc1c2c21635036c627cc46fe87d9c497d541cee958254d9d7077054dd06fd83574d6c713d66b6cf8018967fbcaa400da32525bd0dab2c52463050783d7d0f87474da38c955d46b676acd4be33037aa2736ebf5a7b1102f47d00fda8d03efd31fd141d5e6b3ad38c0f45e069be1c80e65893b4e3c8a3f080a8fd2f57b64263f8ee83d1dc9ebaffadc01b2e003dea26fc81d8fc49ff41f434278"}, &(0x7f0000000200)=0xeb) [ 451.925756] QAT: Invalid ioctl [ 451.929001] QAT: Invalid ioctl 12:17:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:30 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) getdents(r0, &(0x7f0000000040)=""/143, 0x8f) [ 452.206310] QAT: Invalid ioctl [ 452.209753] QAT: Invalid ioctl [ 452.253024] QAT: Invalid ioctl [ 452.256303] QAT: Invalid ioctl [ 452.354423] *** Guest State *** [ 452.357867] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 452.366936] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 452.375990] CR3 = 0x0000000000000000 [ 452.379757] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 452.385890] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 452.392016] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 452.398793] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 452.406949] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.415036] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.423196] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.431229] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.439370] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.447469] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.455612] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 452.463694] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.471719] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 452.479823] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 452.486349] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 452.493937] Interruptibility = 00000000 ActivityState = 00000000 [ 452.500199] *** Host State *** [ 452.503645] RIP = 0xffffffff812b0dfc RSP = 0xffff8880646ff380 [ 452.509679] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 452.516245] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 452.524172] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 452.530170] CR0=0000000080050033 CR3=00000001fc05e000 CR4=00000000001426e0 [ 452.537330] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 452.544264] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 452.550348] *** Control State *** [ 452.553929] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 452.560636] EntryControls=0000d1ff ExitControls=002fefff [ 452.566187] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 452.573215] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 452.579884] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 452.586685] reason=80000021 qualification=0000000000000000 [ 452.593063] IDTVectoring: info=00000000 errcode=00000000 [ 452.598513] TSC Offset = 0xffffff09b390ff5d 12:17:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) syz_extract_tcp_res$synack(&(0x7f0000000140), 0x1, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:30 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x0, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) 12:17:30 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:30 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0xfffffffffffffffe, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 452.603003] EPT pointer = 0x000000007127601e 12:17:30 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 452.675109] QAT: Invalid ioctl 12:17:30 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x1, 0x9, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc}, 0x2c) syz_open_procfs(0x0, &(0x7f0000000000)='net/rt6_stats\x00') getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e20, @loopback}}, 0x7ff, 0xfffffffffffffffa, 0x400, 0x0, 0xa4}, &(0x7f0000000140)=0x98) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 452.856135] *** Guest State *** [ 452.859572] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 452.868705] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 452.877708] CR3 = 0x0000000000000000 [ 452.881470] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 452.883430] *** Guest State *** [ 452.887541] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 452.887574] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 452.890881] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 452.896910] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 452.896960] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.903887] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 452.903900] CR3 = 0x0000000000000000 [ 452.903924] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 452.903943] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 452.903968] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 452.903994] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 452.904025] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.904055] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.904086] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.904116] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.904157] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.904180] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.904211] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 452.904234] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.904265] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 452.904286] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 452.904306] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 452.904324] Interruptibility = 00000000 ActivityState = 00000000 [ 452.904332] *** Host State *** [ 452.904354] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fc0ef380 [ 452.904391] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 452.904417] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 452.904439] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 452.904481] CR0=0000000080050033 CR3=000000009038c000 CR4=00000000001426e0 [ 452.904511] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 12:17:31 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x20000, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000080)=0x8) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f00000000c0)={0x2f, 0x1e, 0x16, 0x12, 0x2, 0x2, 0x4, 0x9e, 0xffffffffffffffff}) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0xc9c) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 452.904547] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 452.913472] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.921439] *** Control State *** [ 452.929517] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.929555] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.938464] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 452.942254] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 452.948226] EntryControls=0000d1ff ExitControls=002fefff [ 452.954256] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.954294] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 452.960977] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 452.969046] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 452.977202] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 452.985273] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 452.985294] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 452.985316] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 452.985345] Interruptibility = 00000000 ActivityState = 00000000 [ 452.993380] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.001326] *** Host State *** [ 453.001359] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd10f380 [ 453.009387] reason=80000021 qualification=0000000000000000 [ 453.017441] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 453.017476] FSBase=00007feb364db700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 453.025477] IDTVectoring: info=00000000 errcode=00000000 [ 453.025505] TSC Offset = 0xffffff09716bec66 [ 453.033537] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 453.033570] CR0=0000000080050033 CR3=0000000061cfe000 CR4=00000000001426f0 [ 453.041534] TPR Threshold = 0x00 [ 453.048034] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 453.055557] EPT pointer = 0x00000001fd39001e [ 453.061789] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 453.246585] QAT: Invalid ioctl [ 453.247553] *** Control State *** [ 453.247593] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 453.247610] EntryControls=0000d1ff ExitControls=002fefff [ 453.247636] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 453.247672] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.284606] QAT: Invalid ioctl [ 453.284963] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.308574] QAT: Invalid ioctl [ 453.308832] reason=80000021 qualification=0000000000000000 12:17:31 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x1) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 453.308849] IDTVectoring: info=00000000 errcode=00000000 [ 453.308863] TSC Offset = 0xffffff09762864ef [ 453.308880] EPT pointer = 0x000000008a82d01e [ 453.384552] QAT: Invalid ioctl 12:17:31 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x0, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) 12:17:31 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:31 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)="73c129fc871a8d545ab6e2a3427d56a5d8a3b2b9360adf662fa0d8cab833f08379efd53c539b5ff5f870b9429884286b42a3ac015a76fe108aace3120b786946271709ba8e28fe518fdc2d4b450ef7512e8acceb9b745a3d1b83be6e8f8d1758566216d0a7e497a1d8c245d203438296995e4b5aacce0feb14ed9328b13200b5d54777da13244f0d84b768a49ce28468c80496ba38c3b0c8b6dfeb7bf1b3bf64650645b013c9960de2e5c84e9a91c9c9c7b0f5ed4c7b8cdacfd85f9b73f64651ec56bc791c5ae52738bfa5126b738633e0eb7ab982343e5a4f4789e945105666f73cc786e01746e8e276829376032ddc3c617a8c88728cd76e938cd96ea4e284aa131111d212a6cd0dc74545550f84da6853baea26951b91d285ef45c1664233cd312ed034fd6e8aa9edcebc8c61ac7fa2fd225e0305ad0c7878a555b0bbe5f568cdc206983cde14cac3ec0432d2fc8c5769a137bcbabdb232dd68fc8a8b3142be8184459a11304d765e2348a8c3aff1ca0237c8d31c60883ee2240c1dcaef1827a3275006b09aa6086af3dcba7dbad1ec645fd755ceaa1261ef0622f279ae3d5bb0692e9ab12171fed8f342bce131f7cd1494d5473c5d0b4531230f2a486e98df2768c1afe1f2d337a5de46f5d89b64f2225bde0985e21dac06de1a9a425b09d91e16a36312f038a63624b0455e0867f4ed2046facecb9032808be73293d1aaf00871df08acc0439398a36827910f400add1255563550e3a01cfd303fa186af501258aeeaa7d7f3e188bcc3fb73226eebeec1b8cc7a342b8141139476ef45bfff22b926cf1c524e57f8ac18ba77e0eba7d11ce2dbf33b179760249ae3e0ab6f4d816529514a0e18681480aa79e13109e5713aba4f797860ee4f28db7b984728e1a03f8b64321259f9f824bd91463532bbd4a582c704c02552ec7cfe5524c3e2e8f51eedff532039ef8e3b4b31eacaddc7289c04a2f4ef3cf4bd4682cfd43a875ae3e53cbadede36cd8b032753acde08f62a82148fbfcd07c0cace8f78f68e70ac69fd6f02589367d414ab7afd1faa230e6fd94f6613daa61891b1156404c26e6d3a9d341090dcae76fbce2678fb5c995ae6f5be5a94878f1cf333175f6de3fc97c7562faf3b5d89a2462e68a3c5d4679bcaccdae22802263a6a7202d351da1aabb374a2d0126317a204d58997a3cc822179af41985bf3c1e2e3d11abc9dfb8afeb9e3eef482c048dedca579a968bb14c3086b8bbe6ddbe09d585a4211bc14fe3b14416eb7be04214dbd0bb53d2818e92603fe4390123e8ad19f4dd579763c9dff7eda3dbea5198be83ef1afd151b01a4b8a2ddba7bd055216578bc5d7622c885e4c6d3616d342669a1806ef467fc6048a91acb8591b671c18f29821f142c506ac1e7b88c52a65d672b4a6880c33c77ad50b40523eac6bf557db379df3ac5c06d4789d73018784d97f0bd36ef795fc90830210e4706e9b22df9a0af86ee7933bc0c3a7a59f4d67be35fa3a28f0fad1d51ef2a55fb49258098f8060c8abffcfad86b26e2fecd261a85c5e1bb860dcb9ce08cbf96e719ba396972eeb071c694ebd8a9258b7ee599f8759854cf8abcbde0667110e3a2445656164db0de41a30180b261bb655339661bd695a1b55b5342a00ecfdcd0de9ecea8663605181a582e8170ce02ace5fe26095827eb7084c5962e36f1c61b631f9bdb0eb0dd9d58f7cc1fe9bb1b47e25b6d56e67960204a7096c11f99906bdb08e3331b5c3f481888da8a7a5ca1d10ea6b7461153db02968267480da51a0428d864fb8c3eeb2fcaccf15b070f4f840a55ee65a8492276888bd89242e707c4068f0c47997c68ea343311d5673683ecac34ea469aee3c15ea54cf08a6643d837646d5528880389b21f7e6b7e3f1b61a8b848fa2d1e3afa5de75522dd1d5f02d443c77979390e7480bc234a2708a6000afe4d491991655464027902a8a48050b34b76e8bb7b8d9cab668fc775cdbe40bd7581ce08a79344b0aaef98b4d6f3f6997e36bc9b27dc5ceea78f4fd5b3619f9d1f4d038c8b38eae82571040990bb22c32953a44279549873a647e4619c520b5538f1429b8d9087833e4b908406063d73ec019772c6c2d814c0bb07a7263a08be7cb5af81eec07931aaa177ceaba30dad2229f646006312299fa4c474ffb58f5fe7a61138f7b59d844e5dea613b9ecfa0feaab1fcb20f58fecbb445e8709ca69314aa565f929db6d4220936a8e81f2097e52a6bbd5c4604b2a06a539ca9e1cc9d61ca43c7dc2f8c96e6e6f94189806e9f55243d510955d8ed09435cf655bbd3035cc8a1f8850d7c6c15b8b3ce29198a71789a7028b49c5ec24c96b5c36b4b25f000b3341db5b5b68da63865e667731ef550ce8a5d88085bf0af7a9d1f664422e36ce0de19fa4394bdca605e57a1adcf1038c3e49aba773f0752742f8f9ce973111cc9dbfdc7c64d443f844e4b72aa8c2f9a9e53a6779a74a1b35656b7a0bd5c70094dbe00cde2188e49ebbbf4a4f348f1aa663b12e23f421eb492b884afd5716d9083be79c5b76b5f8202873390606bc058a557fc45d08a2d00105c8512ef1df457d3191993b414ff0737c63f81775a572148db0b22861f3e62cab1db7205300b035a8b81fa0c6f6dd915eb2dee49245924b08207b68f2c3866fc976a3582c013fe3b7ec1e330be60ab93678b67d2fb3bf3204238be13b0c09e330f273667e34ebf1c041e0b75fa030f3c211b064383895d55dbbd213f68d50b11b6a402c91bd73d4afca89883664345d257ba7f691966abe55a18276fc351e0158867fda1b7ce5e82dd75ff0fdc4280541cd30fed9cbe870584568a6471b3d406f91b0ab36802b068a6fa3abc4a1f914c0a2daa9757dba6c6e9e6dd29d0bf1e98c16e554490683fadf2c64bcd28688fb99c493fd1999bc134c538cd5d2b12a6676324859bb6a4b29a40e48ccc53c8799095628c4f6309f5ee46dfdb6cc9d5ba0fdfec7a8935d60cd1c9cacc9bb7c9e0da995d7f80b25334f9a08ce40d350f119d89ebe37da80c0035e879bc54137a96505dd3080423bebeb03831d13b2f8a15f17bd8270d6610e5497fd4d574e8d3c9d5dbf74657ffc8782bd9606510279b6e62d9cafdd3e1e454a11cb7edadd54ebc04524024706971fb7b9b05fe70717087a2c9ad75526c752e4cdedf26a4dcd90a94e4b18088132f68cfaa91125ed228d93618881f34de9c71bc223a0c41f117ec39ed618e28a8b8d13bc62e0395acfa992e6b7171cd7ac3bb85dfe42971e69b207df0621b2455c82b2348ad3e8bd47adcbf483932b2e2b5659c328dfe1ba26a96f4b3d5cf12ca50420541b87e016e071fcf483520e9c06c57b4ef13c1f4fb12c0760384dfc37be03c47e4ab090eb96b5c985e4833f1ed43d6f3736643506cb81199d1194b4f3e01b158322e4a4681138bf2d670c325f97a92d7cacce6e53a37c1db30fd4f82658758c154a25af4b34b9d7bb14efd7763022204acd46cd47d01b05990c714212c0595d6a8d2471ae63b4a546f88c3e58368ad7a3d7e35bdd11c03ef2d3080718d5f9570849df3d6647a0c19bb1b1963d6d24c6ceeb6060c61e165fa511fcca2be3cf24d7a43797416fd29a2ddef2baaffe602cee45eb269d9f2cdf1e8eada8a3325a9169e0753edc2c7b1a8e5ed04d3f3b44b089948bc1acd55cff9925727cf716abbe9f3bdf26fce76719010bd8938157bb9e8007c75c921ff532afcf3cc77c56733409acc3d92b31aab82e459c9702bbb8e2f0e307932774924f9e19e1acc8daf779c2b40c36f62131f74be57b502f3f09cf23dbffb9d0ffaa4205562c0262fef69d8b7a639afbaf546a1c8ab8785587159218c203d11be932537d830ceafca97fcc39090e2a2e48f9e39457445bd2d2d3b7e5065265a957c8ca827778ce6a44118e5ab0fba6547e60d7fc7553ee68173a915445a12dcaa2e4fe8110273182c4ffe26cd53c72ea7cf443ec54ff2ad8612dd0e0568f04ec2d3027ce30260951bfb629ed4e3ce24d96095969f5e3d4700627188f5c4ac2fc6cc5b9559657617025b83f69aaba68e43a78be881b18c056be326dd23fffee487bbaf5ff29fe631f0e6b77f17031221c4bb2ebf9c6ec0473b80ed1324c43e232ed3979be5007d1e3956ded7dc4dbb4dac54096d321451fc82f24ca9292a5b66daf808d24a8d697f5236f6deaabbc16aa42fcaed55754c819386a358ec789a34c27b6b4a26a86e036695b93ecd962ff77d1a2c84800b22bcf3a08a6f29d4e04e5bf629705391c384bfdf866dac9aaba86e206e6219ea9d86613619e2b291f4f59c09c23e7c17d8a36eda35fdb79f4fc62748aa00360e79d61b4f53abfa3a28452f5829d506da701fb31ce986e14c82d68a0d277104a6e8e3fdc9759f1d0aa1a040dd50c3c61fd0caa695d3f625e99b11aad3e617b173c94dea4ec871aca0b70770a8a2dd074e544b415d30a1219c7314e1b05e8d4e1e4ae518f3b59bdeca6deb1491ac17aa77f9f46ce4978b1a77b101eadf7c7c89ead370d2845f771f996789a37c4d9cc459e3c3673ddc3f661b9a2add4c891890d3c57ffb0c1ff65a1f85e26af859c7e022ed11e8c6c63d25290b4d4e6dfd50a3ef1899bef5c4c86e46c8a641a2130e229ad8af6b6a3cb6b0ed4342627a6be7c70893b7755bd1c32da837bba31240c4c5da11cc75cb0fd088eb41afeae3ab8aea039d3015c7fbc21ef4b00e594d7f823105bd436d1712e43bdcdc0cd4ce926f494c979e4cef9a39eb07a6185316b64ee9918d8c2515ae21aed76fe8864e5c17190406513e4faa175137c5453ffabcf71a248bf69ce97496c574cf5fd7b5e7672cf9fcdb5e1f6c360912eb36e8e42d4190aeb366e17a92897eacee474ca9284c75e7bef957de6c8c4fc7a777cd4675d5e2ff02d6cc567af923c528aa302f64cf4d515f4fa68d1bff3f650021e68dab7bb87605b665b28c36fa6c414a9d98b7f635a1692892d5d9eb01634d3921e608e351210d51f09dcca115299475fa4a0f462274975aa2b71466e00c541e3b6a4db5753188e6ed6b3a7c7fee12dceb6eff963a115ba4531823fc492220032b562dd132580703c5ce05c9584eec2e2886d1008e54c1b1e4f8873cb81c2b3803fe3fe5000dd0567dd35d47d497b01538c278d0398617efc33ef861b3a3cd0bf2488dd92ff1a8742b744d62b6a1fdec8de9fbf20593faa645f0946fd0edb9ffb7018bed429d19aff748a64d828ce976440f5531e87892b02f571aaf931f4c2f259c6cee6b45b2658e2ad59276ebd8514bb45d2648ac4dec2595c8279adbcd9953d20c6c1da29ca1acd72f3d9cb37ae1d2441bf999025c1daa1a4d6a01685855db4aaf616d2e96d50d2961f463b26437199d6291cd2592e0d55014eb3b7db238f248e6d4a00537fe987ef77b827a37316ac483dd893bb083f20c61959b04d17cd44535e0b82723436a1a56482554706e7029a6d1c04bf2c5f88a97731021f52ed03c94f49a67032c1c21ae3829fc5f8db36ee506ee93c445b24f968aef0b53532778863daa4a538cbad30f814cf453b7ee9ed377ddcc21bd3c27366c5767af57390d6c2cf8c3d768be57d5d04cadfa8ece4970d53ad93b669f9281925529a43d8cfb5e3fc27505b8c6de78c9860208d37e82b485f37297f1b4394227ca3b30184b07ab774bd4a2e9d6992b8d9b6a3aa54e3a3a3966197dfbc1190d385088ea62c6ff85aba84d683d983da4cc17efafa4ff039725492c28edb479b6b1bb0a2a327d8f734491cffb5f37504938b16327e36757173425ff", 0x1000, 0xfffffffffffffff9) keyctl$get_security(0x11, r1, &(0x7f00000010c0)=""/130, 0x82) 12:17:31 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0xfff, 0x0, 0xfffffffffffffffc, r0}, 0x2c) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) 12:17:31 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x0, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) [ 453.816397] *** Guest State *** [ 453.819768] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 453.828909] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 453.837840] CR3 = 0x0000000000000000 [ 453.841584] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 453.847713] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 453.853784] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 453.860536] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 453.868633] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 453.876713] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 453.884830] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 453.892916] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 453.900958] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 453.909064] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 453.917169] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 453.925302] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 453.933408] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 453.941430] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 453.947964] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 453.955509] Interruptibility = 00000000 ActivityState = 00000000 [ 453.961770] *** Host State *** [ 453.965097] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fe72f380 [ 453.971164] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 453.977802] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 453.985731] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 453.991677] CR0=0000000080050033 CR3=00000001fd5c0000 CR4=00000000001426e0 [ 453.998823] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 454.005605] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 454.011692] *** Control State *** [ 454.015294] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 454.022037] EntryControls=0000d1ff ExitControls=002fefff [ 454.027519] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 454.034612] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.041341] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.048036] reason=80000021 qualification=0000000000000000 [ 454.054456] IDTVectoring: info=00000000 errcode=00000000 [ 454.059706] QAT: Invalid ioctl [ 454.059959] TSC Offset = 0xffffff08f06e780a [ 454.067603] TPR Threshold = 0x00 [ 454.071000] EPT pointer = 0x000000006032b01e [ 454.086087] QAT: Invalid ioctl [ 454.123212] *** Guest State *** [ 454.126652] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 454.135831] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 454.144813] CR3 = 0x0000000000000000 [ 454.148563] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 454.154665] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 454.160677] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 454.167512] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 454.175619] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.183824] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.191963] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.199985] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.208097] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:17:32 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 454.216205] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 454.224374] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 454.232482] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 454.240502] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 454.248689] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 454.255206] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 454.262776] Interruptibility = 00000000 ActivityState = 00000000 [ 454.269061] *** Host State *** 12:17:32 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000240007031dfffd946fa2830020200a0009000300ff1d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x7, 0x8a, 0x200, 0x9, 0x2, 0x5, 0x7fff, {0x0, @in={{0x2, 0x4e20, @local}}, 0x0, 0x100000001, 0x2, 0x3ff}}, &(0x7f0000000100)=0xb0) openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x10102, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000140)={r3, 0x7}, 0x8) [ 454.272426] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fb0df380 [ 454.278456] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 454.285044] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 454.292964] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 454.298948] CR0=0000000080050033 CR3=00000001fe9dd000 CR4=00000000001426e0 [ 454.306128] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 454.312935] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 454.319032] *** Control State *** [ 454.322612] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 454.329318] EntryControls=0000d1ff ExitControls=002fefff [ 454.334924] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 454.341950] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.348660] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.355354] reason=80000021 qualification=0000000000000000 [ 454.361705] IDTVectoring: info=00000000 errcode=00000000 [ 454.367287] TSC Offset = 0xffffff08bfcc4c97 [ 454.371642] TPR Threshold = 0x00 [ 454.375126] EPT pointer = 0x00000001fe6d001e [ 454.412439] QAT: Invalid ioctl 12:17:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:32 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x3, 0x8000) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) set_tid_address(&(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000100)=0x4) socket$nl_generic(0x10, 0x3, 0x10) 12:17:32 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) 12:17:32 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 454.436326] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. [ 454.472896] QAT: Invalid ioctl [ 454.506327] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. [ 454.766235] *** Guest State *** [ 454.769705] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 454.778743] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 454.787773] CR3 = 0x0000000000000000 [ 454.791517] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 454.797669] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 454.803807] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 454.810553] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 454.818689] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.826784] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.834914] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.843032] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.851068] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 454.859203] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 454.867320] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 454.875556] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 454.883647] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 454.891652] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 454.898251] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 454.905805] Interruptibility = 00000000 ActivityState = 00000000 [ 454.912162] *** Host State *** [ 454.915403] RIP = 0xffffffff812b0dfc RSP = 0xffff88800fc3f380 [ 454.921432] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 454.928069] FSBase=00007feb364db700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 454.935995] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 454.942055] CR0=0000000080050033 CR3=000000005e222000 CR4=00000000001426e0 [ 454.949118] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 454.955937] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 454.962129] *** Control State *** [ 454.965633] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 454.971616] QAT: Invalid ioctl [ 454.972439] EntryControls=0000d1ff ExitControls=002fefff [ 454.972468] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 454.972491] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.972512] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 454.972531] reason=80000021 qualification=0000000000000000 [ 454.972548] IDTVectoring: info=00000000 errcode=00000000 12:17:32 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x6}, 0x2c) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x200000, 0x0) write$FUSE_NOTIFY_STORE(r1, &(0x7f00000011c0)={0x2a, 0x4, 0x0, {0x5, 0x1, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) sendmsg$nl_netfilter(r1, &(0x7f0000001180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000100}, 0xc, &(0x7f0000001140)={&(0x7f00000000c0)={0x1058, 0x14, 0x9, 0x300, 0x70bd25, 0x25dfdbfb, {0x2, 0x0, 0x3}, [@nested={0x1040, 0x3, [@generic="4304447d95e582148b2a7b8d33f675dce7fb7b8e0402042b074f21900d330db89410443bb298eaf188cede65268f6cac0d5f417edb779bcd05737647250b3919eb334b2637803781ab8ce5cdf624687a021c9644ccaee3d8c8324cd5e29fd37093ca12aa78289300567f7d9af8c1a9e9e8f0478e843b717572ea62f0fd33a85933ac3595a316e2385674cc9213eece1242e911221ad85dd55868667e5d51fbbfa750c3fd89984ddd5772e514fdff79e9613d4fb31b7b134c17450772421cd5d3061506e23247cc70f084d5dcd2e97e9296c263a4281a1cc57b401072a265cbe5406f47f54231d9775e6fb8751d6921fb62655da4992184807e93ac194a9880f3d1a79353a88f50f569389add9b56ea045f3857f77062a8c47bc201db890e9a5da4e77a55245338f2469c27597ef88b222b7727657c961c2bf695107cb3737ea7ff9dd299bb16a44d4987c5c40c2e1074d5867d4d89c6a46ae1ea15512443aa82f7c5a85b094ccb4ed2b01da35390deb5dfac9c50f3eb24c95a0919ac470a93f523a9fcd2799360e8ba5994b4400a9204a33af5d0567eab64af5082f5f91814ce7b65526fcf2c7ac3db2fc22c8c360f84036870c744ec7e5454a59a36e5b2729269dbeb1fb898ec74470c78961ac11d2faecade6aff453a3a36ffc0f3b270b88d6bef8768969609b6e0166c2ac23bd630b39647ce12d7b83d82e56ac71be8f91d752fcc2b7f25446c8055f400dfb8155aab774f9b170ff002d6c9a75e1d9f046f4b3974c3185add36f4ea86c438a6317adffa358bec593910f935fef9560cd1b168c13ed30a5bf8e91418c01cbf24ab001afbfa788fcd194cb37804b35f3a2d54791a0312330cda30955c7849479a1f927e7354ac5d0d78d29df4402bd6614873c623e74fe9dddcad98386f403cb3b6a0556428d74a1561655c31a0b9c079247e38ef612c518dff56f0941e7819629317ea11aa1f1db20542f62705a4cc5fa7a34f1513e9f0d7edd5d4d24092f78f9b5b82b069705b290d5e5faafc76c9c31a51dce3608280e17e91af0291d3e28182fb767c11a141f36c611e4694ca7cbefa7e807794d16760b410b067f967c695d15a5ac4e3e8a793715bb188c7361cb58c1b6fb15982e3e380e187aba579489b319a31aedd9dde341f5876045c292a038b71e927f078bcc6d09880b2ab1c6277083416c566d7f58fdb777cc1310bb540187da7ad4ea307e0c382854e55a00a4a3f8c8cd1117375dcd056f296380157e1f7c479f8c978009500bf6fc44dbf24628474eaee8963e50509d342a9b423b3ba5bb63e27fee3eeef63aaed21f6ade8d0edf904b53deaf3f5f7e04105e543bcc4e58bdd936db36be800d7f213ca5935ab15864feb6607d414a147dfee7e879d8a85bf047f82e304bb12c7b8f35e3c805cc7be8cd1b4b6002b452de231f88becf64ffe60c9ebe0cdbbb74791e17321008c43fee7f13ed8bee5b409b54a9edf1a39273a3546e49b809308b9672a1ee2f73ae43ae64e1c58c71e1eb6e0479f58ea00289c89b8177333e7ebff6fe32f1f6401343e0831f5034f7503527dea7ac6045b957d64e3f0e6fd39fb5ccd71c111c4ca9ac4f5f74966b2f8e2994c2cac733f0fb98ac6019429cd5212c540795b70a7885bd7bfaf84b5d23aa6f9f56ebea3cbf513ec3628c194bfdeee1eeb03c674475fba76b1389f8db1073c1622f2d555e71525671307c870f6ce258d3db94f2ddddb5664fe3140cbc1e4bb9ecb333fa1ba7e1edba9363a50e4b1c13a804e2ebb3b542bda232c57ccf965216ef959ad1eb6a5daffadedfe0543ff8235c201aa11ed800e3a100ae80992d3fead6e96864081a72f9213fada2fb0abbb89dbf6dd956eb694aaeb9fb640c48df2686363a0e8a5128bc01e46d09c3a45afcdb9711b81d96cfb9f199b5958679f490a4604adacdd5f80b5b59d035d630486b4ba7652415bd6b6f04247cb98796f94ade495a7ddc650e609754e792c4932da6945f2a6f40e71a9ea38a39e725eedab88c99da3867433fa45feaf27417ca3d227aca08a211bd32a2ab29c00b6239a566bdf1d0e7bb460dc622400dca76e748ac1647892dfa026a2b138247b3d4dc725182376bba60ed49fcf5cc7aa4061c1a32b6319f263033ff208c9329a2055ee8404e43571e176960a6902211045bb5c0f0e90ef0696efa39edfb5ead7f2fb3be0c43ba84467d5d20bebcd7dbe54f293aaf0c138f0bceb962d7e7d7a01af4352f39a775a7d7a20f47599296d82bafbd655aa5cc2a021446cd01791d2fdd0c87f7391ffb1fd0878296b5c68047b27141ee7daebba25ad38215e67a6f475c142180e3bfe58566c7a8311eb3626e34b2b8228fbd802779f17ab8acd5791a7414a68e9bab1e44a90f5370e33a34f17d25a4aed1a6bf9bc0887a9720377f4b277b780f64f1126668f7db0518f0da382fdef1ff623dca02fd2464f24d15a6d668ea0500dd7ee11ebd1ee59b068b2cc4e498f5f8c66927ee7632f6aab5e7fe17d7d7a08bb989921bcbe59172c28318bc659fe440c7007aaaab840310dbca1a1afc14df77332006545eeab150ab2e67d5bcec021c91d7e8ad521422b36091c0d497f38ae31762400d9ab3a0971d7b4b8cae660058c73e8a516b8ce4bce98c6803a7b1f1d454e0409e056c71f6c7d0490d841d04ab53593aac2ea8886637b67500d0dfa12cb557172faa65567b371628123266dfea1ea32dbeec5220f2dfc8aec66a7d91eea8b5f78ea1cb1a36ca814282ee287f935a22ccd6624fdf1d627cefca87e71a354341f19a59a67085e28a07a51157c3d34b0c66367c26633a193d6d93bfc6c84cddab9847ef6222d589920d499b0c17aba52ca9506fa429844e90c513fad373be8560335045c9629b0aa0ea623f9204c2f67392442d8928341dec43141eaf355b0eb8e16265f181d9331bc7e491d35d8b9d8aa9345e5154ec642d762baa896e539ec943931e4f6e2fb93d1c74eaa41dcd994901764ddea2c123b0a4fd820d4e50a71a959878c4fd9b5d0bad6c5f5d82f2cd63e0a9fd0fa66fe2268dc82d37db00ff1ded71198bd937131f925a5ffa1a5028d8e612ee53c82e531eb6430677861981845af560fb997a8576a0da7627e2ec9464d009a2f8982bbfd7b11f8f661fa8b355329d5df4d684d3f2b4a24bc9d597e40ee44c6ddbbc56f051c153b942d8a7932091ccfe245781ed7bab925677e947fa5dc302496a1adfab02bc816e318aa346c371425fb3150cce739242399f725565450bf3d8c05092c279fc01dda79169c408ea0b3bf89e3124f82472e310aea798c8cbee86dae3deeee9e230ce96e43afa8e99664333fc6b7790f26ab4a08224bcc6b7b9c604ea2417b754e44c9b2fd7572b64cd6bdf4175543c6d0a8d764e156121b5312c8bd5c9557726a9712ed4b612d3b83f94be50518e59fc4ab42f546ce8d7bb3f954c4f49d8e3f43a5ddadd21c278d680c68efae5a9ae9b54a916d05d480bd5b68255b87306ed7a489c780c47dcd4f2e57624ff6ffbf8e5353c94117301fdf15145e65b0e4b49039571ece68afefb2e8eb1c456f37d186403ca992cf75ab0ef8e2f1f27374a9c42161fe856820df1ec74dd6390d560fd95aaa9ddd4e4c61399e3922ec08779be4e2a3953d4b59756df55aa5946431cda1f0d69917adc762a3f6621af32a77e929bd439ab5d7c432100ab40b9a07d60fc337d3ce642896793def90a6cc83b0c3cb4ed3e285f1794f0170d73389fe4c4f2198476416e164ae96f825684036f5197408bb9c2d14cde52842b22be5508d52d5bb87cdeba7230bc080690e99ac48ef475a6d41282e3262c6ac97ef36c0886e558eede6b98767ac3ef245f79501ea64eac2d51f7778767eda45e7b8fe1058ea459d9a61f6ad9abbd8efff51c84e18689c1027d07a50080ff6f0add2f2d7e2deda3539f9c4d1f63d51e0ce289f2ba02335b7a8b40a2ae7ba5b64079b899bcadfb66c84e02d4fae6edfb9f6d658f40bd120d2510c9869839f8b0f7d868b3a48a3e5099e40eebb8b47ba34d3166b046a4ee2dd85042490e0d07f73d9a792110231a34e24c12f357da16235a155b895b802d7d91bec799995cd8e63ebc1f7986be9e8eee8cb07db45c90f3efddd3cb626eb103f72c07bb222f34e4ab8ae4c53867861a239c587a6a159a311af6068d43f2c76e2a5f6109a4f0ca125b4a8d451255815f3a4766474fa9ede630de691783bfebc9a57a0e32ef91df815af3a0eea45b035939a3a01ce8a92d1ed0da4149467ca54ddb087ac58dad63fd13be557e033b82c47531c1648de84c2ef4572c68f6522217f13e7cce0f884a65e49bed7f9c689d9804915badfaba515c38a6323b90aa283403304a5ab1dfe9d361b46cc58b49924739b9323c98863b59f6ee33770efd8dc3d286da99daa3e30a5501985a2d5f18e1f8617d3993cefc96264cb1a07bbc652054daa2a50149b69af0bda630ea4915d8177f93bc5facf6cc785d8ca6e3350cb8b8425166151b3bf69e491426d83c7dce6d98a6e4215c5e9b064abd8c43caf35a43def9d4bd8b264581c4a683fe3026349b00a1ea6148dfc32cb802c8414f1a6e9d62a67dec3fc0eb69696e5ddc85c9604ff6d8148dd90161e7eef700404b9b9f02fc74fceb4b3d48419f2f5a2e73c86dcab9b2ed0649b57a8dfd492a0d07b129a897c4b49aba4305adf7b324ffdbbb00e66cd6e338c3776eb56dfc0c15db04cafa0c08e305d86eafc7b88737ba34f3f1da12ab13f67f5ee9d88e394e5c050aa4b4415e42cd87f54637260ba194ec90e1636ec3e9fdbfc1fffcef04425c60ba937d49142bb539754d0fded66e5e67233d6e57bfad9bff454608663cf6edfc463ae8e0f63be6585deea4d1112121219596acb73e0a2a90be8937f4f96adbc66a561eafd1b4e139538c358f7bddaf5e0fe5a666d241aed3be705add5df2042bbdc7f3629a3b474a2f0e8f4c319986efcdf8fb4de06ada7d33b0b94d34d0bc9d89c09c57a1fa43c2bdbcfccca43f67c665cf2b6b66df12757c484e482c634ce5d1e2cd2bb367edd06c00b50b425b7f8e56eb710eef046e889083d4070f46d4dba5607af4afc6851854c252664ca05729243e6eaa18f18c32f74f7a0901ddb46f82df0a54e828c15a6c62983dfc3c89ded98fd675b5ec2b09b6f99d539f0203c6f4921fd02cc3723815b69bda5e90aaf9f8cf24d8e70ee60685ade3321a6708769b267db8b2617d85c2a6fa653bb83080438ff41b2d9ec211b254dcd858101ebef5682d774118be0d9b039ac04f26c9e4b852c79bd97573ddcf79d8e73fe79a147e54b0591bd39b656eaf2e011e383b1a03d537971ef9e83e16a76c0be314de83a8864b4cb3f5760663c1f9dd641d1d3a6bf759433bd356926db3f7ba48e80a6b20a9ae2540246a38cafe0ce4dc2aa3732a7cf36f1624a0bda388c8c7c393aa99fcf44e177ccb442f6409fd4254ebccae4be55753192d9f868a3ca159669cebf2b8373ae397043cb98b38dea96320418ccd5d88bd31fe7286c4fa6fe15809443b0872279b2a50967e1f54e150888eedcec7eafee6c36596e996db1487d6647bbfb4e2db3dbbfcd744b65d666a79d4ac0c68754918cca8e0cc7fab3533a387cd4b2507d1425deb16b767f97ad889ecfcbf9058d6e1513ec8800d87f29f02ab877478259bdbc78eaee91adf58bf558e5ecd41ecbc7ff6a7d2d0ab67056af80c348154ecb63dc30552462cbb887d3d1446642a453d7956de86248fabc6e3384fd387808a973af82d1caa2e93437397f8460a4", @generic="066ef0818b925d", @typed={0x8, 0x1f, @fd=r0}, @generic="4fa514a837882e8322e82473877d02d4722231189566ed83cf95d5cf04d3376f95588de5341b1e39291c2b97"]}, @typed={0x4, 0x80}]}, 0x1058}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000440)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@initdev}}, &(0x7f0000000540)=0xe8) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000005c0)={0x0, 0x0, 0x0}, &(0x7f0000000600)=0xc) lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r2, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000840)={0x0, 0x0, 0x0}, &(0x7f0000000880)=0xc) fsetxattr$system_posix_acl(r3, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f00000008c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r5}, {0x2, 0x7, r6}, {0x2, 0x1, r7}, {0x2, 0x1, r8}], {0x4, 0x2}, [{0x8, 0x4, r9}, {0x8, 0x0, r10}, {0x8, 0x0, r11}, {0x8, 0x7, r12}, {0x8, 0x1, r13}], {0x10, 0x7}, {0x20, 0x2}}, 0x6c, 0x2) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) bind$unix(r2, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:17:32 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000040)=""/140) [ 454.972563] TSC Offset = 0xffffff086c3f403f [ 454.972581] EPT pointer = 0x0000000010ffa01e 12:17:33 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) 12:17:33 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{0x0}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:33 executing program 4: r0 = bpf$MAP_CREATE(0x0, 0xffffffffffffffff, 0x48a) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x24083, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90) fdatasync(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 455.271276] QAT: Invalid ioctl [ 455.325936] QAT: Invalid ioctl [ 455.329549] QAT: Invalid ioctl 12:17:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, @in={0x2, 0x0, @local}], 0x20) shutdown(r4, 0x0) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xc829}}}, 0x1c) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet6_tcp_int(r4, 0x6, 0x2f, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:33 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x1}, 0x2c) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x0, 0x0) bind$rxrpc(r1, &(0x7f0000000180)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x7, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2}}, 0x24) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000100)=0x101, 0x4) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8001, 0x100) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x100000000) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:33 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0xb1, 0x0, 0x15, "be3f2c6c530dfb1c0b5be3769be6c365", "f9c8c728be0147fab00b457be7da6a08fc7a5469f2a7da287dd67fc97443686690c53afe2f711b316d243bfd9894b2ec37ec641fd5416bf2036bfb91b618890b2c9c935c75e6dbb6bcf0debc20f5ff77e4137ffc7bb674c335d6c2a101b5bbf11be95a646e61d90fda3eb0ad9d3083e945c45a332ab9c4eea99a17f75ddf7b37680a11aaa72fb70ad91c86af723277b067294fdd88385fb423bc9f31"}, 0xb1, 0x3) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:17:33 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{0x0}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 455.548741] *** Guest State *** [ 455.552224] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 455.561103] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 455.570080] CR3 = 0x0000000000000000 [ 455.573885] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 455.579898] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 455.586134] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 455.592913] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 455.600960] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.609064] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.617213] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.625285] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.633356] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 455.641381] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 455.649500] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 455.657580] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 455.665700] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 455.674279] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 455.680727] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 455.688297] Interruptibility = 00000000 ActivityState = 00000000 [ 455.694625] *** Host State *** [ 455.697875] RIP = 0xffffffff812b0dfc RSP = 0xffff888010aef380 [ 455.704049] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 455.710518] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 455.719050] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 455.725085] CR0=0000000080050033 CR3=00000001fe814000 CR4=00000000001426e0 [ 455.732252] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 455.738962] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 455.745194] *** Control State *** [ 455.748689] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 455.755515] EntryControls=0000d1ff ExitControls=002fefff [ 455.761024] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 455.768081] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 455.774903] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 455.781526] reason=80000021 qualification=0000000000000000 [ 455.787980] IDTVectoring: info=00000000 errcode=00000000 [ 455.793516] TSC Offset = 0xffffff08051f59f8 [ 455.797868] TPR Threshold = 0x00 [ 455.801273] EPT pointer = 0x00000001fbeaf01e [ 455.827708] QAT: Invalid ioctl 12:17:33 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) 12:17:34 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:34 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) socket$caif_seqpacket(0x25, 0x5, 0x0) [ 456.019734] *** Guest State *** [ 456.023336] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 456.032335] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 456.041205] CR3 = 0x0000000000000000 [ 456.045037] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 456.051064] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 456.057173] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 456.064111] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 456.072237] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.080256] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.088363] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.096456] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.104630] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 456.112761] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 456.120832] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 456.128966] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 456.137069] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 456.145167] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 456.151630] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 456.159211] Interruptibility = 00000000 ActivityState = 00000000 [ 456.165561] *** Host State *** [ 456.167877] QAT: Invalid ioctl [ 456.168805] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fdbcf380 [ 456.168849] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 456.168879] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 456.168905] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 456.168940] CR0=0000000080050033 CR3=000000006bbce000 CR4=00000000001426e0 [ 456.168975] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 456.209279] QAT: Invalid ioctl [ 456.212308] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 456.212320] *** Control State *** [ 456.212343] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 456.212362] EntryControls=0000d1ff ExitControls=002fefff [ 456.212388] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 456.212409] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 456.212428] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 456.212448] reason=80000021 qualification=0000000000000000 [ 456.212466] IDTVectoring: info=00000000 errcode=00000000 12:17:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r3, 0x400443c9, &(0x7f0000000240)={{0x5, 0x7fffffff, 0x1, 0x9, 0xc4}, 0x10000}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x200, 0x0) write$cgroup_subtree(r5, &(0x7f00000001c0)={[{0x2f, 'cpu'}, {0x2f, 'rdma'}, {0x0, 'cpu'}, {0x2b, 'memory'}, {0x2b, 'io'}, {0x2f, 'io'}, {0x2b, 'pids'}]}, 0x26) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 456.212481] TSC Offset = 0xffffff07c3d91167 [ 456.212495] TPR Threshold = 0x00 [ 456.212512] EPT pointer = 0x00000001fb72201e 12:17:34 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{0x0}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:34 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0) 12:17:34 executing program 4: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x2, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x6, 0x1, 0xb, 0x0, r0}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) 12:17:34 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:17:34 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) [ 456.729435] QAT: Invalid ioctl 12:17:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000340)='trusted.overlay.origin\x00', &(0x7f0000000380)='y\x00', 0x2, 0x2) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_tcp_int(r2, 0x6, 0x3b, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x20000000040000, 0x0) ioctl$GIO_CMAP(r5, 0x4b70, &(0x7f00000000c0)) ioctl$PIO_CMAP(r5, 0x4b71, &(0x7f00000001c0)={0x8, 0xfffffffffffffffe, 0x2, 0x9, 0x4, 0xffffffffffffffff}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f00000003c0)='./file0\x00', 0x8, 0x2) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:17:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:34 executing program 1: r0 = shmget(0x3, 0x3000, 0x80, &(0x7f0000ffb000/0x3000)=nil) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@mcast2, @in6=@ipv4={[], [], @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000000440)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0xc) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000540)=0xc) fstat(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socketpair(0x5, 0xa, 0x8001, &(0x7f00000006c0)={0xffffffffffffffff}) bind$inet6(r6, &(0x7f0000000700)={0xa, 0x4e22, 0x1000, @local, 0x3}, 0x1c) getpid() r7 = getpgrp(r2) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000600)={{0x5, r1, r3, r4, r5, 0x88, 0x5}, 0x8, 0x5, 0x8000, 0x5, r2, r7}) r8 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2000000, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000040)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8) syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0x987, 0x80000) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r8, &(0x7f0000000240)={0xa0, 0x19, 0x1, {0x800, {0x80, 0x0, 0x1}, 0x40, r9, r10, 0x7f11, 0x77, 0xfffffffffffffffc, 0x8, 0x5, 0x8, 0xfffffffffffffffb, 0x49, 0xc2bbae4, 0xff, 0x1ff, 0x20, 0x4, 0x1, 0x6}}, 0xa0) prctl$PR_SET_NAME(0xf, &(0x7f0000000680)='\x00') ioctl$ION_IOC_HEAP_QUERY(r8, 0xc0184908, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x20) 12:17:34 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x101000, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0x0, 0x6}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0xfffffffffffffffe, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x28, @remote, 0x6}, {0xa, 0x4e20, 0x1000, @mcast2, 0x8}, r1, 0x7}}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x6, 0x0, 0x8000000, r0}, 0x1d8) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r2}, 0x2c) syz_open_dev$swradio(&(0x7f0000000180)='/dev/swradio#\x00', 0x1, 0x2) 12:17:35 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0) [ 457.129959] QAT: Invalid ioctl 12:17:35 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x10000, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000080)={0x1, 0x0, 0x100, 0x6, {0x1, 0x5, 0x6, 0x800}}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x1, 0x0) clock_getres(0x1, &(0x7f0000000100)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0xd0, 0x4, 0xffffffffffffffed, 0x0, r1}, 0xfffffffffffffea6) [ 457.191588] QAT: Invalid ioctl 12:17:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:35 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000040)=0xe) 12:17:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000001700)={0x0, 0xbe, "bcb5abc9da8d4cf0eb2189bf2140749f32fe843a968592d70e1779fe2e523c2156b051740dcd3a48672d6f34c7b322223684a438cba77120e9a46868034d93c2597e4f9ef9c3ffc1fd7d3ff1702dda021626c3b9e17b76ce286c174b5396952fd1d8739e983d68df1b3068c75b402cd72df4d6413145767f0e2fb2ec4832d2e69b419abe8a52566cbf161ee91bae02cfed745197ccd4ef5b5e2b93095d905a97f1c4bc985d36291525b76b6e8636861fcbd859748b2e6a26b2b35e89e8aa"}, &(0x7f0000001800)=0xc6) sendmsg$inet_sctp(r1, &(0x7f0000001900)={&(0x7f0000000200)=@in={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000001680)=[{&(0x7f0000000240)="7f4eb7e3eb9cc95f7c9a563cd687214ca1cd0dafdb4b98d0833f0af1f25f54e0be1f7d162c2bc87a495a8542f3b72095ab", 0x31}, {&(0x7f0000000280)="c348c60670fce63d3e4cce709882fae8dfdbc8112604e1ad05a6669e2f79ac0b3e0269d436eb4c633922f158450b054877c28fda960d8130fc94fb0c280f581efd4ef46b2f3c119b2212d2d63a09a0ce1a646713c0cbda8caf0ae4a9deaa4db0ae9f018de4a70f21e57ad03537be8256cc5a6d0d56b47d7d1219cdd29903b71893faa9da0e6f4056842a22e0a65056a4bb0c", 0x92}, {&(0x7f00000005c0)="0f7b39f9d1c909e8703d2e4982ce9bef5491c0f0debb55513e710cc8ff61f3bb7da31c3eb09ce3538867c2778d3b2d0ec967f1ce89cf56b013c296b762c79c835d789f342cc6ed6b42479f6a844cfcef6b23c49ab820028719bb5f8e4589ec3d1d0bef7923200cdd4a99668c4b6509b96f24e8c01a7cf9e65f1126d08fb0abaf7bf3e9ab3e1c8c61005d7cc71baec34fbdb380f69dcd9d60ed415951a62b6ebec096cc081985fdb7d026e5bc7701e034028545256864cf6cecdab32c1268f1ab0f8f10469bf0e20e98103a08d8948db1d90e2d3be7392100d44ce2d4f3d4d5313559b5da92303d8c3f0aef48a388af237c7394e45c223ccf2a8bb485c3112d7e866513146d55eeaa61eead07904a7889a7f849d82cae3bbda517e9a9ba4284447a861cb1324a6473da986e73c8dec7e9e4e596099167a2b94e078bae0d4fa3dc753b764cf495ddfb12aa718c4df50a97eb346af2e7f130f74bee260b4764f18fcd24684b68eca8620866951e7ec3f91b2969a0fb607f2433b7f782549bec96e6589736d557eec2575e39786143c1838305fd6ceb886f9bda19e44819907a2b5da5f9890817ea6e6b6e9d1da5ea76afaec8b2882b5df9431c35e6531084f14b3bb94579fc45fe0fdb577e9efcf318d8ed914cce5d150b88640981f015d0eaba92928714d3a186689bacdf8be53dc70bc17d9893d7cbeb7549928781b2d87d1ebca5ad6f28df694b4c284888027a2e406a90218825e64490f74b3009116fa40b446433a753bcd58de60b56c688aa47272c549c6b9681678123f63065c8e1d6357b6662f7afd66400a670679b8658e75e121dcbc0a06ed53b2e51b6667d257f651912252d3cbcf1d9a1357937a9d9e25346208e154606bd3de7d4152e9580727f77bf45a7519744d3ac9a7a6e108fc9fa604d4a65c0a4ad9fd61af5f1db29df45e0fba43299b176dbde21b84ecd668d6997806a9442281a718826ce2b622fd6b3ccbab72bac4c69d78eb69b729e758eabba60a10694783fe46fed7d4f2dac9ec853e17af80d79a16d88c185480bc493397746127eb2a13fe756dc06313111ac86cc574aa1ac5dc8a345707743f8b4b8b22142ead2d88dafd53726db759b6b6bda50f9a0682315c85229088538e2a5fd55e553916f8f8cded66133ed2aba5d80795d850976fec6bff4c02de679085090f9b1eefb4654d213332a3125ed5e978565e47830e02ef65c809d1cfebef7c89d090d115bfd5aebf7af7fb91f22f1ec5e27cecc3c3f47906b3118804289f773485c645c554f38b93afd22b425287c6032a5709cc3965a5581a8b1808b813fd1337630156597198ae26e26cc48c39531581c36bbe9b5fd2ed17d7aeebcedaa2528f2dd355ab38c2b709c8f8539ef0d8b0c75035197775d823b9643a966df92ef2f21cd504d66817d157c876c0a9fd985eff1df71d01a969c10aa55f4f9ab1ba8c05a4e7edf76fea6a0e5d82cc387c8eafff46b66bce617d69d8b2cb6c4d868b443596b9dc8fe7d2f9e2c5baaf89a08cc5f90e76d67651116f5798241bed368826941f6f618e142ea3b098648af9851866e4d9e5e5e2326bd1d5f5b73ba28678dd8eff6060055c6728654cbcd260f2e9bd3e26d41b9afb93078debad57fa8cd39138a7c6a38d3c0af128e2749e50b6acda8c3c2c65405259db9e16e894fac8063be45c23c5c64053091aff968e709a6be364c895642a2530a6483a49f03f19d78859e3dc5d12fbbba6bb8518f1d516d1ca59fb123ddac4bd1ff1d3609f44a7ed7866dc24eb7571b0a2211b1399a41087234101c7283e717f858f39e40bbd70567ef87714a061242b10e99d0231f5cdaf15c8c1406aa8bc2677e2f9b739f62fd5795b9540d6c505f56bb0c78aa05f284077c963be695d6771f9d27eee1f3045f9c06d7d6faeb1a0650fd4c558872f0e4140835994197c53e0b8d8179fd8ca84c0a38908f893037b1d592558637e95593d36728e9966e246b8fc5b05d500608b52cf1b835ffb0483b9706d911a80039054eb2711085e1369a7fa4d2bc0dc2ee5bfbc75ab2be0da8d839d1e4129377ae4306c9a2bdf21d8b5b62b02eccf827ded144c8445de5539d8d4bb9e33cc3c2f5defca0546b7a0418c026eb8439941815c5b57809fc0672166585ce21d15c3270aab17cf70986e412ad9db2d3913cbad9123be96526820a9c71f9667ebfe60351085d8425435aff0340142e88878d10c98202e339c26fba37b733040eb5d562aded0acc990beb84c9d39aedffb5df8a97e2b4284ae7894d16538d9b2494f880cd8a4f8de548a61481b717fb52404f338d98a56f57b478b8956cdff065ad3c8555934cffa4f64b70480e4e61bf0c4b10510ad62cd3c5b295ec540abc205a55eb0fd415bcd9259d64c25e3111881bd07b68bb6f90a96728672320d6882a1b6ba61474ca4866b811e13366f6982d58cdbbdf3c1bf5bfa9be48e3fde2b77cfcf307567aa427368517950dcd052a74b9bb6b902ef2861cbea34dc5c8d3b513cd1e9f83e26e793bd0510c98b31f673cab2108b3d468f73e3366ebea433f4dac3c79456198498872bb68255ea7d57d0a1dc3d8a1c98efbc1ea148abbbdaccd8018a5de7ee627a1955d9f1c0508b7503a18a91fe18474778fe7c343a0d4f5ab9e385021920917c545bd6a70650eab813a644fcf853479d6ff2f4eb85732c6b0cc7660ab0d7ff531845d5e047bfdeb0f8cd84c9e82ac280653b2639ccf9fc95ad96a123d9458866d68ba5a880d0bf131aa014e5a4babdaec92d311b86b135b7d66108dc0607cc3a429eaffeea62eae570227a714f31fad5ad8efe9489209f84b1e6441234fb2a343df5618e2b473c29214cc03fbbc826c5d5c35365fd1a5d3df3b1cb9f571dee06396a29fdae8446ca57121900cfb7eaac82cf9ddf9e4d1840479cf23d04cb99d0bb43150f1464df46e1aa4645717a6618de6580f06b2aa61b8b9cddfb8b69d6ae2673cef2c4be2a931061430baa4345e319e9bcfb6828bd6d822974a1aca93006b8116ccd6f13e87c93ddbf32a34cef37cebc8c707e15f7529402068a1d8e3b89f195a2f51f96c614f385987292e10632ff4f41796bcae02f9c4623bfa8c8d79c2123f372c6f6a8dc910b8f4a91f4981d155f10771db9aa716c5a3821be49a38c03539e8926f820eaebeb6441b5905ec1a58a2a3955b861f13053eadfca73f1e525124603256e16ab8586974932d25df770891eb0436be2fe3ec6ab812d0d23e4583fa9af8be02b65cfb0c9821b1e06f8acbbf09c2fbbecd96c1ddc7a581c6c710813ddb115fda69b15d478b020c67ae5db5727a34ef2804706a0dacbad2bbce9712fded1cd3b8d4d671753970e6a82386a10a8ab4f51e97bdfe24b4b49d12ae9a01efa86769a2f21284449ffdee338a3f9ee802b71a308c3305b62155c37d56653854ed26afb6dc7f4704f9096b67df7a8a2de4ea0fa639e167dd38050f55b1f88c94101d9e73ff3d126d821c7e000508aad583d80064162b0161da87b3360ec78ec0616c80871be17b1572084f5e7038f083f240c53532db241e62529b4e377078b7a71e924695abeb52dd2fa9d0457204b4c030d1203b44226aa709ebb4934731631af81027efdae53bc403bdabbed11994b2060c1a801d6d89ccf99e74849974caaeb0f1a916cfbe68f1bac42e219f006b866e1b582688169e6adab5b0ab8eb3cd552ea8b1ba183d6d09693c3e192acd495dbec1a7980ff22b6baa4ec70bba2840e572f961c408de8f31af3248dada94dfe98c39eea66ce2a714ebb78b3f3f71efd948040e9fa6d8690e38fc240b3dbe475aa0d0116f964d27bcb0a7d54946b6795a30ccb9d73ff59898dc3a6e8650945c4a92a8744c21d45d874caf7f6b861f76ac7416872e5307f58b0e56a7b3fa8f56c742cbf5b15c02e3b64beb08fd899220d5ecac26846b34ac489062ff7e2c65904d64cc9540590e264c6abd229257b13be12f9a5ee94cfd1714c7526d85e83839d5f693b73eb57e6756a99df66cf30b012722891bc93ed3b1a426fe8a8fdd3c175f093711bc1c0e6c6599fae38072c3609ddc4f85107ef28b3197009427b4209fd18bedd794a782f580d93b7a839c2567421bc17803941b8b4c1c8abe51d77a3203e030c7f885e5a634b375f9585c186ff14867a29f04b36eaa205365e9f4b1ec24c871087e0ab48423e0f4cabb1e3aac642d58a4e7e10c8797a358cb5bea50402e4f4f6377d664a94c36eee809883f3dc4b4349b87d066745b75803abe0a6e212dc6a5a3bb3309284a4f8bad0cec4e7c7c77f9a875f861fced21b2ca8387b7770ae593e607ec486cb157e514f70ac075adebd8cbd253c79043ca6ac22b3c2d3413e294b08aebaed79ec8fd613413a89aa6557daf99b9caf070a6070e2e5c77fd42ec58bcf6ee5c3603407436fb0894e336f250ccbda86eec9b0e693f55852784906ffd8bca33e999951d4b94dc59173a98e1b3dcb279e246f93e84f94c9d31d76e4e364195701de884ea910f57c6a128e3f58a4796b7eed760f9e1969959c79ede0ca18e2bb6a21d495fd0fef49dc1071acc7a2c20bc77bded601f0df58967976a26d4f1b4d90c7731e66a6485832b36b327b1136c566596597f7ec9c39d6828cafda2db086a787a601201bf7930fa486a32d54449939d1860467396eacb34a81d4c88693ec3201dac94f6fc103a0111a7d79f6b26fd85e148ecc66c648c660b08566024eda6b04edcf34ad6494ab3daa92a69c20491e039e5f46fb15bc46a70dd724b2e0c9c9c803b5baf0498c17c4deaef13dd272b9aa4c6663ff3626098e14802879126cbcfbb565930fc9707c108b42bcee6d8c84afd60e88bd07d1593ec302b99f19130e139f09634f0ed579f58faf769ff7f6921c20e837520ec93de00321a064663a52353705bdc62095cba647b2e92b10d1d41d4b549f4f8b2143c939207a40fd4a3b1f89629daa3aa1af1a9b32b9ed885d0655893bca4bc3bffb62f16e4eeaa9952fc9a49ce78d725db0d597131a042dfbbd8229ab378eab42a1c1e11dc3a544efe18c1f954112fb5247798d675f06f4a4a4ab7c1046052e7617b2f61f63a17418ba7d11737d5d0f5a3c92bbf3df2e8f5531b0bc45d2d08e1b86ce1a14ecd25f60db92a8971a17c9da941e6e7d61ac0276d988aa2ed26338c4f3887337dd61bc970974cfcac7a37fd23d646cd20ce5ae4ed5b1286c11b5c38c53bd5ea48dc58d1869fe8c55e49bfe425af3942aedb33ab5c2151dff7a4634d6454e14552b360eddc9f250283b97128817714f382e7c3efd291bf62d99b31e830e14bd378b95ce5f6b7d7f100ded051ca4ed47446e45789b6eaaa361b232640dcf25ff7ea6d3348a2b8e94324cbfc82dd289924a02b856288295d932b651130ec7aec6612c0cbf882d921816bb16c87753237ea8c085b10c6bb0621186106b81cbce2beab67a44957c27b9e2b69e6d612972e57130aa76da72100509501986e5dcc93286219fa526ece7b1dc61ca639dc00d713769317b994261971fc088b47d1525e336f3f5984488a441f99ea366d8d60e05ed3e8fc194e51e038c319dec3642fde9d2d45bb01943c3806d09864a7eca0e500540be0eab1c085dd350fa5834f968cac8ddce7cf48dc5dad8ffb3d24cab23ed1592fda8b8881658b41761cd1c162bf167a130d8ebf8de81893d53238a9389576a15e91242ff317bf7cd15be6e4b77f000e3876876af0da416b0b107ddf35ec5661e9ec9c6a64c76db945b88f61dd5ab42ae78f2a86dc9ab86f8e6e6eea51f5", 0x1000}, {&(0x7f0000000340)="cde93a568e6b76636480c408c53f8f9bdcffc1be522ffcbc0c20a9c56f0d5c83ec75aeb0553842e8a4e58c41ae1346bda4f969416bcfc96d26747bb73dc5c9a4f9b62b90682e95b1d0d155fa12b34ecae215d1561f6d822cbdb0be6a29d324de8aa4ceff4c487febd198e9bdc2d799ea2987c02069180d930e828d8fef1c90163a0f1ca0019533d97a1c14cd4134ce7901eea4dc49f67fb1ad4fc4357e63c74e045467d27f4bd3c2888c5d51e5bca774f94a22d47d1206797440a8082fe0e5d4f8fbead2", 0xc4}, {&(0x7f0000000440)="ef0ef8747e22de52fa3017c417b975093cb581951efa2ddc42e3d2a9bcd0d1e6ce5875d2c17a3e09c1d7c93b90674b272a6e3907", 0x34}, {&(0x7f0000000480)="9beed761bc463e7453a1769e5036256ed355a9c3a011488f4946b52fcf997d0b23e62493e96cf56d5223fce81209bd597a90cc8f2d98f47a033e6b810e26664f3fcb202d23c7d59634db9d13ee681e5085949d7b904d12d4e0023946038ce59ebbaadaa9d1d77738cf88e5da6ca028d53bc928e2664a9e77b265c1e3301814d5e14058d1a9c171ff19a5016c4f21b851358a69a8dd97bec7b2d912561debe1b8c7e5329614bd4e46ff0af87ea22269eda321d34cdfabf118350a3015ed3db0b8a4a48d489b030c412be53cd86f86a55d25a1d58d3823d8e4429996fb", 0xdc}, {&(0x7f00000015c0)="76e932e5e2d749f5ee85aec0041722cb880ac3112baf06695fcd23f322271193d36de34c604aa11ca9c143fb2f9bc78c4bf0a97d96efa45ed24a86da20d6e5acc7cc657ad9b6b7d1c560a52d9ae74e9a8c449a6e8f83c4ae607863a1dc1dff5f1e43672d37f4f505adbfbbcecc5f68da9136cef6a609be7f4524a34a8865", 0x7e}, {&(0x7f0000001640)="15527ed7d21fb888384582fd4ec8cc743998a99c6823", 0x16}], 0x8, &(0x7f0000001840)=[@init={0x18, 0x84, 0x0, {0x6, 0x101, 0x7f, 0xfffffffffffeffff}}, @init={0x18, 0x84, 0x0, {0x4, 0xeb9, 0x8, 0x2}}, @dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, [], 0x22}}, @authinfo={0x18, 0x84, 0x6, {0x1f}}, @sndinfo={0x20, 0x84, 0x2, {0x2, 0x8006, 0x4, 0xad66, r3}}, @dstaddrv4={0x18, 0x84, 0x7, @remote}], 0xa0, 0x40000}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='pids.current\x00', 0x0, 0x0) ioctl$KDGKBENT(r4, 0x4b46, &(0x7f00000001c0)={0x4, 0x9, 0x1}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x22b, 0x43, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:17:35 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0) [ 457.421038] QAT: Invalid ioctl [ 457.429760] QAT: Invalid ioctl [ 457.502977] QAT: Invalid ioctl [ 457.507138] QAT: Invalid ioctl 12:17:35 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) 12:17:35 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) 12:17:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:35 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x1) [ 457.788515] *** Guest State *** [ 457.792055] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 457.800927] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 457.810025] CR3 = 0x0000000000000000 [ 457.813844] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 457.819848] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 457.825929] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 457.832768] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 457.840824] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.848926] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.857034] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.858553] QAT: Invalid ioctl [ 457.865189] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.865225] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 457.865249] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 457.865279] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 457.865318] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 457.865350] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 457.865370] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 457.865392] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 457.865411] Interruptibility = 00000000 ActivityState = 00000000 12:17:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000fd00a45ea5428f68dcabeee348edd48ea7e8fb93377de10bdb3d7b1e07598cb2eb0a5b5e31851e89d4a1cece694f87d4d2bd5714b6fd692cb92e0a60d774963d54bfa805392c9c0af96b073b2c562de6a678a91f43ebe370543ce038b5ac30b7d7db356a2f51d5bf420629b35f43e3a8574113b9cd5cdf68a017fe41374c91f3451a541202d8cd1277b669502465ad47e3119849ab09caccb5ad91a9bc00326be62fe29c3cb66a1cf28a6365bc7a661a1fa2b3913ee2efa6838f0c9eb8345090f9301fbb3dd0f6a60860c7017d7bf02dbed6d6c5f73f2422c307c762ba7a44983ac6945a107ceee5f9a94e396c5d47d41744da6155cc6ed614059a103b6f9205840000000000000000000000000000ffc27ae40d1f48103e35b713f722e6d409103a9618db63d43c557d68de00fd29dc2c2da46ec4dce2589cd77f634abf6014e1", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf2508000000580001001000010069623a69703667726530000044000200080001001e000000080004007c66000008000200070000000800030006000000080004000000000008000100090000000800030064000000080003004ed800001800020004000400040004000400040008000200090000007c0001003c00020008000200fe810000080002000400000008000400060000000800040007000000080003000800000008000100110000000800020004000000340002000800010015000000080001002000000008000200400000000800040005000000080002000600000008000300ffffff7f0800030003000000"], 0x100}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 457.865426] *** Host State *** [ 457.865449] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fb08f380 [ 457.865486] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 457.865525] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 457.865546] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 457.865572] CR0=0000000080050033 CR3=00000001fc1d9000 CR4=00000000001426f0 [ 457.865597] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 457.865617] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 457.865626] *** Control State *** [ 457.865644] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 457.865659] EntryControls=0000d1ff ExitControls=002fefff [ 457.865680] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 457.865698] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 457.865717] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 457.865734] reason=80000021 qualification=0000000000000000 [ 457.865749] IDTVectoring: info=00000000 errcode=00000000 [ 457.865762] TSC Offset = 0xffffff06cbace673 [ 457.865774] TPR Threshold = 0x00 [ 457.865790] EPT pointer = 0x00000001fc10401e 12:17:36 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) [ 458.134609] *** Guest State *** [ 458.138167] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 458.147237] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 458.156210] CR3 = 0x0000000000000000 [ 458.159955] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 458.166030] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 458.172177] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 458.178988] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 458.187080] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.195161] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.203321] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.211347] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.219494] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.227615] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.235733] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 458.243841] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.251983] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 458.259994] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 458.266882] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 458.274448] Interruptibility = 00000000 ActivityState = 00000000 [ 458.280714] *** Host State *** [ 458.284051] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fbc7f380 [ 458.290077] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 458.296678] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 458.304620] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 458.310551] CR0=0000000080050033 CR3=00000001fbfd6000 CR4=00000000001426f0 [ 458.317720] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 458.324523] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 458.330625] *** Control State *** 12:17:36 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x20f96b1b, 0xffffffffffff0000}, &(0x7f00000000c0)=0x8) ioctl$VT_WAITACTIVE(r1, 0x5607) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r3, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x80) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000100)={r2, 0x7}, 0x8) [ 458.334477] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 458.341188] EntryControls=0000d1ff ExitControls=002fefff [ 458.347616] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 458.354691] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.360721] *** Guest State *** [ 458.361412] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.361440] reason=80000021 qualification=0000000000000000 [ 458.361474] IDTVectoring: info=00000000 errcode=00000000 [ 458.361504] TSC Offset = 0xffffff06958441bb [ 458.361519] TPR Threshold = 0x00 [ 458.361537] EPT pointer = 0x00000001fe67501e [ 458.395878] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 458.404826] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 458.413749] CR3 = 0x0000000000000000 [ 458.417498] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 458.423566] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 458.429582] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 458.436343] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 458.444420] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.452508] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.460523] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.468596] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.476669] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 458.484760] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.492832] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 458.500873] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 458.509015] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 458.517073] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 458.523595] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 458.531095] Interruptibility = 00000000 ActivityState = 00000000 [ 458.537435] *** Host State *** [ 458.540855] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fbe5f380 [ 458.547023] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 458.553577] FSBase=00007f3a33a8a700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 458.561418] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 458.567419] CR0=0000000080050033 CR3=00000001fc1d9000 CR4=00000000001426e0 [ 458.574548] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 458.581258] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 458.587421] *** Control State *** [ 458.590932] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 458.597792] EntryControls=0000d1ff ExitControls=002fefff [ 458.603364] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 458.610345] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.617133] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 458.623821] reason=80000021 qualification=0000000000000000 [ 458.630182] IDTVectoring: info=00000000 errcode=00000000 12:17:36 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) statx(r0, &(0x7f0000000000)='./file0\x00', 0x900, 0x340, &(0x7f0000000080)) 12:17:36 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xf, 0x9, 0x3ff, 0xffffffffffffffed, 0x0, r0}, 0x2c) syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xfb3, 0x80000) [ 458.635762] TSC Offset = 0xffffff067d33dee1 [ 458.640115] EPT pointer = 0x00000001fffaa01e 12:17:36 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) [ 458.830681] QAT: Invalid ioctl [ 458.838369] QAT: Invalid ioctl 12:17:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x400002, 0x80) ioctl$KVM_SET_NESTED_STATE(r1, 0x4080aebf, &(0x7f00000005c0)={0x3, 0x0, 0x2080, {0xf006, 0x3000, 0x2}, [], "698539df541b1eb4b263b823f4ff85316cab4c2c7b7a0ae3040170d35d909dcd7d361ffda41f564b1a7d59c1bb18806b511fbbe798cdd6bae00fa7fc875ba031581989c9edaf57b7be08bd39cee2bbf77b7a91425cab607333f641ee9738c24f1c65381c59bd1c082dcf696193b8ed6859f2be946a7cf19ad453ebd9b01876c1ab06f284fabcf0e4d860d703e636040797fa5994cba2e86ecb03fd22130fb25d43177cc5bdb2e9a1157075da54cb44d1a3a606027142d54f3f7aee8f39630235db14002e276e6972ded9fd3a509a6c9e315156794ba82219614a8de96a3f4ca26e69400a2317ce8e5bde196f297753cd149d2cc3e8a416434ca64ce2041df2376a609953309e75ca5afee5874755d46b1740945158524a70f1d4b96874680d536cb4127a9bb042be052737f577955c443f9d1fc4650d22a4dedcd6d7115a12446a131c3826893d0395e225cebf413d1ba72741f6e03802ed4cedda95ad6c7af9605b96c2ab2407a0a00b2436c5d86908c59c7368cf45054fdb136babfc52433fbec5b1d5b354979f9da341602b47e54bb106641e180319803e70529cbf7f943b31ad20100039291ef4ebcfd67c889be0c769ca3023469a93672c7ac8e3390d213db939b0d4538df0f5962db83e2e99d08fb67253fb04d2d56e38319462a8ab0dcf874667a53893c6c0381078bd9c27d199f964dfdf33f1d2c31bb4c026149903a6d57a3551729018af31775eb59ac9848c9d831b8877abdc0ada979628eef95894cbeaf0497d4391f838252505028dd3c54b8ac2430ef14b9e0d8647e9a2738511519495a1f04e0a340b352befba7882f29cbafb8daf6f9cb61ea5400da5c5a6a1e1069612ffedb5510510ce95329ee6a4ac87123db6070ba211de82c762a6e63ee49a1887259120cc34d526c37dbd945e7aad49a2890e78af459fc8bccb783e643bcf52cd70bbd789fba9207e7b760fb5c2f07dbc61ad5d1536da660f3fd8b846008623ed404fc763d08d0d81d0a16714fc4ea42dc6ee6143e16fddd1b4f044d7823b6c10ece8aa36453b17cb67b04308291c11098da65fcabe5b24876ff96be815be2292c8d5064338f6088c6be53caaacd7eb7827c2d0929ec1b0c1b8cfa4998dccab89f2e98ab60714e731948c2aa9ea4436996c97a4dc8621906552a5fc3c0556aed9129d4d2ab77dafbe3c6f87233e157d3ab8349bb080ed3949e1f1e3e28bf0ea9a0379ca9a9ca6ec96e110dce735335fe85c70de890b6e8537a3850a9bb72723c27f750d33da06551723a7e5845da9ff25aaca6ffca30ce681d5c128a87bb2d3d3df8da45bd4135f09f9e62065a531b08bd05e08c56491568cf974d76b4b849ca1c3024e68396da03f79479d54ba695569f2902adbce7b8a5fc410602dc6d101f8c5658b0584429a24b6ffa14b3ca0536f2a6d261b88e2fb965fa3e1f0293a1c4b33ac9b4b9994d7ac2350c1d4b345e2692c5c3c32bd01d942998c23f6e35dac3f0617b866bf56ffdf5b885f5a0be1c7af5bc758c2e79c7790dda25cb2ef51ea6e2c3258ddedfedf2d8d233ef5a1e536e2cbe56168de78a4c35840165c9d7367f0cad0e3cd28dea3d412657e8066a6786146e084a43233ceda903aa4a8d2257cdd2bee6817af317488c5764a5625796b32b4cb131bb921eff78ba9b93719f34af074b5fe7b32cefba1f957b4c563774083427b44c200152004cfa087016c3b43b07885af0dd63227892be01984f35dc152a9cea55f46bb3402e5608582efd2f17bfa125c5fb1f53f071d596fdada10748b073d15d0a54dfe659df464dc1a8e6dc32b02f722c5a861760d6f58a3e0a6f67ef891c1d226ffa41685db97c25bd63322b8f4bf0dc0cb83aae401a02044878b722d685b99d59d28b4cfa05fe19577f1b49706fe9dfdff67df4120ab85ce015b77158cfc163811854e27f80c54b4c377feb7d2289a5ee7040fa994eac23489eb8eb29a63828ed8a05ba3b6ff0b4c12306b4bd0968cb91a646367bae48fed08bee875d0caee384097c62dc1b250add3537dcf01f5cb9868e02c6713ccf74c972d02240f657e686c17dd93dc3a3fb54d1143fd0d16e068ecac0214ac87bd35cb24a020570fbb7c5b6aca0f367bd1ab162041c8b60180659cd357aacbe5e32beef89b456a0fff6b987615c84502ea8caee35318ab98e9e40457f74cbd5a090ecb193d2133c75bb41b355aebe5daa4287d48b98047f9fa3fc63e1d5d2230512bb04025b2e2cf8e894a2b48ba442e67f2468050d8b96de0db6fc1dfb470eb9b81e9e71b21be228680f996c6822210d4bfea4c8f23b1d895ab10bea89fe8cdbf9a962da35bf405e69b38299e9bcc8bce20e0c8f1a56a0023d88eb7fbe302110aec14c18c32a3937e2831ab4106c36cd4e1d777eb1acdadb8ed186d24ea6cb75435e3b51f63306ad4433c2b396d7d70696bb387f8d208dc8e5d0c402943125da0e62eaf582481b2491437c63c3db85459e3b1a9508f886ebfedf0e42f40598ca14b1649d40ddbd1bba155935f006402fed676df6c5043e542cd67396f6c7c0b6561cd3126cf5c6d98ff05082797d4bfc645527b91c3d1419e8edba5603b0569cd02eacff18825a640b673c9247ee3a51f231c2c3b380f428083c85148a2291e087766d1878ded8a122edad55fd4184d0629efad121d18e0e72ee16fa336dbc6f17ab6684520e584fe954f26438436aa2896cdb9e5971b01c5b21fe20e9f3cedd055ab53f6590103d5c00143869b42e4a782dec859923041917d9011ec62b1493bd53d4e8d7817e3e6c97266941cf7c16c18ace16df18ccac9bb484bd4cd5840a4f357413992358b6b66fd67e4df421daab31699fb29bb0e6b63789a2ef721474162a2991e215a77a7ff84b711f0f3aa39749f9319d503a66a238282fb72cd5b4e960479047cb6c24eaee544cd4ca7bcc0b373112f33e53cd684ab081dd31f91f4926af39be9d28dbdf9f8a6b496b6d614e4222c97a88aa50cdc89cb74ef63c6d10d1bb771a5480fad18f9de1a8ea414abb75abae93225d76e1685d1211d2e225bd2422dce46e4739403633b5b88107fee6ec36fe98c1ae0c3c5d46d8466b487d6d9d7f36cc867a98b10de679c52cea3e016d5fc2bafc7e1df4582e0f8f787dd65906af9ea18b5b7c18a1357930e7285092522cc723f50ad8ff6871b067de9b75b0345503c61f7736601e5e7e7a159266185bc49e7a4925963fa1df94ae7f14d0abf74a3cc9fbc39369d0ebaa0f264f62818da8db4eccf1264bf6ca8a27ea847df1d2abef74a3fd8eaa74fbbef79e237c7011dfc4b0d5844205aef0e88dfaa48a3ef62cb35b1e52e500d4be745d6287974a63bba822458917aaede27e70e2358222a2ef639737a45476270e9ccd8f1629d47ec8808b58b8add1452694b9799097678e9808946a0bed6741fac69f5dcf468ad4dd4f0a087830270a8c37760f2de81d83eb4f70e335b96378ef8ec670bd3abf305122c7c0ae82d54622609c670d71b46e85d891839d90fb91ae1b410448d07543d7d1602f99ce5a3fab78d6fd46400bf8e67ed58c34f43df1dcba03c28124d29bc2ae85762bd2585e3f387248f297c0dd8b2a3e8a86819653da4948dcb98d0e887ce36fde04db6c6aefa1c513b9fcb65676805ccd0b5dbd72601c5993f145f8cff97b08315099433f2238947b9872a1e43578f8198c4aa1dc1d3eecafc54fbba885ef5f0bf5192c9a779de671e69db173f5adcdc9cff91fe65ef18dab85ccdc1be47cc3d1ae468cae46c5b993340f8a2c0f104be77d938c2591fb6f2535abce98918b36e827642817d3d808887d186d2a0e9bec32d447dfa175c5a2e3706c3a404d65c81b44037200202e74f2edce1c7ab77b7748bb70126327cb5aeda1b8e7500d28faff0a8f0958b3cfee233a05f4a820cc3fb768e9f49df55409deec3d3c32f77f407388714174da13154c4feeb251c29f25001edcd03ed804655c86f3f520904616aca87ae9b45359b1c6a30293be272e6ebb4a2d7ca1d42098fd745c5ed32daa7567a5fab63f32c7faf519b17a5dc3bf8a7f67b0a791adac5e26e1a0de6672afb22dafcbec8170cbadf180713705d55fdb129f5eea183486b435d4782b6a4f446abee01bffea7086ec022987af77fb5910c15058bb786d4e53ed0fa41169f0cfe5d03973428d1e1fe603af7491fb5bec9999dd3848e69c213a801fc77c18d230e1655a8f25b21fe6b7d865931f19a3e4ad7c6fca3a809cfdad9b2cb24ce4fb32c43fe69cc53907d144fb7509477f58918306dc61c1042f431dbd79b4dad1f72ad4a7e78fe480d56b5327b709c127826862862cebea30f39093c286ff1f13748a6fd382e42302af746b62ce3b628af921d9a44da41c87df946dfa9728566b8f974e0879a46d182aab1def4d80553551f326ba5bd3fc82e9369a7c19ec4d4cfc5935b641c01ee6da1ff550bea28e6980a13a38bf461fb6cac998678e9f09b3e9353deffe0bc9d9ba099a7e229adea1eaac01660cad8e5006ca2aed58224798f3039a615a9387edb101c9ec6fb19846e2e8e9621adb5f6fbbfacfbb536b1d27daaaf88ea309d2c07482a3112dd13b71c69ffab16e6a6584b39d923da531aef38677c64bb2fc6871465680e19ab6ee4bf5472a41c372b2673476f68a9743a1d8fa9f89ba7b048994dc27db9ad5d6eee96dd36da8ffb7315a56784ec393e14a1e9d5a73b689aefc1a5f789381909379d68efbd32b5395574ace0a521d2ba59b6fa3f420d43346fcc057bdc798009bc07737bf5eb6e27e42527c2489fa1c79c34cb49276af2bad48c6a5fe82ea6acc4e0fec21595493220ef6fb3f7c8c44b3c31eafa75dd2b398fa63108c804b6a124d30e257e0780d6abdadfa52f71eda717dfc4c6013a760c2dcc127f1bf349ec2700b587d7302220235359a1f38ab9d3e180af6a516992df76cd02b69fc503c9a60e287a5cd87ed9d12174738b87789493b8ab6214eeacd5e54e60b9fafbbb544b9aa5ca73916947e74c5cf9a339095bc20df1bdb1753c515ffc0872a7aa5ff294efdc5943966f2b3fb15c616b7fb6241ffc12a5f38b828256941410e40a466a30afe033ac6e370b43f89080d13b033dd786509532bb9b828de6f1c12f5d7267324f40126fb0d35f44b2c13757b315ceb6db7a20c674636d70f17bddf5c4103ed9145a52718a39b05de3c5749c109e989efb29a4c04dc38b624ae6b66a23ac7a73ebc40795b9b76c020da077e872773c08dccc820506a2c6a82d8590842349f2fb6cfff731a7f8b5d55b5f7c26dc920dc1f7c648e33c4c240f91f559f6fe74e1b97a8bc20ddc5df3dbe3799c3c18aef465e5a17b595bb93a766dc10e1b6eb1257fb2626c7975b884bbe5ba0367cf7ee0cddacadf70893ba2c6c25d78986a3522e0303c7f53d322f2475bbcb46e5de010c5119a8be22dc70c5747f987927d5dc9dc3c661250097229daa1ceed34be5e605a68175c97689dfd93575df98febe7722297dbc2394ff3c6a8012d6129d8d2ac85c2f839ad16611bf992743ff0041184bc4db9b0fb556fd6821559ffca2e0324dfc2ea028dda25287203db4facb519d53506ebe6d6758718ff0f2b8cd73dde05316d2a0614d8ed273907897df1687b33447c58c16d742e86eccfefcd3026eae627c7b627612461cc423fbb47aacc8956eebfbadbdd2c6e6c137e45ec21ba4ab113a474009f3915ed9a0ceb41a1f3b9d2c7730a2083d93264145512f07f0815c805437964a7f081e651cd64d6f6b1bca5e18262a20f93aa5ff620645003513e16", "8de9e5b299bf4a125c7a7126871eed8cf6646006982dcbba850e0b12f181889e7b00fcdf57773b5bc9e8f013a9fb00328bee01b0844af05101339846a97f13548c3776a053c3b073d40b88cb669c621b3bcf1c41a0cd56f3e0bfa6293180cff3ac3c7ed7c66b97263d0a109933d4bff69771c4e668210283ac8bb0f2f15c859c1da271f714fff1d05aea49a4115471809ab7e73832d9fb3ee0310636320fbf9c1e35d1e19e7867ace5914064c4fb821a28b29bd5bfb007b457584965275218647a28a1b8d1b7fa34b010cd35be9dd7ab09b957a618fb3a83d3b31830c2af94f5102625a0da9199e59613c9fb1135053bab0b9fa55641b14a8ab388bf7d9da7cb45de5cb7b9f1eb795a4f7833f8912e52a86947d98d7c38e74f7428668b6cc068e5511e9a7d05eedad6f3c03191a3e4f518f0b9819a3c323fc39866d0e083c5e0a31429a47747a769e96c68ba26d9bb93a85f5a68e7af8065e231ec99907836eefd69962999e7c7dd865d1c70056de6e143b6aea8b2683a845afc6871f49ceb1c8dff0fc279c07ffc1297722215883748d56d9638a0162c52f932bcf62ad34caa2eb0180332c54d3b2fe5438bf380c86f9874a5a864b4d167761495654487e584a802d8c347c28b57610d711e9a2e3dff3af0afbab8e0e2870cedefd2662cc7debfe2a77ee01f84b7743c2f4c753e0755638555ac8daa816716bcfeaf22d9eb2c9ccf6c6ce796fdf9f4573ddfad3d5782a9724dc9cb3736d89a159929469c052ef1e27e34739a677a88432efb2dfe77e0ebbf8482afd218df59de098836d51d489d08729fd267a0083574550cb163e567ef36be899a97abf76c3baa7f5db674487c8e12f32732c2dcdf535873b77e052d525e702f5665a24cec91700df28d0c62e14095051feec4036d4b10116cf4ce760a8fb0930d6a12802fabde1ba228ddc47f4b0de9fc508a005e82fe23928cef887a4af2b8d189b82efad60e740bc27375ab174c6c13fbda0f7287adc839047d7cf56ce940e54a4638e21200637b20ca5ba2ace7c4b9a9b03d7156920027d8ac6295a71ada57dc5e64e97b72625b34db268b3566f324f45767f95621c3aaa4f314df38a52c1cef4b55513ebc6431c6a1d2ab4a2b1e81c56be6e9684b57c61e470fe84888962fad1e3b2ea174f1aac1f4880711605e1349b8aff323d91bbe3b10c8543caec8e184b12bbcbe33d2a9582e2b454ced787a85100546e56ea2108c081cb1c367a06f5f19125108bae3df78e6eb7f70f8ed34453f7840adc202b1d68224529ac23041522d889cd41bf09431d4728b343327dbb4d3fbec986505f45dbb8623dab3f5997cb66c324a1b8f9bc97aecf211748ca098663f8b174614e2f2a3b72b5abfffd54e7f350bdaf8a26425200b7c052f6201644658d0543515ebb268a0c838e488dae5fcaa6f2d4cbcd37483da12adab4d9fa5178d4a2c0665e223a4749a30ddcaa8f55cce7b8ebb654b90299c17b7fceceea847ac62c25c57936ec5dcc25b05e3fe644d78d4d83bb1848efc07f290c668b6b46592775dedea2fb117580d5cbded0995b0ce6cf2d2fbf5aa68ad98c1a9965fde7da683f99de10f01dad79d9215b9afb15eab1be00eb53e15bbfaff30f8da3ad7daa1568004e7e25658d2aa03f3a8c04d2499564935f8d7ce1f1f2dc53a9598e25a63fcf1e0cc547a99c4a84abdcdbe86ab40379617c3bc69a6371436cddb275b5996c08abdd30da1f7cd4a6240caf142e453d0fc2538a2ee5585f8c15fdfed9951ed801cec6496339b2a9b2d993ccd14e47603ae6fd73dc976e7ecd522e1d864e65a2c6e50df49c3fcfd2505657cd658d3126359a012285599508be69df1c68304ce552957f569c90d1f0900f8e13634e029be6325d8775ec96788aa1fbe8dafa1bece67d8628a30f091af0c6a1e4514194e0eeabf491f0bd7a28d7350e2e260fcaa258db67d9fe8be47e53dedc585aa33cee43f5ecea8b1d48522c9b1967f1b9847136638d5d38625a34387c7288858120843ca71aea9d7de5fe40b6207f278fc18bc3065f434e897745cdb8d1b19490e162130c48a2582a5df1096c23853cf8cf225a639274fc48658fb7cd63d3b406eaa9e7a6e9d4bf48c763e4350751031ba250092fed60f2513a720baf2a1311b21eec19c0d81966ba6265fce5474f1a00fd10e69b46435f9509ac19fcbbb5d8ed119a448fdeca8c3b0ef0f999105153d975f2aaa6d8305cc0dc5aa4ae5723f46b910a94ecbbb1a8ad589243863f9457d8db17df478118adffe91a06d32faa4895a11ec1a24acd60d0b033e5b590ac35ca2637b154fa26dc37f72d36a3ef8d73e2f7838e1f2010ec884d5fee129dc6dcd5796914196f13c6d8d97e027acb0fbcc936d1f4f18bc64d08e17340af07edceeeb8a6630b4a060c12fecbba2f96b9ca247680a8f2c5a9e9d952f350571edf996f09110be12d48c005a4372265071e9b27aa8d2345b773d0abf8588f357111415e2c42aa36251f3a3c7377a31ec10c335cb116e368bd6a52f45406c5a4f8a848b7e1ee0a26961fc2f304f701c9c13fb9de14768252d70cddb3164d08f7bf317b62591a4621b0a8d9f90fb5150648348fa90685b4fe30f715a5105860a29d30c91333a2c96b262efb6b570b6bd75300d2af3915fedcbb6db01c7ea67c24e0b5f8be3867f3cfa6d70d30b3008a4d83063966f06bc1c2778f806140a58715c057bdc0d84a18fd75ccb1be78ed6f6c260104ef616f9b7190d4f06d5164200e6395f9c8a61d4f8b1a2ec55613e249e283593f53dfa74267ad3ab3864bd600c84dbcc994d6cf5c00dcc435de47b6c22cbf7972d64d5d06e8cba8560857d0c23bdcf8c81f98e0e0a0a2ffe62ae020c501cdf6a271d268e9b510c28d203ab42dc38de89bf4d8742d32ac0be3da3a21cfa7568d492a29f4fa42d8ee4a10e41e53254f0e2888f06eda14d7c3553332ce1a6ccb6348561c30b12ff66ff1a16ce3ea2c674b4031f91fa5926f235850271bf79ac5bee2e7ff5d6391748ce96dd143f0b3166d11dfb02fb145100b02b9b898a327eac9a30a487ce7c29a23120c21aca9aaaed6dfaf59ab02a9f2d4405cbbf553ee49b4b34edb7d26d4bf1e7a0a50cc639f008de9eff740a72c9a4ed4e97768374fb8bc2b9ad767cf9a587aff858a0997ea9eb923558b80fc4c8e7972baa38289e045c1afb11854ee8c21b94c833e35d96fe38c4efc4f617675fc92813f866a5b9d3b89b20ee19dd27c76eff8c7ae20cfdcff8ce56b28357433cb2cd58bebf4e3b48d581d02857176e2dc95d546cd8a78ee76fffc423b25d6278b98e3ee5806835a43ea25d30623b49198a87f4d8bc2038b8e1cb16498c666d64f209c65190002bb289a97f158ec8862fcc227ac66fcc0f0330e66d4d5f973f9b1378fee54e31dc1e2d03b265642828841edbe1906c1805259662bfc148e9e987b742c21b146b2f1df2e7fe6251ea933a1187960a52c97f12f02d7f6f1a4d85cf3ba89c115bc93b6afe32d22f5f61d529a4a5b438ff38d2805b16a5402db37667155abb29614572ae0c82023c15d4373cc0edab3603a984a480392880b21525458d367c5609d920f70f87bb05bead3075afcffd293a678bf233552681c3128fc9b3c461ca9e81353262ed0b5026a9d117e8ea31161fcbd217146ece3d1d18243a712642d0d9fb73867f9d649af420ea1dfe1a14bcf2a4250531bf9cec3f6d457817ed35f7e50d3c182209e93cd828b8798dc50c72946d380a3c48f6075761f347ee09c51ce3694178d7c3890c9d04c4ce7fb5863fcb8086cd01b593b9520575a4b9720f0e7113e5bb591cc483cd5be95086d159905ab631a4d2f606905dab10866f968907cacb76da011fad74455365ce9dd185b15167faa23b1c2ed42b73b3d6d9d0413dc331b77e1a8cba2d0faadd1998351dd5f3fbef5f1c07789cec3f736481c5b86b8b428d1fefb526df531f61172c2edb891c43ca28d5ad862f0f3176d562fd6773adae6316b5ed029cfdbcb71679ab1c01641d2b21c59746c460eb72b8af13946a3ebdd02f310f80548b06da3fcf395a252d6ffaac4a6e625ab15c80b34512127b61ab77dea051aeb5ca6634b478a4671804e2dc35e678bb6d941c646a46e584ccc0d0b50d8b0d704e1ec58fbca542769ec47151b1779ce73c6aff7d7e5cbd9b07a70025c4705fe6f5f49b1e002cae4acc2faacbc787706650ea3ac0dc594d23e9908568bb4e520b9458e4dadda8e95df8d4d9cea7c16e6c0d0b85ee78469cb6d3e22d8627a5ee8192fd53f8d2b2ba61ae56c9574ee1da4d0317f931945b5a5131412318e2471a6aca86807a84ec17d00a350b547e4d6e24402dd8ef9cbfc83f375258adc85ba7dde591e55a1b7b173666ac7f2fbe2d5b2e2f507323cd7134d47e47d6cb37a3c7d35c98982832a65b4a9813c26150685a903269b04b68754c8f63ff4e66093306732007e2d13083433b4ce3ed9eaa33c6d271c75930e878d96e069a39143e23f1c8e21765334d5478fca39793e7c97c5a4a8e6642ff00e3e7124f9a37f7d14edc36db5d551c7c98717a8eabcd0656840c4b26633a1336ed62a52fd96bc2edd070ad3f78a2b34da166bfb757c98fa503455962f64b2cc9e76e0640621552a66a4b7b0911d0536d2ecddc815468fb87dd38a7d39772f8b144c1c9d3c13c85b16ba55d1a5f0049b866b5ebabe773c7ead94daac8759706e91b761f9bd5abe5559dfae36a9492a78d6e4579919e4cfae8e5897b085944bb33ebbd55fa9864fe4a4ae7883dd92d8dbc038f0ac8793736e83f1c64c09c0cfcaaf85ec6d5daa1e251068e39e352cac7789650d5aba7c9763bb7b93583517eb7342deab7e9fb460453983663d02e7f70aa9495dbd323c55ad9d669b529cd891ee261e9e23a6167c219d9fcafd6954081cf393e0c40bf94e3423fb036e837dd09628eabecdb3923aba6a732c1168d97ee8cda557aa911b5a0a8668bde415bdc0dfa33263280870cd71bb2749378288608d10b5d0dcab1b4c7c9425187e6098f4eaf2bc9d58482792d6be7c32e9c6fb673245f8f8df87d8c030c22d1f548551fdca305899e7c30502e153de4e203ac5074afd3786ff375a452a7c40907efef820aed2924185cbe2474a0d7661b795c51166ded4d6babc3efb3df2498eba0370bc2e81754c04bec921a7d02a9e6ea411691e9c1c969fbe12f1f2fc02acf67bc42678741d68827045492d2e3959fc668ab99334b645064682b0431aec665b444514de2de691322aaeffdfea1aac64ec1f6bbc43dab82f6fcc3b82b73692f1887e1a9f71bc8a10c8e259d1748b3d13eca090d8ca5caf8cfc9d8cedf6d7aa4896fbd806765495c14e326f4c39a2f6df5a78f2a62732fc9ca136fd55476fc03fabb2887ecb81eada702a98516a5792de53b250be720a557805188d0b17733e991d683ec618605be6763407ad37dd0106dea096c7e0ac541f646c0f5325b9647d94ed8195c1edab8d209c74abcf23f1318bf42f039bb05a66dc5baac51d87e3ab2ec54035b2fb6202ce748a11e8482b34aa081c3289d0200a8beb37df3cbad715b824700ac5fe0643ea6c784bc29a39463f963cfd5ccbb672674fe3d775b5e9ef90b23df85f0a05fe8c967754f1937043fe1d10e5171e9328d59e1d73c1b056b625bbea0b42203815d97df14bebaad4c82e34f593f48f07448d5056154d07e3723bc823d3b775db3f315ce2c6615d14bd209df6714fc401c80da3e00cb2d50583b7ec5718b4c56692b32d688af5025d3993b3df7c12ac55e6c3b"}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:17:37 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x80000, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000100)="fa4d00000000000c00", 0xfffffe61) write$P9_RLERROR(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1b0000000701001200266a7d6c643573756d2d2c6370757365745c"], 0x1b) 12:17:37 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000040)) 12:17:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:37 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) 12:17:37 executing program 3: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100)="dcc125140df0f5ba7ce66d2ed265017bcbc69690ee9db04249cb69f8ca2dfb710f05ce13f129226cee32ced8262914a2e361b410c59464ee2e54e4f899a9f75b4f6d2ab70e827259fce1b38ad147266500ad1c2efac69e86d27b86777c64228bddf21350096cefd18b659e09618e1157b9c06230b32dbd2126ff88d02f29d5a7f9488c418b1881f71e848139a5c4ac7e15a3532196600605037ba213b31abdb2182b9f16ac6563291e27f19242d186810c01926f6feb6cfe3f671e6cec58c70ac03c8d238acb3f4366ff5463829d1fc56191b05640619758905173b88703c27d771c007f1f3b39376dfd2218323a23", &(0x7f0000000200)=""/237}, 0x18) [ 459.123141] QAT: Invalid ioctl [ 459.147411] QAT: Invalid ioctl [ 459.172002] QAT: Invalid ioctl [ 459.175335] QAT: Invalid ioctl 12:17:37 executing program 1: r0 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x7, 0x200) openat$cgroup_ro(r0, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x0, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x80, 0x80) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:17:37 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x4, 0x88001) r2 = semget$private(0x0, 0x7, 0x4) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000140)=[0x1f]) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x20}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000100)={r3, 0xac92}, 0x8) ioctl$VT_RELDISP(r1, 0x5605) 12:17:37 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, 0x0, &(0x7f0000000200)=""/237}, 0x18) [ 459.375600] QAT: Invalid ioctl [ 459.395416] QAT: Invalid ioctl 12:17:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:37 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 459.552657] *** Guest State *** [ 459.556102] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 459.565220] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 459.574269] CR3 = 0x0000000000000000 [ 459.578015] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 459.584121] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 459.590177] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 459.597047] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 459.605146] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.613302] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.615703] QAT: Invalid ioctl [ 459.621353] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.621389] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.621427] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 459.648838] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 459.657024] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 459.665201] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 459.673830] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 459.681906] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 459.688355] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 459.695942] Interruptibility = 00000000 ActivityState = 00000000 12:17:37 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x0, 0x82, 0x0, r0}, 0x2c) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) [ 459.702349] *** Host State *** [ 459.705586] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd5ef380 [ 459.711642] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 459.718210] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 459.726117] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 459.732184] CR0=0000000080050033 CR3=00000001fbcec000 CR4=00000000001426e0 [ 459.739245] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 459.746144] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 459.753070] *** Control State *** [ 459.756581] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 459.763377] EntryControls=0000d1ff ExitControls=002fefff [ 459.768868] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 459.775930] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 459.782687] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 459.789328] reason=80000021 qualification=0000000000000000 [ 459.795749] IDTVectoring: info=00000000 errcode=00000000 [ 459.801237] TSC Offset = 0xffffff05df42bc3e [ 459.805678] TPR Threshold = 0x00 [ 459.809075] EPT pointer = 0x0000000079e2401e [ 460.052735] *** Guest State *** [ 460.056162] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 460.065369] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 460.074264] CR3 = 0x0000000000000000 [ 460.077983] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 460.084065] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 460.090077] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 460.096830] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 460.104878] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.112950] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.120956] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.129025] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.137063] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.145113] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.153199] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 460.161194] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.169273] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 460.177381] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 460.183896] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 460.191373] Interruptibility = 00000000 ActivityState = 00000000 [ 460.197679] *** Host State *** [ 460.200936] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd56f380 [ 460.207009] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 460.213537] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 460.221339] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 460.227318] CR0=0000000080050033 CR3=00000001fbcec000 CR4=00000000001426e0 [ 460.234446] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 460.241117] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 460.247248] *** Control State *** [ 460.250724] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 460.257478] EntryControls=0000d1ff ExitControls=002fefff [ 460.263023] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 460.269973] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.276713] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.283385] reason=80000021 qualification=0000000000000000 [ 460.289728] IDTVectoring: info=00000000 errcode=00000000 [ 460.295300] TSC Offset = 0xffffff05df42bc3e [ 460.299638] TPR Threshold = 0x00 12:17:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlock(&(0x7f0000fed000/0x1000)=nil, 0x1000) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:38 executing program 1: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x80) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@mcast1, @in=@empty}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:17:38 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, 0x0, &(0x7f0000000200)=""/237}, 0x18) 12:17:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:17:38 executing program 4: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x501000, 0x0) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000080)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x4000000000008, 0x4, 0x5, 0xfffffffffffffffd, r1}, 0x210) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x7fff) 12:17:38 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 460.303095] EPT pointer = 0x0000000079e2401e [ 460.404202] QAT: Invalid ioctl [ 460.539804] *** Guest State *** [ 460.543443] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 460.552447] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 460.561342] CR3 = 0x0000000000000000 [ 460.565208] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 460.571210] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 460.577346] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 460.584269] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 460.592467] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.600482] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.608668] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.616780] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.621628] *** Guest State *** [ 460.624966] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.624994] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.625030] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 460.625060] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.625095] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 460.625118] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 460.625145] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 460.625175] Interruptibility = 00000000 ActivityState = 00000000 [ 460.625198] *** Host State *** [ 460.628515] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 460.636566] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd56f380 [ 460.644613] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 460.644628] CR3 = 0x0000000000000000 [ 460.644645] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 460.644665] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 460.644692] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 460.644722] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 460.644758] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.644794] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.644834] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.652929] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 460.660906] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.668931] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 460.668956] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 460.668989] CR0=0000000080050033 CR3=0000000060381000 CR4=00000000001426f0 [ 460.675951] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 460.683565] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 460.683589] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 460.683599] *** Control State *** [ 460.683620] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 460.683637] EntryControls=0000d1ff ExitControls=002fefff [ 460.683662] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 460.683693] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.689941] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.693214] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 460.702243] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 460.708198] reason=80000021 qualification=0000000000000000 [ 460.717086] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 460.717119] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 460.717139] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 460.717168] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 460.717187] Interruptibility = 00000000 ActivityState = 00000000 [ 460.717196] *** Host State *** [ 460.717221] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd3af380 [ 460.717273] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 460.720983] IDTVectoring: info=00000000 errcode=00000000 [ 460.727058] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 460.733142] TSC Offset = 0xffffff05561cd959 [ 460.739824] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 460.747838] TPR Threshold = 0x00 [ 460.747865] EPT pointer = 0x00000001fd2fe01e [ 460.756071] CR0=0000000080050033 CR3=00000001fbcfc000 CR4=00000000001426e0 [ 460.977760] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 460.985497] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 460.991580] *** Control State *** [ 460.995188] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 461.001977] EntryControls=0000d1ff ExitControls=002fefff [ 461.007469] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 461.014510] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.021213] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.027929] reason=80000021 qualification=0000000000000000 [ 461.034367] IDTVectoring: info=00000000 errcode=00000000 12:17:39 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x4, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000040)={0xbd, 0x24, [0x1, 0x7, 0xfffffffffffffffd, 0x100, 0x1, 0xfffffffffffffff7, 0x6, 0x101, 0x7f]}) 12:17:39 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0xffffffffffffffff}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 461.039846] TSC Offset = 0xffffff054cc45971 [ 461.044288] TPR Threshold = 0x00 [ 461.047684] EPT pointer = 0x00000001fe7a601e 12:17:39 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, 0x0, &(0x7f0000000200)=""/237}, 0x18) 12:17:39 executing program 4: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x240000, 0x0) getsockname$unix(r0, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0xd, 0x7, 0x9, 0x0, r0, 0x400}, 0xfb) ioctl$UI_DEV_DESTROY(r0, 0x5502) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) [ 461.121677] QAT: Invalid ioctl [ 461.139431] QAT: Invalid ioctl [ 461.155976] QAT: Invalid ioctl [ 461.163135] QAT: Invalid ioctl 12:17:39 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 461.357430] *** Guest State *** [ 461.360842] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 461.369887] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 461.378842] CR3 = 0x0000000000000000 [ 461.382676] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 461.388681] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 461.394775] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 461.401556] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 461.409692] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.417784] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.425857] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.433949] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.442071] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.450081] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.458227] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 461.466307] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.474399] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 461.482524] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 461.488984] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 461.496535] Interruptibility = 00000000 ActivityState = 00000000 [ 461.503027] *** Host State *** [ 461.506293] RIP = 0xffffffff812b0dfc RSP = 0xffff8880103ff380 [ 461.512415] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 461.518868] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 461.526769] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 461.533024] CR0=0000000080050033 CR3=00000001fe7ab000 CR4=00000000001426e0 [ 461.540098] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 461.546941] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 461.553122] *** Control State *** [ 461.556626] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 461.563424] EntryControls=0000d1ff ExitControls=002fefff [ 461.568919] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 461.576074] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.582849] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.589462] reason=80000021 qualification=0000000000000000 [ 461.595983] IDTVectoring: info=00000000 errcode=00000000 [ 461.601479] TSC Offset = 0xffffff04dd325aa3 [ 461.605998] TPR Threshold = 0x00 [ 461.609405] EPT pointer = 0x00000001fdddd01e [ 461.621341] *** Guest State *** [ 461.624858] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 461.633871] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 461.642803] CR3 = 0x0000000000000000 [ 461.646557] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 461.652650] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 461.658651] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 461.665413] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 461.674059] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.682208] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.690235] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.698360] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.706449] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 461.714573] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.722674] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 461.730690] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 461.738811] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 461.746891] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 461.753482] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 461.760965] Interruptibility = 00000000 ActivityState = 00000000 [ 461.767310] *** Host State *** [ 461.770544] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fbc8f380 [ 461.776664] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 461.783228] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 461.791078] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 461.797098] CR0=0000000080050033 CR3=00000001fbcfc000 CR4=00000000001426e0 [ 461.804471] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 461.811190] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 461.817389] *** Control State *** [ 461.820942] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 461.827730] EntryControls=0000d1ff ExitControls=002fefff [ 461.833311] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 461.840270] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.847077] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 461.853784] reason=80000021 qualification=0000000000000000 [ 461.860160] IDTVectoring: info=00000000 errcode=00000000 [ 461.865776] TSC Offset = 0xffffff04c068b8a7 [ 461.870131] EPT pointer = 0x00000001fdcd201e 12:17:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) r4 = syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x7, 0x200000) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000001c0)={@remote, 0x0, 0x0, 0xff, 0x2, 0x9cb, 0x3b80000000}, &(0x7f0000000200)=0x20) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$NBD_DO_IT(r4, 0xab03) 12:17:39 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7fa55485, 0x400000) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000080)=""/80, &(0x7f0000000100)=0x50) 12:17:39 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), &(0x7f0000000200)=""/237}, 0x18) 12:17:39 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x5, 0x10000) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0x1, 0x7}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x0, 0x3}}, 0x20) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000004}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r3, 0x100, 0x70bd25, 0x25dfdbfe, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x1}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40004}, 0x4000000) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f00000000c0), r2, r1}}, 0x18) 12:17:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 461.990727] QAT: Invalid ioctl [ 462.014569] QAT: Invalid ioctl [ 462.070654] QAT: Invalid ioctl [ 462.103016] QAT: Invalid ioctl [ 462.110931] *** Guest State *** [ 462.114434] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 462.123447] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 462.132822] CR3 = 0x0000000000000000 [ 462.136582] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 462.142701] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 462.148748] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 462.155652] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 462.163753] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.171769] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.179890] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.188004] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.196115] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.204241] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.212371] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 462.220384] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.228558] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 462.236676] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 462.243263] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 12:17:40 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000080)={'ipvs\x00'}, &(0x7f00000000c0)=0x1e) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 462.250749] Interruptibility = 00000000 ActivityState = 00000000 [ 462.257090] *** Host State *** [ 462.260917] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fda0f380 [ 462.267138] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 462.273663] FSBase=00007feb364db700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 462.281506] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 462.287683] CR0=0000000080050033 CR3=00000001fbcfc000 CR4=00000000001426e0 [ 462.294833] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 462.301540] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 462.307734] *** Control State *** [ 462.311231] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 462.318025] EntryControls=0000d1ff ExitControls=002fefff [ 462.323640] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 462.330618] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.337403] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.344088] reason=80000021 qualification=0000000000000000 12:17:40 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 462.350510] IDTVectoring: info=00000000 errcode=00000000 [ 462.356087] TSC Offset = 0xffffff047a4ee187 [ 462.360506] EPT pointer = 0x00000001fda7301e 12:17:40 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:17:40 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0xffffffffffffffe3, 0x900) getpeername$unix(r1, &(0x7f0000000240)=@abs, &(0x7f00000002c0)=0x6e) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x8, 0x8000) syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x406, r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x4) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 462.566452] QAT: Invalid ioctl 12:17:40 executing program 4: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x8000, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x200000, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x5, 0x4, 0x0, 0x8, 0x2, r0}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x40000) getsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 12:17:40 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0xfffffffffffffffc, 0x0) fcntl$addseals(r0, 0x409, 0x2) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r1, 0xc}}, 0x10) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000240)='/dev/udmabuf\x00', 0x2) [ 462.763230] *** Guest State *** [ 462.766750] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 462.775718] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 462.784703] CR3 = 0x0000000000000000 [ 462.788453] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 462.794535] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 462.800550] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 462.807372] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 462.815501] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.823753] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.831770] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.839898] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.847991] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 462.856075] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.864215] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 462.872295] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 462.880321] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 462.888466] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 462.895016] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 462.902580] Interruptibility = 00000000 ActivityState = 00000000 [ 462.908840] *** Host State *** 12:17:40 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 462.912345] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd2af380 [ 462.918381] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 462.924946] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 462.932864] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 462.938794] CR0=0000000080050033 CR3=00000000615d5000 CR4=00000000001426f0 [ 462.945943] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 462.952749] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 462.958837] *** Control State *** 12:17:41 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8002, 0x100800) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000500)={'vcan0\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000600)={&(0x7f0000000540)={0x1d, r1}, 0x10, &(0x7f00000005c0)={&(0x7f0000000580)=@can={{0x1, 0x1000, 0x7, 0x3}, 0x1, 0x2, 0x0, 0x0, "335c9b4addd12625"}, 0x10}, 0x1, 0x0, 0x0, 0x4000010}, 0x40) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) setsockopt$CAIFSO_REQ_PARAM(r0, 0x116, 0x80, &(0x7f00000000c0)="06003382375e2c0740ee2274c9c567d8a86a9f346eac3ffade7f3a7a10d18e5a52f690a422b37d577ec024b7c16148361ea8fdc04e131fdd1a2596a7734e2532c5ca96173541dbcae67ff2b0bda1bd95b4071369ca70b52d49ee0ffab10e33626cdc02acad0b1608be484525eb6a0d8d47d6082f191adb716efb25c354555a9e", 0x80) [ 462.962433] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 462.969138] EntryControls=0000d1ff ExitControls=002fefff [ 462.974769] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 462.981779] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.988656] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 462.995348] reason=80000021 qualification=0000000000000000 [ 463.001733] IDTVectoring: info=00000000 errcode=00000000 [ 463.007310] TSC Offset = 0xffffff0421fca156 [ 463.011673] TPR Threshold = 0x00 [ 463.015199] EPT pointer = 0x00000001fd64b01e 12:17:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) clock_adjtime(0x7, &(0x7f00000001c0)={0x2, 0xcaf, 0x255, 0x8, 0x7, 0x0, 0x9, 0xd1, 0x0, 0x71fe1141, 0x0, 0x1, 0x3, 0x800, 0x2, 0x100000000, 0x4, 0x5000000000, 0x2, 0x9, 0x8, 0x3, 0x1, 0xffffffff, 0x2, 0x8}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 463.052898] QAT: Invalid ioctl 12:17:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:17:41 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x101000, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)={0x8f3a68932ca0071d, 0x29, 0x2, {0x8, [{{0x14, 0x0, 0x6}, 0x7, 0xfffffffffffff7e2, 0x7, './file0'}]}}, 0x2a) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000000)) ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) 12:17:41 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) shutdown(r1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) fsetxattr$security_evm(r0, &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@md5={0x1, "b5b640c69d80fde18f3310a5fbb8e90f"}, 0x11, 0x1) 12:17:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000fe8000/0x4000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000fde000/0x3000)=nil, &(0x7f0000fe6000/0x2000)=nil, &(0x7f0000fe4000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fe8000/0x3000)=nil, &(0x7f0000fd9000/0x14000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000fec000/0x4000)=nil, &(0x7f00000005c0)="5a10dcb2b7a49cc6ff98f12c55c0fe68a92412de34bed39400e8b511d5fb2f8ff332c5f1ee1e24511e87fff7c55315aedea1dea12db56188da4952c6d73d0cfea052dce0f83a77921829c34e4d7cc083f288336b7a9acb1c9b4e78bd0fcb5828a6d9f3d19d672a87575d72f37a990742e1caa529117438787dec0d6c9320a2567df78c77dadf32a3886950c3aedaa629ffb08a83946a191231bb676132a8332fb09dbca8471458a7e056fad7d2efabb3b72be44503a8bca9650221a9d4237c03fe15a7f2f42dceb2b0bbd7adab0c498a177ef21996d8f26f3d5acc999cbd29b52d93f0d0f7dcf6d36808cf7e6c00a6cd38993a2fc187c377774324078ea86e29a2d30e8dffd1ad12679f22a6ca4d892044ebb5d9e22e89d61076c1b63b1d77ff177a4117c7141d2ea56c33ad15759f6dd4bd35e3ce96c513608ee756a1ea0d41534827af32bac3dbaef7f161b9f33f9c88ca39cf058b507eadc19223c7b1677d3290411fc03e8a46e7a3b7f5e3d97e95a8d7d2e09b583ed938750a6aeb4ebed617bbad9e985a3b690b01d211bd8c1a886ea3427516eebda87b82b472557bad0275228907ca2e521dea6d060a1c574e6464cebe300721f95a978cd0e67f346c37b21ab79c54d89145bd6ec76c7f6f394d1b77b210ca39183ef7508a2c6334ad104c339d0d1971056df5cd7e235be23b3918f403c70d9952ea72823a0a071c36751b9f872431bd9f43b5d2be083ba1323afb8f65e68a344a452d930df378f8b114fd8f5527b780201199c9aa6ae3b02d8b15aa7153df4a24ea7f5e67a7088d440d752ef50d56203a70fc2b26ce9a042e7414fa5c339668c1fe3b0f39a557ccb69aad647cf174a2524f169feee8e4c61910a1456f75dd94d28b2e9cb58df1126871c86ec9c0ffc0a95d61376ccfbd01fd9c77f55cdb54f9e215b25ec8aa4fc98abbdb4b843bb08e81d6d13fd102ef15fe9f8aa98d04a2964aed6c622b15d67480f53d57a05b9731a951b80a804a7f87774e015844c9108c510f32cbda5a8d22c5b744a7ef8cf0fcdda0a848133807095dadc1d7b63177328436295c2eb1cc8e12ebd7d49c4adc654032416d590df9b3d0eea000e58acded660546d77b922cb8a4314fa282591459e7fb010441b900c183c893efa9ec00a9ef5e6c656247280c655a1e057a692fd61e8df34fdcd4a8af5b7da7af5eb6951998b2b42132b577082dd04722885c05437b299e5db604f2e0ecfa85623e5e1ffd7863c5d75629055cc6318ae25c368afbc278f8614acb0290803d2efd529856c5d30aec498d0ebacb4250e59fa58e9617d5900ca4bf819d8f661386151a8ac7000c2f97646398b356923130ccc84e422ddc329023580eee540928cd10383bb4d60be1c6c2746c993e5e8f09aff7dc234bf65c1105dd97e6a8ab345b871c067baea558235cba69b3b40bd3cf4bdf8060c9506fa42f664b081af276ba9505a36cd5c0d8bf1153d94166eb8308589c3a635f3323730d44fb016606bfa901b34c932c97df4b8b31a4edadd2cffb31fdc25e0617e42beb89bd2964457d4e22cd880382c0910f2e5ae4f1df24761c2ed48f73345c4e84722a6e56a9422860ac0912905089a9bcac512ffca3f5e98adb89f5df400f112c704139da32e7dbdbfc353c80afe642d760095258479ef56b240ba8b99136d03512172813e83f574b42d33bf7571610a04649164d5429137702068f2c195022ce864c475ecd6734779f42a6e215b80ace46b1492157c6d29797d038fb5e346c183392326d96dbd584668a4bd60561a9bbd9af2c617164867fdfc2cd94fd847798f45ea97eb254967c5d4f8116abb6bcd2cf443dbf891030ce5af19cd5152778e3405cd360b9b4eddb4c22adc7b46e66ee4d68d11ec71d4b67998ea34970cd40275fc439ae4b5a94a7b26375f5e33d40415a9c554b3c501d51eb6ca9ee44b501fe693c5397c1cdc57602b9a17dda3aa32500055627fbdb91cbe2061e6b774b8baefe6551f17f6b89d934c88a9fce9e7b778fb769463f8d06e1566565139e3dda92b434b101b4c445a4c9dba0c15143eaf168c78f3041b88679d39ed87f7380b46e574b3bf73a4fae75b661268ca57d16fa24b051a324fef116d3d5cda1a58db16c1911b4daa194f5cfe92f27fdcf6820b5a6414cfdb0e7c17529f42062ac966e4d7a5b4dbbc784ea9b9a6989cda12c1cdbfc8d12ff11e4856345ab92aff3dd47e02add3392c9b2dd400795a573e0f6ed3b57acf612be48bd9cd32945f8bd11806bcce54e79c9fb78d2839f0a51eec8f09ce1c877eeba1e2adf8632c33f4552e170a8a5a5703eb20ab2578fd87fae1c741352427eb98344d61e123c1d01b1fdadb06afb07bd2dbb85937f2f994b03569716dfa353ffc44f66bbd7f72690b7b3ca66004ce1cd8cbcdc28afde68e7d32f4c08ec982690262ae17478594fd51ea0c85d1bd71e397269193382e62f29081c3d60bf8747dfec24da8affac40669cb7a9873c5e8a838b00daee4c10567d88e86511756b6afb7996001ada91e8b833a09e32cdce55343c0732034865ec7878bd37b59790a9a1e4dbfceca22996a31ec4fba22743ebdf67455b24a5eb8ea867feac8e9174fe8a589b4974113f9103a74c0f21cd8a1a8cee94cd23271eff4b5a66cc5a1af847c0dd507b5895503407d56561e4fb8b472a42509b872f08496ff60124b0b5e5652e806e8164a4f464eea627ffb47025a3376e70202340bf03d27017ecfb193b1acfdb78221e2222780918447ef6da19519e5958f6181e4cec09cdf7f4240356981d1ea90ec79559ccac9dd52db5444030e75eeba0e32e1ad7290fc1c5c86272fe19140435fc3aa052a67594ca3cc51178c74a76fe0e528a4b0f05182e383ea5a4c91192e23053b223f5ba627a1946276d1ec0bf3bc9f57b523afc1e9207fa5cff96edc38105a221e45ff82d2b8e00d387e3f19350b24ec8b63b2134be1f5278e710dd585c2ffa738d3436196ac59f454e9f1f4e6b32a3383c616cc801b6631988ca73af0af7184781ace2c9b447b568b40e44c8ec15c21f1ed534f1405d710d8b580ec7b3e033c2b73d4c3de14f8ee8772ee15eaf88fa496744e5946257616638627f2b0cf34c86b8c0e4f082b8e167b5e3cb544ba6be2c7366d208e060bf52070cbd84387d4be28b325caf689dcaa8c6d6d0285b65566ed87bc911e97ff8c2fab32c340ab31f4b1b8827bc722fc4692f2cd49998b42bd4eb55fd0caaaadf18103d16b131d505791a03c3d07f2f8520733086edba910fbc9af724066a67b16cb89349a134b323445070dac47baede1895720006f603ebd14bed7c368deb1647b27407cb1e505f8f2f52f3cabcfa7ddcfc7311b747a94051f0151c9b2ae0300a41c8351f6846c48cf070020bfbcf85b84ec4d2a6b2535c05bffa69197e4bd75e0a99ea41b58e3f58c23d9a2f9468a15decf29e6aec59ccc26a1f3bf8cb73c38c73d0ca2ad3c0c78c4d0f91f5b62fe27bf326f74d4f33124cd11326b14a9db12828933446ace0f7f23349cc34eddceb067d4a5c580b688595518134815f1d822fd74745518cff59ba5c7fa2c9c659a59cfa68234d574a73221d8b9f13b88b6bde380ba5f7b8bad7a3de04997b0285c431b769950dca4f21f282e8fbb7f582851d3e91d995b450eadb6937cc52bcafa8e254167fea8462cefa6e5f32a08dde20dc32aa76350230a43d78c081477253fc8e0efcea05d970dbaa9e356b2103faa021a60d05f3e89b5b6346aa7797b470079e29018771e95dc117c6ed8f9412f52b844e3b8753ab54754065b82795a87e1e5f41fb2d3af40357f594e372594ee7e1886eca4bfa99e7cc59f6a038a5bd6bb8122c921e355d77f904eebad793ab1a486a4667d50144687b93f8b3dcdaf8000665376c5b205b6eff16c8683b0d925eea765f8c1210393e2a3dd29ebf15d0ee05fa5eb8a5f4d98749c1ff4114042128c0defe7a943040a4d02ce2017c22cc99f321c2035ff09d76e64a0ab00c7adcc1d8cb3d75eece8a1632ad24df986355bf2a4cf40fba35fa0bbec3563348b6d2b572a395804b8a9ea3adea82951ca4cf5248500907440fea2e04909376cc2cf2526c0ccb25ad1cdbdfeaf5ad6205ea51891b14522dfbc084f758f55b6bb1e2ff65dcbf3272a3bb240ca21187a0b20a43f00ec1f64e427e579726c02de1efb580bec6d0d449c64b8b5393864887ae2e53ccc4defb7f8292a3d938bc6e123b6285ee76fada62b2867b2103ea75f0c5d36230d2962f190d8855a16d3b8e61cc5a26cf5e10fe21ae10af9ac6c2536297cf7533bcd669fdf6ff690500955c0e978b89947a79cb28e279b5a11397d09137cb3303a3b404f6c7e46453f0a23f09b2c6c07dc11bb4f74a0bd194681a94d6e5f957c7c8561699cdf93710ab842f5860f880d7ee01933960463554c61b42f8fc0f1078516c0bb9cda3d511c6cb7522a9d4303b31805baefefcc9c1d1e2942df2cfb1b68324766132786cfcd16cdea91afb6cd7a65aa62bc2af106fd3c12c28bd6e92a74731d6b25d271ef3071070ba4040e964cd406c6d8445aefcd49e80af2962087d4dd5cdbe4fa0bc66fe31bcb3a9b229f4ee6aec01736b2dff3d7e67e6aaefd38c8d9ffb62d39be43c38c9d70485d8c88eb521d2b66cb9ddcae1d2f4b5f675d9442fa00b2b5ca21406905ba6c5bbe5b657bc2aa1b4f88fe6365ef73694b355f742a6a60be95d40f0afa50151a824e2e57c6eea1cdaf80c4cdfe6e8551be4aac6c6e3f9880f17a579d1ab3082cfe37758413e27e229aa0738624d7e22ee6e31e685d24cb9392e3acd7e16c65d57fd1e37d15650e6a0e90e47a63da9cdf244756e235cf484bb9e9c72b00cdb93a1a8ce908a81c0996430bd8e9eaaf54c760c6fba97239b696060bcbbcf322af475de9023044addb2213cfbcbcbdd89a58d5f109231b4d748b17c6f73b38c68154ddb1bb4758918fa7bdb2a7fa65cac94c29efa3b45094097e7c1f86285f498e919c9a955b04cbf129e1ef8a8864dc06a890fc8c9d750ab701534c350038b0fb4e36b77339f1503ead277e8f5a78dd9e255f40fb27a35b8aa23479c691ff3cd0a71f739436d3c8108be70d962f3991af2177b8713b7139d0329624dadba1b754922760a7a25d6e21a3620c7404094fe931a9f59ab1417a724d828130c39f7aa8cb97af7c560ff9d759cb3e4dbe116e75794223122db855a46ad844d6137487db27fb804f3303f10ebcec67030dbcba1b2789bff9558e0985a665e67ce3922d94eac6e8c46a998b7d4c9a7961181ea7422f185ef087470569680c4110d919753ac4e628f4bc4b2108546ad463045952195071c8cd13799007a2df3472751133b55aebd0ad1e29faf6b5a97d167354721c1a7875b519de1237170c63cebaf96be7baacaf82c9718bc19f55ae3bf25a20cbedd4573f48075e3c23972334ff3d94a8c8b081d03a0e521b91e8e759ba69d5ab4b461cbc5d10d38e3db5a54169bbd711f77f04415c8d9e65470e33f188e8d0f2a40974f4faac6e20d76d834ced19c3bc44f0056b0673fb95c1d680f4a6b302d3f400e71396b070b86d3dda39381e3678f7b7608ae90c6a1343fb9d12d481f9e99972a7fcad629c72003744041dc0c4e7096f0f340d480c2c1046e96c91cb844c8bcde541219f652f102047515284747cc200fbdc05fc456f6808e0bb74a3b6445f0c4d0b3a8b836cc24e220f73d2129c23ed5ad1753f83265abeb81e5d2465fb2611d78a1f57d0810cc1752a0995f3c979f38aa5f9b7b9344ae6b9208", 0x1000, r1}, 0x68) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000140)={@loopback, @remote}, &(0x7f0000000180)=0xc) [ 463.394188] *** Guest State *** [ 463.397659] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 463.406708] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 463.412229] QAT: Invalid ioctl [ 463.415654] CR3 = 0x0000000000000000 [ 463.415674] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 463.415709] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 463.419726] QAT: Invalid ioctl [ 463.422742] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 463.422774] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 463.422809] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 463.422846] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 463.422880] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 463.422915] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 463.422949] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 463.422976] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 463.423011] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 463.423036] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 463.423074] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 463.525744] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 463.532322] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 463.540012] Interruptibility = 00000000 ActivityState = 00000000 [ 463.546401] *** Host State *** [ 463.549645] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd32f380 [ 463.555771] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 463.562328] FSBase=00007f81c4f05700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 463.570216] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 463.576260] CR0=0000000080050033 CR3=00000001fdcd7000 CR4=00000000001426f0 [ 463.583438] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 463.590177] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 463.596447] *** Control State *** [ 463.599939] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 463.606740] EntryControls=0000d1ff ExitControls=002fefff [ 463.612309] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 463.619273] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 463.626103] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 463.632823] reason=80000021 qualification=0000000000000000 [ 463.639289] IDTVectoring: info=00000000 errcode=00000000 [ 463.644919] TSC Offset = 0xffffff03d19569c6 [ 463.649265] TPR Threshold = 0x00 [ 463.652770] EPT pointer = 0x00000001fd2e901e 12:17:41 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x80000000, 0x0) getpeername$netlink(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xc) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) [ 463.864306] QAT: Invalid ioctl [ 463.871722] QAT: Invalid ioctl [ 463.908574] QAT: Invalid ioctl 12:17:52 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x0, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:17:52 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x20, 0x70bd29, 0x25dfdbfc, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40084}, 0x40800) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:17:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x800, 0x400001) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000001c0)=0xf0e, 0x4) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:17:52 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) fdatasync(r0) 12:17:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) clock_adjtime(0x7, &(0x7f00000001c0)={0x2, 0xcaf, 0x255, 0x8, 0x7, 0x0, 0x9, 0xd1, 0x0, 0x71fe1141, 0x0, 0x1, 0x3, 0x800, 0x2, 0x100000000, 0x4, 0x5000000000, 0x2, 0x9, 0x8, 0x3, 0x1, 0xffffffff, 0x2, 0x8}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 474.094781] QAT: Invalid ioctl [ 474.104919] QAT: Invalid ioctl 12:17:52 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40000) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4) getpeername$netlink(r1, &(0x7f0000000100), &(0x7f0000000180)=0xc) ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000080)={0x8013, "1c5202e2c873c91a6de877bb89fdc46b883dc66f515924da558ee6a6cd666835", 0x1, 0x1}) rt_sigpending(&(0x7f0000000200), 0x8) 12:17:52 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 474.267650] *** Guest State *** [ 474.271082] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 474.280139] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 474.289143] CR3 = 0x0000000000000000 [ 474.293071] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 474.299088] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 474.305188] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 474.312033] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 474.324291] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.332384] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.335685] QAT: Invalid ioctl [ 474.340403] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.340449] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.340484] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.340512] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 474.340557] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 474.383993] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 474.392112] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 474.400143] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 474.406729] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 474.414278] Interruptibility = 00000000 ActivityState = 00000000 [ 474.420534] *** Host State *** [ 474.423865] RIP = 0xffffffff812b0dfc RSP = 0xffff88806d76f380 [ 474.429898] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 474.436455] FSBase=00007f81c4f27700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 474.444357] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 474.450287] CR0=0000000080050033 CR3=000000006370b000 CR4=00000000001426e0 [ 474.457471] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 474.464251] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 474.470331] *** Control State *** [ 474.473911] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 474.480618] EntryControls=0000d1ff ExitControls=002fefff [ 474.486232] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 474.493292] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 474.499994] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 474.506706] reason=80000021 qualification=0000000000000000 [ 474.513123] IDTVectoring: info=00000000 errcode=00000000 12:17:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r3, r2, 0x80000) ioctl$EVIOCSMASK(r4, 0x40104593, &(0x7f0000000140)={0x17, 0x5e, &(0x7f0000000240)="b2d1e61feadca3b9d12e3d393b9f377952df76ed10c9f7ac3f972c9cd57f0b0289bfc12ec9cb978c668c48bd69c10fa1a5a5a1b843fe41cbb581d5da9f6810f09b08587ba49bea187ad0c1c645fe43b4a3b511b66befa4e6e0562b0f9edb"}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, &(0x7f00000001c0)) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000200)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:17:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:17:52 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$IMCLEAR_L2(r0, 0x80044946, &(0x7f0000000040)=0x1) clock_gettime(0x0, &(0x7f0000006700)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000006580)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000080)=""/171, 0xab}, {&(0x7f0000000140)=""/22, 0x16}, {&(0x7f0000000180)=""/12, 0xc}, {&(0x7f00000001c0)=""/112, 0x70}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/20, 0x14}, {&(0x7f0000001280)=""/124, 0x7c}], 0x7, &(0x7f0000001380)=""/161, 0xa1}, 0x2d}, {{&(0x7f0000001440)=@x25={0x9, @remote}, 0x80, &(0x7f00000025c0)=[{&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/210, 0xd2}], 0x2, &(0x7f0000002600)=""/156, 0x9c}, 0x9}, {{&(0x7f00000026c0), 0x80, &(0x7f0000004740)=[{&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/4096, 0x1000}], 0x2}, 0x9}, {{&(0x7f0000004780)=@llc, 0x80, &(0x7f0000004940)=[{&(0x7f0000004800)=""/1, 0x1}, {&(0x7f0000004840)=""/199, 0xc7}], 0x2, &(0x7f0000004980)=""/102, 0x66}, 0x4}, {{&(0x7f0000004a00)=@ethernet={0x0, @local}, 0x80, &(0x7f0000005e80)=[{&(0x7f0000004a80)=""/162, 0xa2}, {&(0x7f0000004b40)}, {&(0x7f0000004b80)=""/91, 0x5b}, {&(0x7f0000004c00)=""/75, 0x4b}, {&(0x7f0000004c80)=""/4096, 0x1000}, {&(0x7f0000005c80)=""/253, 0xfd}, {&(0x7f0000005d80)=""/247, 0xf7}], 0x7}, 0x780}, {{0x0, 0x0, &(0x7f0000006480)=[{&(0x7f0000005f00)=""/135, 0x87}, {&(0x7f0000005fc0)=""/44, 0x2c}, {&(0x7f0000006000)=""/62, 0x3e}, {&(0x7f0000006040)=""/144, 0x90}, {&(0x7f0000006100)=""/44, 0x2c}, {&(0x7f0000006140)=""/113, 0x71}, {&(0x7f00000061c0)=""/38, 0x26}, {&(0x7f0000006200)=""/82, 0x52}, {&(0x7f0000006280)=""/250, 0xfa}, {&(0x7f0000006380)=""/245, 0xf5}], 0xa, &(0x7f0000006540)=""/19, 0x13}, 0x1}], 0x6, 0x0, &(0x7f0000006740)={r1, r2+10000000}) [ 474.518617] TSC Offset = 0xfffffefdfbb89817 [ 474.523068] EPT pointer = 0x000000006369801e [ 474.703693] QAT: Invalid ioctl [ 474.707949] QAT: Invalid ioctl [ 474.729346] QAT: Invalid ioctl [ 474.736537] QAT: Invalid ioctl [ 474.787689] *** Guest State *** [ 474.791026] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 474.800199] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 474.809140] CR3 = 0x0000000000000000 [ 474.813013] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 474.819017] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 474.825139] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 474.831917] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 474.839936] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.848041] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.856119] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.864244] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.872311] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 474.880338] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 474.888446] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 474.896515] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 474.904615] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 474.912712] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 474.919173] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 474.926768] Interruptibility = 00000000 ActivityState = 00000000 [ 474.933067] *** Host State *** 12:17:52 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xd, 0x0, 0x4, 0x100, 0x0, r0}, 0x2c) [ 474.936275] RIP = 0xffffffff812b0dfc RSP = 0xffff88805fedf380 [ 474.942367] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 474.948799] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 474.956717] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 474.962686] CR0=0000000080050033 CR3=000000001718b000 CR4=00000000001426e0 [ 474.969764] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 474.976549] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 474.982734] *** Control State *** [ 474.986203] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 474.992963] EntryControls=0000d1ff ExitControls=002fefff [ 474.998428] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 475.005456] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.012178] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.018841] reason=80000021 qualification=0000000000000000 [ 475.025266] IDTVectoring: info=00000000 errcode=00000000 [ 475.030743] TSC Offset = 0xfffffefdaf20b59f [ 475.035173] EPT pointer = 0x000000006bafd01e 12:17:53 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x0, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:17:53 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000040)) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) dup(r0) 12:17:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:17:53 executing program 3 (fault-call:2 fault-nth:0): unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:17:53 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) fsetxattr$security_smack_transmute(r1, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x1) [ 475.129669] QAT: Invalid ioctl 12:17:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_GET_DUMPABLE(0x3) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0xffffffffffffffff], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 475.155729] FAULT_INJECTION: forcing a failure. [ 475.155729] name failslab, interval 1, probability 0, space 0, times 0 [ 475.167025] CPU: 1 PID: 18475 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #2 [ 475.174215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 475.183677] Call Trace: [ 475.186299] dump_stack+0x173/0x1d0 [ 475.189948] ? __should_failslab+0x278/0x2a0 [ 475.194372] should_fail+0xa19/0xb20 [ 475.198112] __should_failslab+0x278/0x2a0 [ 475.202366] should_failslab+0x29/0x70 12:17:53 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) prctl$PR_GET_DUMPABLE(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x8, 0x100, 0xffffffffffffffed}, 0x1fc) [ 475.206270] __kmalloc_track_caller+0x1d3/0xce0 [ 475.210947] ? __fdget+0x4e/0x60 [ 475.214337] ? __do_sys_bpf+0x37c8/0xfbf0 [ 475.218498] ? __fget_light+0x1fe/0x750 [ 475.222486] memdup_user+0x79/0x190 [ 475.226181] __do_sys_bpf+0x37c8/0xfbf0 [ 475.230205] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 475.235600] ? __sb_end_write+0xb7/0x130 [ 475.239694] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 475.245185] ? prepare_exit_to_usermode+0x114/0x420 [ 475.250221] ? syscall_return_slowpath+0x50/0x650 [ 475.255087] __se_sys_bpf+0x8e/0xa0 [ 475.258726] __x64_sys_bpf+0x4a/0x70 [ 475.262458] do_syscall_64+0xbc/0xf0 [ 475.266212] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 475.271412] RIP: 0033:0x457ec9 [ 475.274618] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 475.293523] RSP: 002b:00007f81c4f26c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 475.301239] RAX: ffffffffffffffda RBX: 00007f81c4f26c90 RCX: 0000000000457ec9 [ 475.308512] RDX: 0000000000000018 RSI: 0000000020000300 RDI: 0000000000000015 [ 475.311702] *** Guest State *** [ 475.315797] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 475.315813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f81c4f276d4 [ 475.315826] R13: 00000000004c8708 R14: 00000000004ce1b0 R15: 0000000000000004 [ 475.333963] QAT: Invalid ioctl [ 475.334101] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 475.353444] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 475.362387] CR3 = 0x0000000000000000 [ 475.366136] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 475.372245] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 475.375216] QAT: Invalid ioctl [ 475.378231] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 475.378250] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 475.378272] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.378294] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.378314] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.378334] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.378361] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.426813] *** Guest State *** [ 475.428534] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 475.428556] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 475.428570] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 475.428606] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 475.436705] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 475.439956] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 475.447982] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 475.456071] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 475.463980] CR3 = 0x0000000000000000 [ 475.463993] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 475.464015] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 475.472005] Interruptibility = 00000000 ActivityState = 00000000 [ 475.472011] *** Host State *** [ 475.472025] RIP = 0xffffffff812b0dfc RSP = 0xffff88805fedf380 [ 475.472062] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 475.480885] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 475.487706] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 12:17:53 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) write(r0, &(0x7f0000000080)="66c6253da3bcc494b32311fa8b750822d87cb09973", 0x15) [ 475.496620] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 475.504041] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 475.504064] CR0=0000000080050033 CR3=00000000176f3000 CR4=00000000001426f0 [ 475.507776] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.513807] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 475.513838] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 475.513869] *** Control State *** [ 475.519833] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.526153] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 475.529286] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.535271] EntryControls=0000d1ff ExitControls=002fefff [ 475.535298] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 475.541703] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.549066] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 12:17:53 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f00000002c0)={0x12713, 0x0, &(0x7f0000ffc000/0x3000)=nil}) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @initdev, @loopback}, &(0x7f0000000100)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000140)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@initdev}}, &(0x7f0000000240)=0xe8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'hwsim0\x00', 0x0}) accept4$packet(r0, &(0x7f0000000c80)={0x11, 0x0, 0x0}, &(0x7f0000000cc0)=0x14, 0x80000) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000e00)={'vcan0\x00', r3}) socket(0xd, 0x80b, 0x0) getsockname$packet(r0, &(0x7f0000000e40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000e80)=0x14) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000f00)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000001000)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001040)={'vcan0\x00', 0x0}) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x20, 0x30}, &(0x7f0000000340)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000380)={r10, 0xd7, "d62fb8705f587b69d9e0fa68196d0b23f2d0003a9e198bc1282bf3203ef0212e311808719441f3d7ae757f9d2eb8700c8dbdd3ecbb3084e1bbd2cfd8d8661eb7d2e0581999a52c7912f312be51710163cd8def4f4539f6ffd5c8d6c9c12079dff35057ca77e2f462f61a16ea8bd009dcb980a3eee90349e755c126a30361548e95fba7137a9f594a899016e0af177dc6ccf42d3cddf8b335f38e66d6e1a05098b30ffc56d8ff4f7ca95d6aa3624fbe3fcb66a7e5cc324cfb7e24a944e1e82261b566144df5f37049dbd9ec2ae1b6fb629cebd3fce1033e"}, &(0x7f0000000480)=0xdf) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001140)={'team0\x00', 0x0}) getpeername$packet(r0, &(0x7f0000001180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000011c0)=0x14) accept4$packet(r0, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001240)=0x14, 0x80000) getsockname$packet(r0, &(0x7f00000034c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000003500)=0x7) getpeername$packet(r0, &(0x7f0000003d00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000003d40)=0x14) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000003d80)={0x0, @initdev, @multicast2}, &(0x7f0000003dc0)=0xc) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000004300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000002}, 0xc, &(0x7f00000042c0)={&(0x7f0000003e00)={0x4b4, r1, 0x400, 0x70bd26, 0x25dfdbfb, {}, [{{0x8, 0x1, r2}, {0x204, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r4}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r5}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0x0, 0x9, 0xec1d, 0x3ff}, {0x7, 0xfffffffffffffff9, 0xfd75, 0x9}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x58}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0xffffffff}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xb8, 0x2, [{0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x4}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xffff}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r11}, {0xfc, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x278}}}]}}, {{0x8, 0x1, r14}, {0x48, 0x2, [{0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x14, 0x4, 'activebackup\x00'}}}]}}, {{0x8, 0x1, r15}, {0x78, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}]}}]}, 0x4b4}, 0x1, 0x0, 0x0, 0x40800}, 0x24000004) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 475.549090] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.556931] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 475.564916] reason=80000021 qualification=0000000000000000 [ 475.564951] IDTVectoring: info=00000000 errcode=00000000 [ 475.570845] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 475.577900] TSC Offset = 0xfffffefd64a3033b [ 475.585911] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 475.592576] TPR Threshold = 0x00 [ 475.592596] EPT pointer = 0x000000008c7f001e [ 475.598650] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 475.715326] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 475.723566] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 475.729983] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 475.737500] Interruptibility = 00000000 ActivityState = 00000000 [ 475.738813] QAT: Invalid ioctl [ 475.743837] *** Host State *** [ 475.743872] RIP = 0xffffffff812b0dfc RSP = 0xffff888063baf380 [ 475.743898] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 475.743915] FSBase=00007feb364ba700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 475.743929] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 475.743946] CR0=0000000080050033 CR3=000000007d425000 CR4=00000000001426e0 [ 475.743967] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 475.743981] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 475.743986] *** Control State *** [ 475.744000] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 12:17:53 executing program 4: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) write$sndseq(r2, &(0x7f0000000640)=[{0x81, 0x100000001, 0x0, 0x0, @tick, {}, {}, @control={0x4}}], 0x30) write$sndseq(r2, &(0x7f0000000100)=[{0x5, 0x7ff, 0x0, 0x0, @time, {}, {}, @queue}], 0x30) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000080)={0x0, @reserved}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r3}, 0x2c) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x5) sysfs$2(0x2, 0x0, &(0x7f0000000140)=""/156) 12:17:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x4c09, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) openat$uhid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uhid\x00', 0x802, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x4000, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r5, 0x114, 0x1, &(0x7f0000000200)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) [ 475.744009] EntryControls=0000d1ff ExitControls=002fefff [ 475.744023] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 475.744034] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.744045] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.744054] reason=80000021 qualification=0000000000000000 [ 475.744065] IDTVectoring: info=00000000 errcode=00000000 [ 475.744084] TSC Offset = 0xfffffefd5a2afe62 [ 475.755471] QAT: Invalid ioctl [ 475.756534] EPT pointer = 0x000000008c99301e 12:17:53 executing program 3 (fault-call:2 fault-nth:1): unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 475.894295] QAT: Invalid ioctl [ 475.927409] QAT: Invalid ioctl [ 475.983038] QAT: Invalid ioctl [ 476.003908] FAULT_INJECTION: forcing a failure. [ 476.003908] name failslab, interval 1, probability 0, space 0, times 0 [ 476.015606] CPU: 1 PID: 18508 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #2 [ 476.022854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 476.032286] Call Trace: [ 476.034963] dump_stack+0x173/0x1d0 [ 476.038667] ? __should_failslab+0x278/0x2a0 [ 476.043138] should_fail+0xa19/0xb20 [ 476.046945] __should_failslab+0x278/0x2a0 [ 476.051244] should_failslab+0x29/0x70 [ 476.051994] *** Guest State *** [ 476.055197] __kmalloc+0xb3/0x3a0 [ 476.055259] ? __do_sys_bpf+0x8cc2/0xfbf0 [ 476.055319] __do_sys_bpf+0x8cc2/0xfbf0 [ 476.058604] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 476.062095] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 476.062169] ? __sb_end_write+0xb7/0x130 [ 476.062230] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 476.066359] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 476.070359] ? prepare_exit_to_usermode+0x114/0x420 [ 476.079214] CR3 = 0x0000000000000000 [ 476.084556] ? syscall_return_slowpath+0x50/0x650 [ 476.084598] __se_sys_bpf+0x8e/0xa0 [ 476.084641] __x64_sys_bpf+0x4a/0x70 [ 476.088695] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 476.094148] do_syscall_64+0xbc/0xf0 [ 476.094208] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 476.094234] RIP: 0033:0x457ec9 [ 476.094279] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 476.103172] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 476.108144] RSP: 002b:00007f81c4f26c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 476.111910] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 476.116700] RAX: ffffffffffffffda RBX: 00007f81c4f26c90 RCX: 0000000000457ec9 [ 476.116732] RDX: 0000000000000018 RSI: 0000000020000300 RDI: 0000000000000015 [ 476.120367] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 476.124056] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 476.124076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f81c4f276d4 [ 476.124094] R13: 00000000004c8708 R14: 00000000004ce1b0 R15: 0000000000000004 [ 476.144965] QAT: Invalid ioctl [ 476.161613] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.161648] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.161685] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.254452] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.262702] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 476.270713] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 476.274501] QAT: Invalid ioctl [ 476.278843] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 476.278869] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 476.278918] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 476.278970] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 476.298851] QAT: Invalid ioctl [ 476.306301] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 476.306321] Interruptibility = 00000000 ActivityState = 00000000 [ 476.306331] *** Host State *** [ 476.306355] RIP = 0xffffffff812b0dfc RSP = 0xffff88806007f380 [ 476.306395] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 476.306423] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 476.306450] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 476.306477] CR0=0000000080050033 CR3=0000000090726000 CR4=00000000001426f0 [ 476.306507] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 476.306529] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 476.306552] *** Control State *** [ 476.357714] QAT: Invalid ioctl [ 476.359581] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 476.359599] EntryControls=0000d1ff ExitControls=002fefff [ 476.359626] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 476.359647] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 476.359668] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 476.359695] reason=80000021 qualification=0000000000000000 [ 476.359711] IDTVectoring: info=00000000 errcode=00000000 [ 476.359741] TSC Offset = 0xfffffefcfedf5b1c [ 476.369863] QAT: Invalid ioctl [ 476.373604] TPR Threshold = 0x00 [ 476.373623] EPT pointer = 0x000000008afe401e [ 476.446660] QAT: Invalid ioctl 12:18:04 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x20002, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000140)={0x9, 0x1, 0x0, 0x0, 0xfffffffffffffff8, 0x100000001, 0x9, 0xf388, 0x3, 0xfffffffffffffffb, 0xfff, 0x9, 0x0, 0x4, 0xe4, 0x4, 0x9, 0x200, 0x9}) getxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.opaque\x00', &(0x7f0000000200)=""/13, 0xd) setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) 12:18:04 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x0, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:18:04 executing program 3 (fault-call:2 fault-nth:2): unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000140)={@ipv4={[], [], @multicast1}, 0x90, 0x0, 0x0, 0x3, 0x5, 0x7fff}, &(0x7f00000001c0)=0x20) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:04 executing program 1: r0 = syz_open_dev$rtc(&(0x7f0000000040)='/dev/rtc#\x00', 0x6, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='\x00', 0x1, 0x1) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40008, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) r2 = geteuid() ioprio_get$uid(0x0, r2) [ 486.913344] QAT: Invalid ioctl [ 486.924080] QAT: Invalid ioctl 12:18:05 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'bcsh0\x00', {0x2, 0x4e21, @remote}}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) [ 487.050408] *** Guest State *** [ 487.054073] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 487.063191] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 487.072174] CR3 = 0x0000000000000000 [ 487.075951] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 487.082187] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 487.088257] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 487.095216] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 487.103421] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.111514] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.119711] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.127882] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.136343] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.144621] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 487.152843] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 487.160882] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 487.169195] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 487.177369] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 487.183962] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 487.191471] Interruptibility = 00000000 ActivityState = 00000000 [ 487.197905] *** Host State *** 12:18:05 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x3, 0x4) [ 487.201209] RIP = 0xffffffff812b0dfc RSP = 0xffff88805badf380 [ 487.207454] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 487.214143] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 487.222154] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 487.228111] CR0=0000000080050033 CR3=00000000634c9000 CR4=00000000001426e0 [ 487.235363] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 487.242153] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 487.248262] *** Control State *** [ 487.251765] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 487.259599] EntryControls=0000d1ff ExitControls=002fefff [ 487.265188] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 487.272286] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 487.279101] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 487.285853] reason=80000021 qualification=0000000000000000 [ 487.289009] QAT: Invalid ioctl [ 487.292279] IDTVectoring: info=00000000 errcode=00000000 12:18:05 executing program 3: unshare(0x100) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8, 0x10000000100) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000200)={r0, &(0x7f0000000040)="7e8503c3eeed49bcbbd1a9dd4fd21c72548408d8cfec550cbf6aa10c9fcf3dc1b8b7d583a0d999dd534bf08d8b1234d299a9f745dba4f6faeb5fb5b66e2876d63f8b595dcf53cf5eba7cdefa65fed3c4c89348cfd3a99a92d2658092c9ceae58f25d8835417b1afad9f87f8e6f633af8e378e927bff6c981adab9acfd71b898be1db05a0fde13cf5bf5139f3c7cd602e829dbf0f3607e8c789e2ae3b47f8daa99424998b4e884c9aac6e9a247abc7a3fc4328af90e3ee94855b7", &(0x7f0000000100)=""/235}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x3f, 0x30}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000340)={r2, 0x59, "6be19087714876ddc745d4941c6bb3bc0529c4916e0733c8642a525f6fb8c19eca3fbfd30f3ca9bc66fafcfc79b42c734983f1cdfaf484d743d3d1ebad99c77c833d2cca8e1bd1710d3ad27e5155bd1c59164ea9629c43f8ec"}, &(0x7f00000002c0)=0x61) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) bind$netlink(r0, &(0x7f00000003c0)={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc) fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000400)) [ 487.292297] TSC Offset = 0xfffffef72314bffb [ 487.292311] TPR Threshold = 0x00 [ 487.292331] EPT pointer = 0x00000000613ed01e 12:18:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r3, 0x40bc5311, &(0x7f0000000280)={0x27, 0x0, 'client1\x00', 0x0, "e7ef4abd4dfc3962", "0f7ec08e2abadaa77ad3d6ef08114f6a92517d3f85baad570659dcd6734c7552", 0x4, 0x7}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x94e, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffc], 0x1f000, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:18:05 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = dup3(r0, r0, 0x80000) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @initdev}, &(0x7f0000000100)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @broadcast}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000240)=0xe8) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000002c0)=0x14) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000300)={{{@in, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000400)=0xe8) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000500)={0x0, @dev, @broadcast}, &(0x7f0000000540)=0xc) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000c80)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@loopback}}, &(0x7f0000000d80)=0xe8) accept$packet(0xffffffffffffffff, &(0x7f0000000e00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000e40)=0x14) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000f40)={@empty, @broadcast, 0x0}, &(0x7f0000000f80)=0xc) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001080)={0x0, @multicast1}, &(0x7f00000010c0)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000001340)={{{@in6=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000001440)=0xe8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001480)={'teql0\x00', 0x0}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000014c0)={@empty, 0x0}, &(0x7f0000001500)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000002e80)={'teql0\x00', 0x0}) getpeername$packet(0xffffffffffffff9c, &(0x7f0000002ec0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002f00)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000002f40)={0x0, @loopback, @broadcast}, &(0x7f0000002f80)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000002fc0)={'vcan0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000003000)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000003100)=0xe8) getpeername$packet(0xffffffffffffff9c, &(0x7f0000003140)={0x11, 0x0, 0x0}, &(0x7f0000003180)=0x14) getsockname$packet(0xffffffffffffff9c, &(0x7f00000031c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000003200)=0x14) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000008340)={0x0, @multicast2, @loopback}, &(0x7f0000008380)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000083c0)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000084c0)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008500)={'ip6tnl0\x00', 0x0}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f0000008540)={@local, 0x0}, &(0x7f0000008580)=0x14) accept4$packet(0xffffffffffffffff, &(0x7f0000008840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000008880)=0x14, 0x800) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000088c0)={'veth0_to_bond\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000008940)={{{@in6=@loopback, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000008a40)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000009480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000009440)={&(0x7f0000008a80)={0x984, r2, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [{{0x8, 0x1, r3}, {0x124, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r6}, {0xf8, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x80000001}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x224, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xffff}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x40}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x15}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r13}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0xc, 0x4, [{0x7fff, 0x3, 0x6, 0x80000001}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r14}}}]}}, {{0x8, 0x1, r15}, {0x1a4, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x7fff}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r16}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r17}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r18}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}, {0x8, 0x6, r19}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}]}}, {{0x8, 0x1, r20}, {0x1f0, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r21}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r22}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r23}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xffffffff}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x2f}}, {0x8, 0x6, r24}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x3ff}}}]}}, {{0x8, 0x1, r25}, {0x78, 0x2, [{0x74, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x44, 0x4, [{0x4, 0x4, 0x0, 0xcb}, {0x70, 0x60000, 0x9, 0x2}, {0xffffffffb30cd193, 0x100000000, 0x8, 0x7743}, {0x5, 0x4, 0x9, 0xd156}, {0x0, 0x10000, 0x80, 0x1}, {0x1, 0x20, 0x3, 0x4}, {0x7f, 0x7fff, 0x401, 0x306}, {0x0, 0x100000000, 0x5, 0x6}]}}}]}}, {{0x8, 0x1, r26}, {0xec, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r27}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x1d09}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r29}}}]}}]}, 0x984}}, 0x4000) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:18:05 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r1 = shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') openat$vimc1(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video1\x00', 0x2, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="04000037c187", @ANYRES16=r2, @ANYBLOB="00022abd7000fbdbdf25010000001c00030008000500e00000010800040000800000080008000000000008000400ff0300005800010008000b00736970000c000700200000000200000008000500010000000c0006006c626c637200000008000b00736970000800050002000000080004004e23000014000300fe88000000000000000000000000000178000300080007004e220000140002007663616e30000000000000000000000014000600fe88000000000000000000000000000108000500ac141427080007004e20000008000800060000000800080000000000140006000000000000000000000000000000000008000800dc00000008000500000000000800040004000000700003001400020065727370616e300000000000000000001400060000000000000000000000ffffac1e00010800030002000000080004008100000008000500ac1e0001080008000100000014000200626f6e645f736c6176655f31000000000800080008000000080001000200000008000500000000000c00030008000400ffff0000"], 0x194}, 0x1, 0x0, 0x0, 0x84}, 0x20008040) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000380)={'ip6_vti0\x00', @dev={[], 0x1d}}) io_setup(0x8, &(0x7f00000003c0)) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$NBD_SET_SIZE(r0, 0xab02, 0x9) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000100)=0x9, 0x4) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)=0xffffffffffffb852, 0x4) 12:18:05 executing program 3: unshare(0x28020400) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x0, 0x0) r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x8}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x7, 0x9, 0x36, r0}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) [ 487.807827] QAT: Invalid ioctl [ 487.811443] QAT: Invalid ioctl [ 487.829705] *** Guest State *** [ 487.833213] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 487.842389] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 487.847781] QAT: Invalid ioctl [ 487.851266] CR3 = 0x0000000000000000 12:18:05 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x0, 0x100000001, 0x0, r0}, 0x2c) 12:18:05 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x8, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x5, 0xffffffffffffffed, 0x0, r0}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r0, &(0x7f00000000c0)="b210bf98907bdaebe00d89bd607e5358532362ff7663a4f533b8a69effb2d16b51e498c735ba774f5814475864d8f6155993049badbde880d656dfc26c133dea53930b49daaa93"}, 0x10) syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x20000) 12:18:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 487.851287] RSP = 0x0000000000000000 RIP = 0x000000000001f000 [ 487.851311] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 487.851348] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 487.878019] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 487.882207] QAT: Invalid ioctl [ 487.886202] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.897251] QAT: Invalid ioctl [ 487.897512] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.902135] QAT: Invalid ioctl [ 487.908778] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.920050] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.928177] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 487.936205] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 487.944266] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 487.952543] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 487.960567] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 487.968681] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 487.975228] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 487.982845] Interruptibility = 00000000 ActivityState = 00000000 [ 487.989099] *** Host State *** [ 487.992418] RIP = 0xffffffff812b0dfc RSP = 0xffff88805e78f380 [ 487.998441] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 12:18:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = semget(0x0, 0x2, 0x20) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000000)=""/4) [ 488.005041] FSBase=00007f3a33a69700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 488.012979] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 488.018927] CR0=0000000080050033 CR3=0000000089928000 CR4=00000000001426e0 [ 488.026978] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 488.033764] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 488.039867] *** Control State *** [ 488.043445] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 488.050150] EntryControls=0000d1ff ExitControls=002fefff [ 488.055796] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 488.062839] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 488.069538] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 488.076238] reason=80000021 qualification=0000000000000000 [ 488.082644] IDTVectoring: info=00000000 errcode=00000000 [ 488.088135] TSC Offset = 0xfffffef6b772ec24 [ 488.092571] TPR Threshold = 0x00 [ 488.095982] EPT pointer = 0x000000008fce801e 12:18:06 executing program 4: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x40, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x40001, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x1005, 0x5, 0x7, 0x9, 0x0, r0}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1f, 0x4, 0x3, 0xffff000000000000, 0x34, r1, 0x9}, 0x2c) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000100)={r1, 0x0, 0x8001, 0x7, 0x9}) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) 12:18:06 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0xdc, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e23, 0xffffffffffff80ff}, @in6={0xa, 0x4e21, 0x3, @local, 0x80000001}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1a}}, @in6={0xa, 0x4e20, 0x4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xfffffffffffffffe}, @in={0x2, 0x4e22, @multicast1}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, [], 0x2b}, 0x20}, @in6={0xa, 0x4e24, 0xcb90, @ipv4={[], [], @broadcast}, 0x5}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={r1, 0x5, 0xffffffffffff0001}, &(0x7f0000000200)=0xc) [ 488.299788] QAT: Invalid ioctl [ 488.306450] QAT: Invalid ioctl 12:18:06 executing program 3: unshare(0x10000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:06 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000040)) [ 488.385320] QAT: Invalid ioctl [ 488.390251] QAT: Invalid ioctl [ 488.396445] QAT: Invalid ioctl [ 488.399941] QAT: Invalid ioctl 12:18:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, 0x7) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000080)={{0x0, 0x66c}, 0x56}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:18:06 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000180)=""/225) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000040)={{0x4000, 0xf000, 0xa, 0x24, 0x9, 0x0, 0x2, 0x9, 0x7ff, 0x1ff, 0x0, 0x3}, {0x2000, 0x2, 0xb, 0x20, 0xffffffff, 0x1, 0x1b6, 0x5, 0xdd1c, 0x3, 0x81, 0x4700}, {0x10002, 0x5, 0xe, 0x1d4, 0xada, 0x926d, 0x7, 0x6, 0x7f, 0x0, 0xfff, 0x8}, {0x5002, 0xd000, 0x0, 0x3, 0x0, 0x6, 0x401, 0x8000, 0x9, 0xc0ea, 0x6, 0x5}, {0x100000, 0x6000, 0xd, 0x7, 0x3, 0x10000000, 0x8d0, 0xffffffffffffff01, 0xfffffffffffffff8, 0x5, 0x6}, {0x1, 0x7000, 0xe, 0xa5, 0x9, 0x140000000000, 0x6, 0xf7, 0x3, 0x7f, 0x74, 0x8001}, {0x3000, 0x104000, 0xe, 0x6, 0x0, 0x6, 0x5, 0x0, 0xfffffffffffffff9, 0x3, 0x42db550d, 0x7}, {0x0, 0x110004, 0xb, 0x2, 0x80000000, 0x8, 0x80000001, 0x6, 0x1, 0x7fff, 0x7, 0x1}, {0x103002, 0xffc}, {0xf000}, 0x10, 0x0, 0x1, 0x400, 0xf, 0x1, 0xd000, [0xc, 0x6126ee70, 0x8]}) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) 12:18:06 executing program 5: pipe2(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000300)='team\x00') getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @remote}, &(0x7f0000000440)=0xc) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000000480)={@broadcast, @initdev, 0x0}, &(0x7f00000004c0)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000540)={@local, @dev, 0x0}, &(0x7f00000005c0)=0xc) getpeername$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000640)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'veth0_to_team\x00', 0x0}) getpeername$packet(0xffffffffffffffff, &(0x7f00000006c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000700)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000740)={@mcast1, 0x0}, &(0x7f0000000780)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000980)={'vcan0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000009c0)={'vcan0\x00', 0x0}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000e00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000e40)=0x14) accept(0xffffffffffffffff, &(0x7f0000001100)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000380)=0x66e) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000011c0)={{{@in6=@mcast1, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@empty}}, &(0x7f00000012c0)=0xe8) recvmmsg(0xffffffffffffff9c, &(0x7f0000004ac0)=[{{&(0x7f0000001300)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000001380)=""/27, 0x1b}, {&(0x7f00000013c0)=""/203, 0xcb}, {&(0x7f00000014c0)=""/210, 0xd2}, {&(0x7f00000015c0)=""/134, 0x86}], 0x4}, 0x1}, {{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f00000016c0)=""/251, 0xfb}, {&(0x7f00000017c0)=""/56, 0x38}, {&(0x7f0000001800)=""/219, 0xdb}], 0x3, &(0x7f0000001940)=""/111, 0x6f}, 0x800}, {{&(0x7f00000019c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000001fc0)=[{&(0x7f0000001a40)=""/173, 0xad}, {&(0x7f0000001b00)=""/221, 0xdd}, {&(0x7f0000001c00)=""/103, 0x67}, {&(0x7f0000001c80)=""/86, 0x56}, {&(0x7f0000001d00)=""/68, 0x44}, {&(0x7f0000001d80)=""/222, 0xde}, {&(0x7f0000001e80)=""/72, 0x48}, {&(0x7f0000001f00)=""/50, 0x32}, {&(0x7f0000001f40)=""/29, 0x1d}, {&(0x7f0000001f80)=""/34, 0x22}], 0xa, &(0x7f0000002080)=""/146, 0x92}, 0xfff}, {{0x0, 0x0, &(0x7f0000002140), 0x0, &(0x7f0000002180)=""/39, 0x27}, 0x80000001}, {{&(0x7f00000021c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, 0x80, &(0x7f00000022c0)=[{&(0x7f0000002240)=""/67, 0x43}], 0x1}, 0x1cc}, {{&(0x7f0000002300)=@x25={0x9, @remote}, 0x80, &(0x7f0000003480)=[{&(0x7f0000002380)=""/234, 0xea}, {&(0x7f0000002480)=""/4096, 0x1000}], 0x2, &(0x7f00000034c0)=""/127, 0x7f}, 0x3}, {{0x0, 0x0, &(0x7f0000003540), 0x0, &(0x7f0000003580)=""/29, 0x1d}, 0x52d}, {{&(0x7f00000035c0)=@can={0x1d, 0x0}, 0x80, &(0x7f0000004980)=[{&(0x7f0000003640)=""/254, 0xfe}, {&(0x7f0000003740)=""/213, 0xd5}, {&(0x7f0000003840)=""/104, 0x68}, {&(0x7f00000038c0)=""/114, 0x72}, {&(0x7f0000003940)=""/26, 0x1a}, {&(0x7f0000003980)=""/4096, 0x1000}], 0x6, &(0x7f0000004a00)=""/182, 0xb6}, 0x1}], 0x8, 0x1, &(0x7f0000004cc0)={0x0, 0x989680}) getpeername$packet(0xffffffffffffffff, &(0x7f0000004d00)={0x11, 0x0, 0x0}, &(0x7f0000004d40)=0x14) accept4$packet(0xffffffffffffff9c, &(0x7f0000004d80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000004dc0)=0x14, 0x80800) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000004ec0)={{{@in6=@initdev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000004fc0)=0xe8) accept4(0xffffffffffffffff, &(0x7f0000005040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000050c0)=0x80, 0x80000) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000005780)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000005740)={&(0x7f0000005800)=ANY=[@ANYBLOB="08060000", @ANYRES16=r1, @ANYBLOB="080226bd7000ffdbdf250200000008000100", @ANYRES32=r2, @ANYBLOB="4400020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040006000000080007000000000008000100", @ANYRES32=r3, @ANYBLOB="f800020038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400030000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040006000000080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r5, @ANYBLOB="080007000000000008000100", @ANYRES32=r6, @ANYBLOB="c80002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e67000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="1c6c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000300000008000600", @ANYRES32=r10, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="3c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r13, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000900000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400020000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r15, @ANYBLOB="08000100", @ANYRES32=r16, @ANYBLOB="3c00020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000700000008000100", @ANYRES32=r17, @ANYBLOB="6801020038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400d8135f7838000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040080000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004008000000008000600", @ANYRES32=r18, @ANYBLOB="3c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c000400686173680000000038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040000020000400001002400010071756575655f696400000000000000000000000000000000000000000000000008000300030000000800040001000000080006004df93c6a2fd41a631b64cb641f1ea24a242e4df0f63bfe4cb8cb4bbb77559717ec2ebcaff9083c212b023ab1e4260456475605f7347e7abda0ca6de6e54ccf0b6eb17c5e0999e79c53b59aef946ced10501030a23878adaa9393aa1f7a38846c67701e255f3ca0a0ce29cba3280bc81e97618f2e8e27813ea3fe2f2d0fb293d3e84012eea37beaecc0800427c8ebdbda8ec69edf153d56d958f9c1a56d704683bfc667673d83f1cfc872fb8a968e878eeed4413d3205ae78b1d2ca48ff25c813f0bdea73fcee6310bde70a4b28347b82bddcca363a575cacc2776dc832", @ANYRES32=r19], 0x608}, 0x1, 0x0, 0x0, 0x800}, 0x10) r20 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r21 = ioctl$KVM_CREATE_VM(r20, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r21, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r22, 0x8912, 0x400200) r23 = ioctl$KVM_CREATE_VCPU(r21, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r21, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r23, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r23, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r23, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000140)={0x0, 0x20}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r21, 0x84, 0x71, &(0x7f0000000200)={r24, 0x10000}, &(0x7f0000000240)=0x8) 12:18:06 executing program 3: unshare(0x20001) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 488.622808] QAT: Invalid ioctl [ 488.627514] QAT: Invalid ioctl [ 488.639784] QAT: Invalid ioctl [ 488.650998] QAT: Invalid ioctl [ 488.661433] QAT: Invalid ioctl 12:18:06 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x0, 0x100000001, 0x0, r0}, 0x2c) 12:18:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:06 executing program 4: r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x10, 0x80000020002) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000080)=""/56) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) 12:18:06 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, [], [{0x0, 0x859, 0x5, 0x81, 0x7, 0x7}, {0x2, 0x4, 0x20, 0xfff, 0x93ff, 0x8000}], [[], []]}) 12:18:06 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) socket$packet(0x11, 0x3, 0x300) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:06 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000080), 0x8) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r5 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x8000000000000200, 0x490000) setsockopt$inet_opts(r5, 0x0, 0x4, &(0x7f00000001c0)="47d32b0fb6f937c032621954c8100601cd80dbebe1ba112c603889bd1b2273d7a11bc08a5c24621da1564fe706f4f72b5f0eea1fecb456b30f10afa06be84aed7af6ee0a0df2dc0a6f140507e94ecb355a527d70137709dd00fc2b1633d2a853d6d12701d60c4a7cb43ef1418246d0a465f94b816502264b3fb1b19c2ecb9888c4bef4383678a8c60afd976576bcd2999abe197165d8024bb285bcbfe64ecad4c836ef0fca774ced01e0", 0xaa) ioctl$sock_TIOCOUTQ(r5, 0x5411, &(0x7f0000000280)) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f00000002c0), &(0x7f0000000300)=0x14) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$TIOCEXCL(r5, 0x540c) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 488.925857] QAT: Invalid ioctl [ 488.936713] QAT: Invalid ioctl [ 488.959893] QAT: Invalid ioctl [ 488.973354] QAT: Invalid ioctl [ 489.068113] *** Guest State *** [ 489.071573] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 489.072625] protocol 88fb is buggy, dev hsr_slave_0 [ 489.080610] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 489.086098] protocol 88fb is buggy, dev hsr_slave_1 [ 489.094488] CR3 = 0x0000000000000000 [ 489.100253] protocol 88fb is buggy, dev hsr_slave_0 [ 489.103268] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 489.108806] protocol 88fb is buggy, dev hsr_slave_1 [ 489.114367] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 489.125438] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 489.132260] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 489.140282] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.148497] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.156578] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.164670] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.172802] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.180820] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.188974] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 489.197089] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.205248] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 489.213338] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 489.219783] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 489.227490] Interruptibility = 00000000 ActivityState = 00000000 [ 489.233835] *** Host State *** [ 489.237106] RIP = 0xffffffff812b0dfc RSP = 0xffff88805badf380 [ 489.243267] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 489.249717] FSBase=00007feb364da700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 489.257683] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 12:18:07 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80400, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) r3 = getgid() lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@initdev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f0000000340)=0xe8) r7 = getgid() getresuid(&(0x7f0000000380)=0x0, &(0x7f00000003c0), &(0x7f0000000400)) r9 = getegid() lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) r11 = getegid() stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000005c0)=0x0, &(0x7f0000000600), &(0x7f0000000640)) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) fstat(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0}) r15 = getgid() fstat(r0, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000780)=[0xffffffffffffffff, 0xee01]) r18 = getuid() getgroups(0x7, &(0x7f00000007c0)=[0xee01, 0xee00, 0xee01, 0xffffffffffffffff, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff]) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000800)={0x0, 0x0}, &(0x7f0000000840)=0xc) r21 = getgid() write$FUSE_DIRENTPLUS(r1, &(0x7f0000000880)={0x690, 0x0, 0x7, [{{0x3, 0x1, 0x7, 0xdba, 0x7, 0xfffffffffffffff8, {0x4, 0x7e, 0x4, 0x6, 0x3, 0xfffffffffffffeff, 0x80000000800000, 0x80000000, 0x5, 0x8, 0x1b2, r2, r3, 0x9, 0x9}}, {0x0, 0x52c75f8f, 0x31, 0x7, 'lobdev]}(,em0systemposix_acl_access-self:4-cpuset'}}, {{0x6, 0x0, 0x8000, 0x8, 0xffffffffffffff81, 0x8, {0x4, 0xe06, 0x0, 0x8, 0x6, 0x18000000000, 0xff, 0x1, 0x7, 0x1, 0x4, r4, r5, 0x38, 0x10001}}, {0x4, 0x0, 0x4, 0x7, 'user'}}, {{0x5, 0x0, 0xfffffffffffffff9, 0x2, 0x8, 0x400, {0x3, 0x9, 0x7f, 0x6, 0x1, 0x1ff, 0x0, 0x5be0, 0x100000001, 0x9, 0xeac, r6, r7, 0x0, 0x7}}, {0x5, 0x7, 0x0, 0x7}}, {{0x6, 0x2, 0x81, 0x3, 0xfffffffffffffe00, 0x4, {0x6, 0x7, 0x3, 0x5b, 0x2, 0x6, 0x3, 0x9d, 0x6, 0x7f, 0x400, r8, r9, 0x3, 0x7}}, {0x3, 0xa70, 0x1, 0x2, '/'}}, {{0x5, 0x2, 0x6, 0x6, 0x80000001, 0x3, {0x0, 0x3, 0x6, 0x4cf, 0x3, 0x3, 0x0, 0x4, 0x200, 0xffffffffffff0000, 0x4, r10, r11, 0x0, 0x80000001}}, {0x2, 0x5, 0x0, 0x100000000}}, {{0x5, 0x0, 0x8001, 0x9, 0x3, 0x1, {0x2, 0xf6, 0x34687c6f, 0x0, 0x3, 0x6, 0x6, 0x4, 0x6, 0x2, 0x6, r12, r13, 0xf301, 0x2}}, {0x0, 0x21f, 0xb, 0xff, 'ppp0vmnet0#'}}, {{0x1, 0x3, 0x8000, 0x983, 0x9, 0x8, {0x2, 0x5, 0x7fffffff, 0x200, 0x5, 0x9, 0x4, 0x80, 0x8000, 0x1, 0x40, r14, r15, 0x8, 0x5}}, {0x5, 0x400, 0x1c, 0x5, '!*\\mime_typevboxnet1ppp0self'}}, {{0x4, 0x1, 0x0, 0x992, 0x7, 0x8, {0x1, 0x8f09, 0xa11, 0x5bf, 0x8, 0xfffffffffffffff7, 0xff, 0x26b, 0x0, 0x5, 0x0, r16, r17, 0x9, 0x1}}, {0x6, 0x8000, 0x2, 0xffff, '[*'}}, {{0x3, 0x3, 0xffffffffffffff80, 0x8, 0xffffffff, 0x5, {0x6, 0x6, 0x3, 0x0, 0x1f, 0x71a5, 0x4, 0x1f, 0x800, 0x80, 0x8, r18, r19, 0x101, 0x7}}, {0x0, 0xffffffffffffff70, 0x1, 0x3f, '['}}, {{0x6, 0x3, 0x51, 0x1, 0x7, 0x3, {0x2, 0x100000001, 0x1, 0x7, 0x7f, 0x5761, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffff7fff, 0x6, r20, r21, 0x8, 0x5}}, {0x4, 0x1f, 0x6, 0x5, 'vmnet0'}}]}, 0x690) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:18:07 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x3, 0x4) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x200000, 0x0) write$P9_RWSTAT(r4, &(0x7f00000001c0)={0x7, 0x7f, 0x2}, 0x7) [ 489.263706] CR0=0000000080050033 CR3=000000006d751000 CR4=00000000001426f0 [ 489.270763] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 489.277880] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 489.284034] *** Control State *** [ 489.287521] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 489.294330] EntryControls=0000d1ff ExitControls=002fefff [ 489.299877] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 489.306963] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 489.313779] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 489.320399] reason=80000021 qualification=0000000000000000 [ 489.326868] IDTVectoring: info=00000000 errcode=00000000 [ 489.332418] TSC Offset = 0xfffffef60c6a39ef [ 489.336764] TPR Threshold = 0x00 [ 489.340156] EPT pointer = 0x000000006c55101e [ 489.387614] QAT: Invalid ioctl [ 489.400994] QAT: Invalid ioctl 12:18:07 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x1000007, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = fcntl$dupfd(r0, 0x406, r0) connect$can_bcm(r1, &(0x7f0000000000), 0x10) [ 489.476080] *** Guest State *** [ 489.479593] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 489.488710] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 489.497671] CR3 = 0x0000000000000000 [ 489.501422] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 489.507568] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 489.513730] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 489.520611] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 489.528761] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.536876] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.545887] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.553995] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.562144] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.570188] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.578359] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 489.586486] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.594661] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 489.602766] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 489.609233] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 489.616861] Interruptibility = 00000000 ActivityState = 00000000 [ 489.623224] *** Host State *** 12:18:07 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) io_setup(0x9, &(0x7f0000000040)=0x0) io_cancel(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x400, r0, &(0x7f0000000080)="29a63e2b5da597571af92ff6a358c46f40a365ecd43014e7028f6ab4a2f71403fbcbf4bbd611d8852f8e2eea6eeba303d35b3876625466015c38607363a6bfd83ca29514095b2733a45942183a6349ecabcc31950646c5b451e5a275a8", 0x5d, 0x8, 0x0, 0x2, r0}, &(0x7f0000000140)) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:07 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x10005, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x1}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ptype\x00') ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f00000000c0)={0x1, 0x2, [@link_local, @remote]}) [ 489.626465] RIP = 0xffffffff812b0dfc RSP = 0xffff88805fc6f380 [ 489.632611] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 489.639067] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 489.647210] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 489.653272] CR0=0000000080050033 CR3=000000007910e000 CR4=00000000001426f0 [ 489.660348] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 489.667209] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 489.673398] *** Control State *** [ 489.676900] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 489.683742] EntryControls=0000d1ff ExitControls=002fefff [ 489.689254] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 489.696372] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 489.703199] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 489.709834] reason=80000021 qualification=0000000000000000 [ 489.716350] IDTVectoring: info=00000000 errcode=00000000 [ 489.721929] TSC Offset = 0xfffffef5d2079cc2 [ 489.726299] TPR Threshold = 0x00 [ 489.729722] EPT pointer = 0x0000000062ddd01e [ 489.806477] QAT: Invalid ioctl [ 489.816439] QAT: Invalid ioctl [ 489.854618] *** Guest State *** [ 489.858067] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 489.867135] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 489.876495] CR3 = 0x0000000000000000 [ 489.880272] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 489.886429] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 489.892564] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:18:07 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x0, 0x100000001, 0x0, r0}, 0x2c) 12:18:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 489.899295] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 489.907477] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.915638] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.923809] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.932043] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 489.940095] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:08 executing program 4: r0 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0x2, 0x2) getsockname$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, &(0x7f00000000c0)=0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x1b, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) [ 489.948284] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.956433] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 489.964627] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 489.972789] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 489.980817] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 489.987435] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 489.995068] Interruptibility = 00000000 ActivityState = 00000000 [ 490.001353] *** Host State *** [ 490.004746] RIP = 0xffffffff812b0dfc RSP = 0xffff88805f10f380 [ 490.010802] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 490.017440] FSBase=00007f3a33a8a700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 490.025405] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 490.031349] CR0=0000000080050033 CR3=000000007910e000 CR4=00000000001426f0 [ 490.038558] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 490.045389] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 490.051507] *** Control State *** [ 490.055181] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 490.062033] EntryControls=0000d1ff ExitControls=002fefff [ 490.067573] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 490.074701] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 490.081447] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 490.088245] reason=80000021 qualification=0000000000000000 [ 490.094750] IDTVectoring: info=00000000 errcode=00000000 [ 490.100262] TSC Offset = 0xfffffef5d2079cc2 [ 490.104788] TPR Threshold = 0x00 [ 490.108232] EPT pointer = 0x0000000062ddd01e 12:18:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:08 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x4, 0x6, 0x7, 0x200000ffffffff, 0xab224c9e4c21b383, r0, 0x8}, 0xdbd4e0519ac1b0b6) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x1, 0x0, r2}, 0x2c) r3 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)='\x00', 0xfffffffffffffff8) lsetxattr$security_ima(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='security.ima\x00', &(0x7f0000000300)=@sha1={0x1, "b399324fb0465f8146ac7ddc0858bc48016eba7c"}, 0x15, 0x1) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) ioctl$EVIOCGBITSW(r1, 0x80404525, &(0x7f00000001c0)=""/179) keyctl$link(0x8, r3, r4) 12:18:08 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc0, 0x0) unshare(0x28020400) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)=0x9, 0x4) ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) 12:18:08 executing program 1: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x10000, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="5f000000fcffffff1b000000d99817a7f212083ca32408666d9eeea7ca30ca0870c4c91b9ab42965381f180d3479ad5338bf109be7bf0fc7d9d5e3667dc06eeb3b931b5eed16791ad626f8a2e1c41747c4f2afd2b1ce1ff857a7fd711b5237eceb39a3df6727a0b1dd8535"]) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000040)="c9427478aa7e88874861683f2c495e4173678476599fb40bf957a2e1753e5cc65fa42c4d691a6f375be84df0ac2b65d45c8a1a3e5d8395e06ecf7dfa06755af0b06399787ddef7ff122489b10153beb73a5a22af17bd76ebdabcab8eb361a79a264497822e533481b3d8d27413fac49662336fe1d6be650b709afca7bec1bd1269d248b084336588a13916326f5a0bc9147771409812db2395b156188f1054226189e1f8266beb34") ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:18:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0xc0000, 0x0) bind$isdn(r1, &(0x7f00000001c0)={0x22, 0xcf8, 0x1, 0x8, 0x4}, 0x6) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000240)=0x2000) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:18:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:08 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x5, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 490.562652] QAT: Invalid ioctl [ 490.575471] QAT: Invalid ioctl [ 490.611669] QAT: Invalid ioctl [ 490.622553] QAT: Invalid ioctl [ 490.727609] *** Guest State *** [ 490.731222] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 490.740510] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 490.749550] CR3 = 0x0000000000000000 [ 490.753461] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 490.759600] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 490.764272] *** Guest State *** [ 490.765804] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 490.769102] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 490.775902] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 490.775939] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.775984] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.784998] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 490.793135] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.793190] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.801212] CR3 = 0x0000000000000000 [ 490.809333] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.809358] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 490.809399] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 490.818362] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 490.826465] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 490.826495] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 490.826514] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 490.826552] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 490.826569] Interruptibility = 00000000 ActivityState = 00000000 [ 490.826588] *** Host State *** [ 490.826609] RIP = 0xffffffff812b0dfc RSP = 0xffff888072b3f380 [ 490.826654] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 490.834753] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 490.838516] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 490.846656] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 490.854770] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 490.854814] CR0=0000000080050033 CR3=000000005d892000 CR4=00000000001426f0 [ 490.863014] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 490.868995] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 490.877105] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.885189] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 490.885228] *** Control State *** [ 490.891709] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.899275] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 490.899308] EntryControls=0000d1ff ExitControls=002fefff [ 490.905786] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.909050] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 490.915187] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.921612] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 490.927710] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 490.935600] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 490.935635] reason=80000021 qualification=0000000000000000 [ 490.942437] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 490.948367] IDTVectoring: info=00000000 errcode=00000000 [ 490.955601] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 490.963610] TSC Offset = 0xfffffef52a9847bb [ 490.963642] TPR Threshold = 0x00 [ 490.970366] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 490.978443] EPT pointer = 0x000000005b76001e [ 491.102638] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 491.110686] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 491.117333] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 12:18:09 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x800, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$KDSETLED(r1, 0x4b32, 0x9) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000280)) write$UHID_CREATE(r0, &(0x7f0000000140)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000080)=""/162, 0xa2, 0x3, 0x10000, 0x6, 0x2, 0x8}, 0x120) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x39b, 0x180) 12:18:09 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8) sendmsg$nl_crypto(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="100100001000080225bd7000fcdbdf2561757468656e63287770353132c528947e6163686131322d67656e6572696329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024000000040000000000000000000008000100ff7f000008000100000000000800010005000000080001000000000008000100050000000800010009000000b16b24d682bea1ada052e6536b3a5742cbfc107fb4084de53f3ebad8263be57d4d45b1b5e0867dace6c8295910fd0728e091d5c5af1ed522c2c526f84a967391ccc73c0c203a093e5b711f188973ad5aee84fae8f9bc8acfb3ce57c5d9731b6759de740677c77d0eb3f9ff85e26394548a3fef34649410bfa738e29eeaab286f379c296890d2444b91da709b892f5ca48a40c62d5217b7e3abd22f6f23b26840b9318a3b563c50fe6b40c89327e04625c1dfa01c68d89db8edb1094a1589595610e256a65f8d1e92ada78ff2ab3087b5de32df89ca9aae57b610aee32bf0499455ec6f93da5f657dbb93128cabfa489b601aa5bfcdd9564d0803ff198b314ab483791c50f44612dd0928b649d02fa9cb94f71b1fcd0b1f50d1468a0cd761b2cdf95463facb9d3d95e49203fad6d650cd4f78d9d004f81ded60e2f2950db89e0639e5596e8764fccd53"], 0x110}, 0x1, 0x0, 0x0, 0x1}, 0x8000) r2 = getgid() ioctl$FIBMAP(r0, 0x1, &(0x7f0000000280)=0xfffffffffffffff7) fchown(r0, r1, r2) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0x9) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-monitor\x00', 0x10001, 0x0) ioctl$CAPI_SET_FLAGS(r3, 0x80044324, &(0x7f0000000340)=0x1) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) eventfd(0x1) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r4, &(0x7f0000000100), 0x0}, 0x18) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x2000, 0x0) [ 491.124995] Interruptibility = 00000000 ActivityState = 00000000 [ 491.131295] *** Host State *** [ 491.134704] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c68f380 [ 491.140758] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 491.147417] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 491.155429] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 491.161393] CR0=0000000080050033 CR3=00000000795b2000 CR4=00000000001426e0 [ 491.168616] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 491.175465] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 491.181571] *** Control State *** [ 491.185217] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 491.192076] EntryControls=0000d1ff ExitControls=002fefff [ 491.197608] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 491.204735] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 491.211476] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 491.218282] reason=80000021 qualification=0000000000000000 [ 491.224750] IDTVectoring: info=00000000 errcode=00000000 [ 491.230263] TSC Offset = 0xfffffef5230e5aaf [ 491.234781] EPT pointer = 0x000000005c7e801e [ 491.276321] QAT: Invalid ioctl [ 491.286633] QAT: Invalid ioctl [ 491.299049] QAT: Invalid ioctl [ 491.302762] QAT: Invalid ioctl 12:18:19 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x202002, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) socket$alg(0x26, 0x5, 0x0) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000040)=0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000080)=r1) 12:18:19 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x0, 0x0, r0}, 0x2c) 12:18:19 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000140)=r2, 0x4) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000080)=0x101, 0x4) 12:18:19 executing program 3: unshare(0x28020400) clone(0x20000000, &(0x7f0000000000)="e30e2021e5c69bc9b438914e83aa6aa973bce9fc31c1fd4ac866252c55edc3e05c815693725282d75099261f1654cbda4ddfe4f1c0e98bdebbe41880f4ce25d23f9577531fc19064f480972155870809b2d246d91788b7c0bb4e2101d5a7c3a20cc355bd05f53cc045e0eb824d0211aac09197332dfe4fbc8498b62138abf9cc9c621b21963b71e514d776d01396a2b71078fc34ef11f289c169d867958dc79141136038c8a1786bae27dfdce15f00e91d3f505904849825eb255bff5667a556e7bd4385894fb8f5119a1e8490011fea46c5d3e7d08157", &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="f6149cc770e2536a54e6bf6206544f8e56dd51d8cd29bb039ce9ff6b6095aa3d9dda8badca70e6fca344d7ff8a4bfac034d0878432d2921a09de8225996706e9135d1d8511cd9b5d03a8897b587b6024b238515735e7c046c7d7e69396f8d209be0100f44a847c0d5951bccf294cbf891c7efd8276c9d63e8172d84848dfc7116884e83b7fbfd99f92d63e5ea7db1d103370f651a2da4cc9ce3421d91c88620d8c9a13a0e0f304e39856bbfd85f8a56fcc0b") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x181000, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x18000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0xaa10) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000fde000/0x18000)=nil, 0x0, 0xfffffffffffffe9f, 0x0, 0x0, 0xfffffffffffffefb) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 501.698198] *** Guest State *** [ 501.701690] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 501.710840] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 501.719979] CR3 = 0x0000000000000000 [ 501.723867] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 501.727724] *** Guest State *** [ 501.729898] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 501.729926] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 501.729956] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 501.729991] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.730026] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.730059] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.730109] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.733603] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 501.739699] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.746437] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 501.754561] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 501.762616] CR3 = 0x0000000000000000 [ 501.770629] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 501.770652] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 501.770681] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 501.770718] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 501.778809] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 501.786879] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 501.786900] Interruptibility = 00000000 ActivityState = 00000000 [ 501.786910] *** Host State *** [ 501.786932] RIP = 0xffffffff812b0dfc RSP = 0xffff88806427f380 [ 501.786979] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 501.795944] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 501.804058] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 501.813233] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 501.821031] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 501.824883] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 501.832981] CR0=0000000080050033 CR3=0000000021261000 CR4=00000000001426f0 [ 501.833020] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 501.841042] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.849133] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 501.855682] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.861685] *** Control State *** [ 501.869283] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.869317] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.869357] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 501.875700] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 12:18:20 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x5) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) accept$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000000c0)=0x1c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x40d, 0x8, 0x4, 0xffffffffffffffea, 0x0, r0}, 0x2c) [ 501.875733] EntryControls=0000d1ff ExitControls=002fefff [ 501.878963] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 501.885105] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 501.891528] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 501.897616] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 501.905558] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 501.912374] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 501.918323] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 501.926406] reason=80000021 qualification=0000000000000000 [ 501.933554] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 501.940254] IDTVectoring: info=00000000 errcode=00000000 [ 501.948332] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 501.948366] Interruptibility = 00000000 ActivityState = 00000000 [ 501.954546] TSC Offset = 0xfffffeef41a6e834 [ 501.954576] TPR Threshold = 0x00 [ 501.962675] *** Host State *** [ 501.966152] EPT pointer = 0x00000000758de01e [ 501.974261] RIP = 0xffffffff812b0dfc RSP = 0xffff88805d81f380 [ 502.109125] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 502.115720] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 502.123652] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 502.129609] CR0=0000000080050033 CR3=000000009014a000 CR4=00000000001426e0 [ 502.136822] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 502.143636] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 12:18:20 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x2, 0x8, 0x5, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 502.149751] *** Control State *** [ 502.153362] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 502.160083] EntryControls=0000d1ff ExitControls=002fefff [ 502.165719] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 502.172764] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 502.179487] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 502.186286] reason=80000021 qualification=0000000000000000 [ 502.192741] IDTVectoring: info=00000000 errcode=00000000 12:18:20 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7ff00001}]}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x80, 0x0) r1 = openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) ioctl$FICLONE(r0, 0x40049409, r1) ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f0000000100)=""/219) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r2, 0xc0184908, 0x0) [ 502.198255] TSC Offset = 0xfffffeef41a559f9 [ 502.202734] EPT pointer = 0x000000002126a01e 12:18:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:20 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000200)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000300)=0xe8) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000340)={@dev={0xfe, 0x80, [], 0x20}, 0x6e, r3}) fcntl$setflags(r2, 0x2, 0x1) timer_create(0x7, &(0x7f0000000080)={0x0, 0x25, 0xac8d4bf114b5b298, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_settime(r4, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, 0x989680}}, 0x0) 12:18:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x1, 0x60000) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x200, 0x0) renameat(r4, &(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000240)='./file0\x00') ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:20 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x0, 0x0, r0}, 0x2c) [ 502.539619] QAT: Invalid ioctl 12:18:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'batadv0\x00'}}, 0x1e) sendmmsg(r1, &(0x7f0000005b40), 0x40000000000014d, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0xd, 0x8, 0x4, 0xffffffffffffffed}, 0x1b) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000080)={0x8, 0x7, 0x2, 0x2, 0x6, 0x8}) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000029bd7000fedbdf250a000000580007000c0004007be7000000000000080001000400000008000100060000000c000400020000000000000008000100000802000c00030000040000000000000c00250000000000000000000c000300ff07000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40811}, 0x1) 12:18:20 executing program 3: socketpair(0x5, 0x80002, 0x8, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000280)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000f400000049f550b293c96ca196e802f702bd782d7782dd9b8063befa275d15b979ad9d61fef83aa4130a1aa0a94f9dac58ca68079cf356e09096ebbb041d3c8c80da2d4bbcd32e5cf768bc0a61902006c5cc0873fdf65053d3f86ebe1b510b717242a8796258756180c5e5c5cd243576e29e78993df2de1afe67a3ea1e04000000d3717dfb445d110825c9d5aaad8f6e5e139cdb3818e9a2d5fc8872ac856b3c00b6be93749b32af842c82f40587f3e9baa6a70c5eaf32b2eb9df99e134c5bd32346401332e2db23249270fd803a74e9806cfffe1e828b54c9b3dbf4a86639b1383628488d9867b1daf956d80b30b9f045946b0b62b43a4c3c89a60515f907bde4804e28f8538b9dd8237788b322b1f5998643d6f387c340a8d9593f2992c5bfb3ea0b798125f1baac4f4d853a933e359501e5a269444c007a624dbfe5fdd23f1689f45fc3a22794183a7454e3d4a5255df6b47598f4e5da02e480dcd1e1c55cace80c37497c24cf4c2f6a8b7d21c557a6cd5f88c562c44a2e873c13a289101b4bc08579e15f15731839182202b6fa"], &(0x7f0000000200)=0x118) unshare(0xc06) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r1, &(0x7f0000000000)="28743c535e35def0be21f5cfb20ff29a069155479611a6cb6db749aaf71fcb3b46718a88eef2954ec60638376422ef85d4b3b666168881e807d7da75bf4bcf70009b402413ac96410d6e47ea271793976990bbf913b552a22c07edcd0310574c672d977e939aa8fcd3869893", 0x0}, 0x7) r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x9, 0x40000) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000100)) 12:18:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x1, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r4, 0x40206417, &(0x7f00000001c0)={0x3, 0x5, 0x0, 0x3, 0x2, 0xffffffff}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 502.992416] *** Guest State *** [ 502.995876] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 503.004991] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 503.013949] CR3 = 0x0000000000000000 [ 503.017706] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 503.023840] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 503.029900] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:18:21 executing program 3: unshare(0x28010000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 503.036833] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 503.044985] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.053193] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.061276] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.069439] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.077533] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:21 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0xa, 0x1}, 0x2c) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x8000, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000200)={'nat\x00', 0x0, 0x4, 0xde, [], 0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}], &(0x7f0000000100)=""/222}, &(0x7f0000000280)=0x78) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) [ 503.085696] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 503.093817] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 503.101974] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 503.110048] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 503.118237] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 503.124785] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 503.132388] Interruptibility = 00000000 ActivityState = 00000000 [ 503.138664] *** Host State *** [ 503.142011] RIP = 0xffffffff812b0dfc RSP = 0xffff88808d2df380 [ 503.148069] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 503.154670] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 503.162610] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 503.168565] CR0=0000000080050033 CR3=0000000071339000 CR4=00000000001426e0 [ 503.175753] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 503.182540] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 503.188637] *** Control State *** [ 503.192243] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 503.198958] EntryControls=0000d1ff ExitControls=002fefff [ 503.204566] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 503.211560] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 503.218407] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 503.225111] reason=80000021 qualification=0000000000000000 [ 503.231562] IDTVectoring: info=00000000 errcode=00000000 [ 503.237154] TSC Offset = 0xfffffeee9274d185 [ 503.241595] TPR Threshold = 0x00 [ 503.245109] EPT pointer = 0x000000006367201e [ 503.309928] QAT: Invalid ioctl 12:18:21 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) accept4$packet(0xffffffffffffff9c, &(0x7f0000003b80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000003bc0)=0x14, 0x80000) bpf$PROG_LOAD(0x5, &(0x7f0000003c00)={0x12, 0x4, &(0x7f0000000000)=@raw=[@ldst={0x3, 0x3, 0x0, 0x6, 0x0, 0x72, 0xffffffffffffffff}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x6}], &(0x7f0000000040)='syzkaller\x00', 0x7, 0x60, &(0x7f0000000080)=""/96, 0x41100, 0x1, [], r1, 0xf}, 0x48) 12:18:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:18:21 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:21 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000000), 0x8, {0xa, 0x4e24, 0x1, @ipv4={[], [], @local}, 0x1}, r2}}, 0x38) 12:18:21 executing program 2: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x0, 0x0, r0}, 0x2c) [ 503.613801] QAT: Invalid ioctl 12:18:21 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0xfffffffffffffff8, 0x220080) ioctl$IOC_PR_RELEASE(r1, 0x401070ca, &(0x7f0000000180)={0xc07, 0x71d3}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30) prlimit64(r2, 0x10, &(0x7f00000000c0)={0x0, 0x9}, &(0x7f0000000100)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:18:21 executing program 1: setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000040)=0x2ab, 0xcf) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x400, 0x0) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000080)={0x5, 0x6, 0x4006}) prctl$PR_SVE_SET_VL(0x32, 0x17498) prctl$PR_GET_FPEMU(0x9, &(0x7f00000000c0)) ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffffff, 0xc0184908, 0x0) write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x1f, 0x1, 0x9bff}, 0xf) prctl$PR_SET_FPEMU(0xa, 0x3) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ashmem\x00', 0x600, 0x0) [ 503.822879] *** Guest State *** [ 503.826379] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 503.835445] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 503.844516] CR3 = 0x0000000000000000 [ 503.848299] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 503.854416] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 503.860471] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 503.867310] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 503.875449] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.883578] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.891621] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.899771] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 503.907923] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:18:22 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x12, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0xffffffffffffc6c8, 0x2800) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)) [ 503.916062] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 503.924208] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 503.932332] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 503.940379] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 503.948523] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 503.955058] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 503.962651] Interruptibility = 00000000 ActivityState = 00000000 [ 503.968947] *** Host State *** [ 503.972298] RIP = 0xffffffff812b0dfc RSP = 0xffff88806401f380 [ 503.978348] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 503.984920] FSBase=00007f3a33a8a700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 503.992886] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 503.998836] CR0=0000000080050033 CR3=0000000071339000 CR4=00000000001426f0 [ 504.006015] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 504.012832] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 504.018936] *** Control State *** [ 504.022541] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 504.029259] EntryControls=0000d1ff ExitControls=002fefff [ 504.034864] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 504.041941] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 504.048672] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 504.055424] reason=80000021 qualification=0000000000000000 [ 504.061784] IDTVectoring: info=00000000 errcode=00000000 [ 504.067345] TSC Offset = 0xfffffeee9274d185 [ 504.071703] TPR Threshold = 0x00 [ 504.075211] EPT pointer = 0x000000006367201e 12:18:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = dup3(r0, r0, 0x80000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={0x0, r4, 0x5, 0x3}, 0x14) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, [], [{0x7fffffff, 0x3, 0x8, 0x10001, 0x4, 0x4}, {0x7, 0x0, 0x4, 0xffff, 0x6}]}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:22 executing program 1: ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffffff, 0xc0184908, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000040)={'bcsf0\x00', 0x401}) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x1) 12:18:22 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) process_vm_writev(r1, &(0x7f0000000240)=[{&(0x7f0000000080)=""/28, 0x1c}, {&(0x7f00000000c0)=""/113, 0x71}, {&(0x7f0000000140)=""/63, 0x3f}, {&(0x7f0000000180)=""/135, 0x87}], 0x4, &(0x7f0000000400)=[{&(0x7f0000000280)=""/125, 0x7d}, {&(0x7f0000000340)=""/123, 0x7b}, {&(0x7f00000003c0)=""/62, 0x3e}], 0x3, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000000)=0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x28, &(0x7f0000000440)}, 0x10) prctl$PR_SET_PTRACER(0x59616d61, r2) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:22 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:18:22 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0xb}, 0x2c) 12:18:22 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:22 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x7, 0x0) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f00000000c0)={0x0, 0x0, [], @raw_data=[0xfffffffffffffff8, 0x7, 0xd6, 0x3, 0x1, 0x80, 0x0, 0x4, 0x1, 0x0, 0x0, 0x100000001, 0x7, 0xffff, 0x1, 0x4, 0x20, 0x400, 0x9, 0x10001, 0x217f, 0x9, 0x8, 0x5, 0x7, 0x8, 0x7f, 0x2, 0x10001, 0x7fffffff, 0x6, 0xfff]}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000180)={0x2}) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000040)={0x10000000}) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x40000, 0x0) 12:18:22 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001}, 0x2c) 12:18:22 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) signalfd4(r0, &(0x7f0000000040)={0xb4000000}, 0x8, 0x80800) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x4000, 0x0) syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x400000) 12:18:22 executing program 3: unshare(0x28020400) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x2000) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) r2 = dup3(r1, r1, 0x80000) ioctl$VIDIOC_SUBDEV_G_CROP(r2, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x1, 0x5, 0x400, 0x81}}) 12:18:22 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$NBD_SET_FLAGS(r0, 0xab0a, 0x6) fchdir(r0) 12:18:22 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 504.739857] QAT: Invalid ioctl [ 504.757141] QAT: Invalid ioctl [ 504.794654] QAT: Invalid ioctl [ 504.815811] QAT: Invalid ioctl 12:18:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x1, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x200100, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100000) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:23 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000080)=0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) 12:18:23 executing program 1: r0 = socket$pppoe(0x18, 0x1, 0x0) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="81baf18984c536e1fce33906eddcaec4ee10d2598ca45c1dd275e0321140035e40855becd571ac56", 0x28}, {&(0x7f0000000100)="9d9ad9261ab7df541abad3545248298390322bea74086ff6bbc2f047dd0586ee3eb7b4d8af85bf2fccb5f3b174f33ea8934b063418446d36b56b77256c5b5f73932526b8fb295b038e112013cad01515ae1bc71236aa6cfe2fe0e37e33552e4585ab8f36d4d1ea87d4ba69ff6e37d347bc3dd741b4b89d303c9611db56dc9988f149a3e190f2b696e26ce5", 0x8b}], 0x2, 0x400001) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:18:23 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:23 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x0, 0x81, 0x200, 0x10, r0, 0x1}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 505.099325] QAT: Invalid ioctl 12:18:23 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000080)={0x0, 0x2b, "efdb357c30937137b6ddf8fd7bfc6e774ed1a7835c022dc48c8bd31601d0c604b47f2b7c0290cdd810964a"}, &(0x7f00000000c0)=0x33) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e21, 0x9, @ipv4={[], [], @empty}, 0x10000}}}, &(0x7f00000001c0)=0x84) 12:18:23 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 505.429842] QAT: Invalid ioctl 12:18:23 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001}, 0x2c) 12:18:23 executing program 3: unshare(0x1ff) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'trusted'}, {0x20, 'vboxnet0'}, {}, {}, {0x20, '-'}, {}, {0x20, 'vboxnet1'}, {}, {0x20, '-'}, {}], 0xa, "42a17402a63a65472594eb249fefaf64d7bcd48af30050e50a93a2e87ef641a48a16ce99399de0c59c7c3b6d64913fe0e9c72edf54f0628bd015b969bde7e749e8d4db788f3c2051bcb876e1456116d11731919b2d6356360dcb2b1d8130cc8907b150defc8d813e83504fa7dd6e82faed1512d3936e0973a75e6d2a89ebd918665e24429db8a76db69dd415d9ad67a18e011ee4c25ee3491996"}, 0xc8) 12:18:23 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x4, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) fcntl$dupfd(r0, 0x406, r0) 12:18:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x6d1) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000240)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) readahead(r2, 0xffffffffffff04ec, 0x1) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x218000, 0x0) getsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f00000001c0)={@loopback, @initdev}, &(0x7f0000000200)=0x8) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:23 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2100, 0x0) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000080)=0xa05) [ 505.729863] QAT: Invalid ioctl [ 505.745157] QAT: Invalid ioctl 12:18:23 executing program 4: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x101000, 0x0) readlinkat(r0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/164, 0xa4) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x4, r1}, 0x2c) [ 505.898742] *** Guest State *** [ 505.902357] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 505.911256] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 505.920346] CR3 = 0x0000000000000000 [ 505.924180] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 505.930203] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 505.936335] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 505.943121] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 505.951168] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 505.959329] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 505.967412] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 505.975543] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 505.983629] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 505.991648] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 505.999782] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 506.007866] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 506.015995] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 506.024103] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 506.030556] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 506.038164] Interruptibility = 00000000 ActivityState = 00000000 [ 506.044501] *** Host State *** [ 506.047747] RIP = 0xffffffff812b0dfc RSP = 0xffff88805e17f380 [ 506.053909] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 506.060388] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 506.068373] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 506.074396] CR0=0000000080050033 CR3=0000000062dac000 CR4=00000000001426e0 [ 506.081478] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 506.088337] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 506.094499] *** Control State *** [ 506.097999] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 506.104822] EntryControls=0000d1ff ExitControls=002fefff [ 506.110331] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 506.117405] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 506.124191] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 506.130821] reason=80000021 qualification=0000000000000000 [ 506.137291] IDTVectoring: info=00000000 errcode=00000000 [ 506.142833] TSC Offset = 0xfffffeed0ca72789 12:18:24 executing program 3: unshare(0x28020400) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10000, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000040)={0x0, 0x0}) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={r1, r2, r3}, 0xc) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r4, &(0x7f0000000100), 0x0}, 0x18) 12:18:24 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)={0x7, 0x0, [{0x400, 0x1, 0x0, 0x0, @irqchip={0x4, 0x7ff}}, {0x40, 0x4, 0x0, 0x0, @msi={0x9, 0x100000001, 0x2}}, {0x4, 0x1, 0x0, 0x0, @msi={0x100000000, 0x80, 0x6}}, {0x401, 0x1, 0x0, 0x0, @irqchip={0xfffffffffffff82f, 0x7}}, {0x2, 0x0, 0x0, 0x0, @adapter={0x10001, 0x9, 0x1, 0x8, 0x1}}, {0x5, 0x1, 0x0, 0x0, @sint={0x8, 0x1}}, {0x8, 0x3, 0x0, 0x0, @irqchip={0x1, 0x4}}]}) 12:18:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:24 executing program 4: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0x1, 0x28, &(0x7f0000000200)={0x0, 0x0}}, 0x10) r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={r0, 0x0, 0x8}, 0xfffffffffffffec5) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x101, 0x0, r1}, 0x2c) fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000140)) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r2}, 0x2c) fsetxattr$security_selinux(r2, &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000100)='system_u:object_r:unconfined_exec_t:s0\x00', 0x27, 0x2) [ 506.147199] TPR Threshold = 0x00 [ 506.150596] EPT pointer = 0x000000006b11c01e [ 506.203433] QAT: Invalid ioctl [ 506.206953] QAT: Invalid ioctl [ 506.229832] QAT: Invalid ioctl [ 506.238233] QAT: Invalid ioctl 12:18:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:24 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) flistxattr(r0, &(0x7f0000000100)=""/160, 0xa0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 506.425727] *** Guest State *** [ 506.429268] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 506.438321] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 506.447332] CR3 = 0x0000000000000000 [ 506.451081] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 506.457160] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 506.459500] QAT: Invalid ioctl [ 506.463267] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 506.463300] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 506.463337] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 506.463372] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 506.463411] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 506.475749] QAT: Invalid ioctl [ 506.481358] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 506.481393] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 506.481430] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 506.533496] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 506.541509] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 506.549610] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 506.557682] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 506.564208] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 506.571692] Interruptibility = 00000000 ActivityState = 00000000 [ 506.578014] *** Host State *** [ 506.581245] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c07f380 [ 506.587347] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 506.593866] FSBase=00007f3a33a69700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 506.601700] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 506.607872] CR0=0000000080050033 CR3=0000000062dac000 CR4=00000000001426f0 [ 506.615011] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 506.621717] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 506.627931] *** Control State *** [ 506.631428] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 506.638231] EntryControls=0000d1ff ExitControls=002fefff [ 506.643793] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 506.650753] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 506.657544] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 506.664240] reason=80000021 qualification=0000000000000000 [ 506.670600] IDTVectoring: info=00000000 errcode=00000000 [ 506.676196] TSC Offset = 0xfffffeecbe5960d4 [ 506.680556] EPT pointer = 0x000000008b6b301e 12:18:24 executing program 2: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001}, 0x2c) 12:18:24 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) prctl$PR_GET_FPEXC(0xb, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) write$cgroup_pid(r1, &(0x7f0000000140)=r2, 0x12) 12:18:24 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x8100, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) ioctl$TIOCCBRK(r0, 0x5428) socket$vsock_stream(0x28, 0x1, 0x0) 12:18:24 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:24 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000100)={0x2, 0x9}, 0x2) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, &(0x7f0000000040)={{0x7, 0xa41}, 'port0\x00', 0x44, 0xc0000, 0x1, 0xffffffffffffff8a, 0x4, 0x8, 0x5, 0x0, 0x6, 0xc94}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000140)={0x3, 0xffffffffffffff9c}) [ 506.886292] QAT: Invalid ioctl [ 506.898849] QAT: Invalid ioctl 12:18:25 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 506.969324] *** Guest State *** [ 506.972872] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 506.981792] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 506.991628] CR3 = 0x0000000000000000 [ 506.995504] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 507.001542] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 507.007656] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 507.014479] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 507.022613] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.030630] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.038734] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.046814] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.054947] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:25 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000040)) 12:18:25 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xe, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0, 0x1000}, 0x2c) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x6, 0x80) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x29002404}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x124, r2, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1d4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x87}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xa7}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x401}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5f}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_team\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x100}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x800}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x100000001}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x13}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'lapb0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5}]}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'erspan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x4000}, 0x2400c000) [ 507.063026] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 507.071049] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 507.079189] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 507.087288] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 507.095372] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 507.101821] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 507.109404] Interruptibility = 00000000 ActivityState = 00000000 [ 507.115728] *** Host State *** [ 507.118960] RIP = 0xffffffff812b0dfc RSP = 0xffff88805fe6f380 [ 507.125072] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 507.131526] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 507.139480] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 507.145549] CR0=0000000080050033 CR3=0000000079909000 CR4=00000000001426f0 [ 507.152727] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 507.159437] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 507.165596] *** Control State *** [ 507.169087] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 507.175851] EntryControls=0000d1ff ExitControls=002fefff [ 507.181344] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 507.188373] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 507.195143] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 507.201769] reason=80000021 qualification=0000000000000000 [ 507.208204] IDTVectoring: info=00000000 errcode=00000000 [ 507.213754] TSC Offset = 0xfffffeec74d7e743 [ 507.218108] TPR Threshold = 0x00 [ 507.221510] EPT pointer = 0x00000000641c901e [ 507.249805] QAT: Invalid ioctl [ 507.281443] QAT: Invalid ioctl [ 507.326113] QAT: Invalid ioctl [ 507.330236] QAT: Invalid ioctl 12:18:25 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:25 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x1, 0x0) write$9p(r1, &(0x7f0000000100)="3d0246681d944e35e4034c408a0ca28b9a7fd9f36d1c40c21233def0ac7bc390dc609c6ffbcc88d9730788cf49e96411c52d56ea84063b69e9964de16ed333c97fdf8f2328ce036e1ad6702fabda3a6e2301c330c9574fd1d4cd1ffdfce1dd1c66ec5724af419fad837daa91b6a3e86638fdd7a17b9a30cabc3b8df872a2ee4aa5fae2090ddaa251ff45765336c5d1b461", 0x91) [ 507.387961] *** Guest State *** [ 507.391398] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 507.400461] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 507.409464] CR3 = 0x0000000000000000 [ 507.413303] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 507.419320] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 507.425569] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 507.432381] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 507.440425] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.448575] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.456716] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.464854] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.473009] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 507.481045] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 507.489196] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 507.497315] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 507.505489] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 507.513725] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 507.520314] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 507.527950] Interruptibility = 00000000 ActivityState = 00000000 [ 507.534331] *** Host State *** 12:18:25 executing program 1: ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffffff, 0xc0184908, 0x0) [ 507.537592] RIP = 0xffffffff812b0dfc RSP = 0xffff88805fe6f380 [ 507.543769] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 507.550238] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 507.558589] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 507.564636] CR0=0000000080050033 CR3=0000000079909000 CR4=00000000001426f0 [ 507.571737] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 507.578623] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 507.584811] *** Control State *** [ 507.588310] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 507.595152] EntryControls=0000d1ff ExitControls=002fefff [ 507.600670] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 507.607813] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 507.614644] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 507.621301] reason=80000021 qualification=0000000000000000 [ 507.627864] IDTVectoring: info=00000000 errcode=00000000 [ 507.633440] TSC Offset = 0xfffffeec390c4a50 [ 507.637821] EPT pointer = 0x0000000072a1c01e 12:18:25 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x4800, 0x0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000140)=0xe8) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) r3 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x200, 0x2080) sendto$unix(r3, &(0x7f0000000240)="05f8b1522cab1fe6138924e72caa07d364925fa760b0df82e40d71cd6729e75130cdde08dca92be6d6f7b4fce84f0783713078c8645e037ce99e0400e46f247fe0f2511ccdcb986b0691afe5", 0x4c, 0x20000000, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:18:25 executing program 3: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) unshare(0x48000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:25 executing program 4: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x2000000001) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x4, r0}, 0x2c) accept(r0, &(0x7f00000001c0)=@in6={0xa, 0x0, 0x0, @ipv4}, &(0x7f0000000280)=0xe3) 12:18:26 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f00000001c0)=@ethernet, 0x80, 0x0}, 0x8c0) 12:18:26 executing program 1: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x8080, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000080)={0x6, 0xffffffffffffffff, 0x1}) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) [ 508.008615] QAT: Invalid ioctl [ 508.028445] IPVS: ftp: loaded support on port[0] = 21 [ 508.140462] *** Guest State *** [ 508.144018] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 508.153007] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 508.161963] CR3 = 0x0000000000000000 [ 508.165719] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 508.171729] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 508.177834] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 508.184706] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 508.192808] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.200829] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.208939] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.217077] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.225186] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.233406] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 508.241442] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 508.249584] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 508.257731] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 508.265860] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 508.272372] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 508.279855] Interruptibility = 00000000 ActivityState = 00000000 [ 508.286236] *** Host State *** [ 508.289472] RIP = 0xffffffff812b0dfc RSP = 0xffff88806401f380 [ 508.295612] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 508.302136] FSBase=00007feb364db700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 508.309991] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 508.316015] CR0=0000000080050033 CR3=000000005f419000 CR4=00000000001426e0 [ 508.323164] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 508.329882] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 508.336070] *** Control State *** 12:18:26 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x800000000000000d, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm_plock\x00', 0x1, 0x0) ioctl$VT_WAITACTIVE(r1, 0x5607) ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000280)) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r0, &(0x7f0000000080)="d4e1dc26519a4b85237adeec2e04ad84dd33c918f8b67b1e35e7b9cc914ce013c0b1e5aa58712132c7bc7ca5373f9dc1645c3479ea717238c45cf6da3134deb6cfe0e8829d107dd97c9351e296aa5b1a9889b46c6667ef8b2636a4dcea3f68d672b9708f33b17dda4769f7", &(0x7f0000000100)=""/224}, 0x18) bind$alg(r1, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58) r2 = gettid() ptrace$setopts(0xffffffffffffffff, r2, 0x7fffffff, 0x1) 12:18:26 executing program 2: sendmmsg(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}}], 0x1, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e1f, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f0000000440), 0x400000000000211, 0x810) 12:18:26 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:26 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x105200, 0x0) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 508.339565] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 508.346379] EntryControls=0000d1ff ExitControls=002fefff [ 508.351967] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 508.358950] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 508.365825] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 508.372564] reason=80000021 qualification=0000000000000000 [ 508.378932] IDTVectoring: info=00000000 errcode=00000000 [ 508.384530] TSC Offset = 0xfffffeebd664046e [ 508.388893] EPT pointer = 0x000000007a02901e [ 508.472049] QAT: Invalid ioctl [ 508.530240] IPVS: ftp: loaded support on port[0] = 21 12:18:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) flock(r3, 0xfbfffffffffffffd) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:26 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:26 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='environ\x00') openat$cgroup_int(r1, &(0x7f0000000080)='rdma.max\x00', 0x2, 0x0) bind$vsock_dgram(r0, &(0x7f00000000c0)={0x28, 0x0, 0x2711, @host}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x20000, 0x0) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000140)="b762e5c5074808e202bd8b8c1705dc38a926c48bddd1df6e62b660c4fae4551b98fec143ca95c192a6a719148bd206a42115fe0eb8cb2cc36db195a1e2a3e340790d192a41ac451a972927a777ecef256710d06c4c9074670d6ffb2b930545712584e3799a6ecbc836e5e2eae6263b144feb3f5a5ca766f9b710c82f1551354a4defd02178a7d0426be5a5af0e8b2dea520d97dc7172e197906567041bc5e7b7d005e58f48504c5d837b1b5ccd65c45e8ba9bebf807e651736569a7e9252426efa4c2c01b4b8f004fcbaf75309459d664d4c4dbd5cf9d40d07255a946411") [ 508.795585] QAT: Invalid ioctl [ 508.823345] *** Guest State *** [ 508.826758] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 508.835830] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 508.844859] CR3 = 0x0000000000000000 [ 508.848613] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 508.854709] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 508.860785] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 508.867594] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 508.875687] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.883795] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.891819] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.899923] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.908048] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 508.916118] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 508.924268] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 508.932340] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 508.940363] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 508.948467] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 508.954969] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 508.962535] Interruptibility = 00000000 ActivityState = 00000000 [ 508.968792] *** Host State *** [ 508.972124] RIP = 0xffffffff812b0dfc RSP = 0xffff88806349f380 [ 508.978162] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 508.984712] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 508.992600] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 508.998543] CR0=0000000080050033 CR3=000000005e34b000 CR4=00000000001426e0 [ 509.005684] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 509.012470] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 509.018557] *** Control State *** [ 509.022133] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 509.028840] EntryControls=0000d1ff ExitControls=002fefff [ 509.034414] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 509.041376] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.048188] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.054859] reason=80000021 qualification=0000000000000000 [ 509.061215] IDTVectoring: info=00000000 errcode=00000000 [ 509.066786] TSC Offset = 0xfffffeeb7a2a6ba2 [ 509.071136] TPR Threshold = 0x00 [ 509.074645] EPT pointer = 0x000000006120b01e [ 509.167859] *** Guest State *** [ 509.171277] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 509.180325] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 509.189359] CR3 = 0x0000000000000000 [ 509.193159] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 509.199195] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 509.205298] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:18:27 executing program 3: unshare(0xf5cb39ff13233978) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x200000, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x3, 0x1, &(0x7f0000000400), &(0x7f00000004c0)=""/177, &(0x7f0000000440)=""/36, 0x1}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vcs\x00', 0xd0042, 0x0) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000380)={0x7, "da0339840ad2bca21fd3d0843fb93d472b2274c0388516251043a31bbc71c115", 0x0, 0x8, 0x43665865, 0x18, 0x7}) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000200)='trusted.overlay.redirect\x00', &(0x7f0000000240)='./file0\x00', 0x8, 0x2) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000280)=0x0) prlimit64(r3, 0xe, &(0x7f00000002c0)={0x3f, 0x5}, &(0x7f0000000340)) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000180)={r1, &(0x7f0000000000)="90ddece2c94bd398dab99b80e83463f44d1f24e6bb726b25ce3db87b15530dfc2b4bf8dd45f77ad3086e0e95fd4250ce84e1bd132f9b29c8b655fd19e9132265ff32a78fe05a0bec5c09d2b7113ea96ee0f3a0353bc6adabfe8ddb2433f6cc21c0f136eb77777907d3cba609920809", &(0x7f0000000080)=""/248}, 0x18) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) 12:18:27 executing program 2: sendmmsg(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}}], 0x1, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e1f, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f0000000440), 0x400000000000211, 0x810) 12:18:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:27 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80000, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0}, 0x2c) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000000080)) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) 12:18:27 executing program 1: io_setup(0x4, &(0x7f0000000040)=0x0) r1 = syz_open_dev$cec(&(0x7f0000001700)='/dev/cec#\x00', 0x2, 0x2) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000001740)={[0x6, 0x7f, 0x8, 0xffff, 0x68, 0x10000, 0x0, 0x1, 0x2, 0x2, 0x1, 0x1, 0x5, 0x82, 0x8, 0x3ff], 0x4, 0x100}) r2 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/dlm_plock\x00', 0x0, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000016c0)={&(0x7f0000001680)=""/48, 0x22000, 0x1800, 0x80}, 0x18) r4 = eventfd2(0xffff, 0x800) r5 = dup(0xffffffffffffffff) r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001200)='/dev/uhid\x00', 0x802, 0x0) r7 = socket$key(0xf, 0x3, 0x2) r8 = syz_open_dev$sndtimer(&(0x7f0000001400)='/dev/snd/timer\x00', 0x0, 0x20800) r9 = syz_open_dev$sg(&(0x7f0000001500)='/dev/sg#\x00', 0x401, 0x200) r10 = creat(&(0x7f00000015c0)='./file0\x00', 0x128) io_submit(r0, 0x6, &(0x7f0000001640)=[&(0x7f0000001100)={0x0, 0x0, 0x0, 0x7, 0x10001, r2, &(0x7f00000000c0)="eeace2795ebd5071ebda43235a72041081bc947535793e8e36e6c9063dc6c432fe1b490c69fb0af49a09a8f03ffa0eabf1256aaf6d9f76513d2faba7bb1840a294284f6a0892aace96d45076c3a9205135452e816e92c6f2e453c999dbc02cff33addd5ca9671ea10540a4193993c9d3edec30569b4a9c595aa325d092eab8d8e2b290c565373944a739c8d7036c4b88c4c6ef802e8284022b2e6969c903b276995be404cdd3dff52a8b914275aa491ece2a715d9d75b9d6161a9f77eee0a63a89f79ceb3113261d31a5cee76d34e021b3e34a08827c464515138e9814b108b3513081d6d24f369dc5159ef215fa2cfa51497c6007360c8c76500044447ef18d1cf7ade07f9d56dd3e34de8422bc425b3457291ebe1729e5c99b2bd2d1d192e709dca3c2cc0ef2b4e502688c4c16d044de93c845a2169ba99babf24c411254e6c4b57a62868bf5b8e54d3dfb16293ed85fe747cfe5ff320f33c50d7be46cab6e592eaf8c2362ee86a133b13a4353ebf2f7f8ed55d66bd63dd5ed11a86b2294a86097d3e18d35d3f2557c9e0e437e8a2fb3597c7adce7c7d97cda8f3b42e9296b4be9d50db3fb4020d09caf2607b7164b8924ef367453110e64995826dd67b4b71ccf9876734b40262616c1025b0b5a585c18888c6838e41e31510b0af660e7cabb5779459c3b04921e8c27fa681d64a2646879bc41fa76001cb19f0fe81f3975457684469a6ea1a4b5595e444706073afcb46f310b45b6b842f81e492d35772b771385936bd52a211e7f694fd7607bc30b0694cb757ed4409be825f1fac972968bd447cfde83b33ff34f5b30669ecffd91336189dac4462228a5964542312d2d854261a68c36701eea76e968eee87c2d2beea4e40661f1256c6a39ef010886e90d40045650e05f70467ede50a279ce85cdcb4740800387102200245a2683211f5803c4850c86b55eaecc5152e5633b5fb1796b449f7aee257399358be734b64af86780999e92f5174f08b291baa73ba2a44d2634c00fa49bc94be653ec14e33d0aecdeedc3a27c8c58f9280f7641e9ab91aad8a7c8213d30c187f6f0fe1a93fdfe486d468f21f0a18badf314ba323e07a0b7d321bc5444b8bf55d14c25ee41903298a0a0453262e75e11e08b7e0d572a0fc21c0710b11b3f35ad177e00df14cdf48cdc671aac1c99563ada3aeb27c4c4df07354f06eb0f2990f393a0af572cecf53e13e12730a28457072ab802848d6284ae601fbeb51b3aba1548bb3a80d08609cfb070f3f816d728d5f78606d14d647dd686a76deb89fb1c38cb2062f75f923a482dcecb75bc6c5e5ffc3a83655c8107a0d2a9853f96e823bc4836bf90d1948d60068ea78e018f5825d379dfd226ad42e6bc570574cfcb0560b11db44e4f9b3a772eb46a9402f918685a2ad2774497978767bad58b7cf866e8356bf99fac349566b88ca308410dcc70adfea814661d22ed7fe19aa12f543ae3d4d17c6fea5ad7392d476cfc7a6bce80572d587f479da9ba2509d8295193386a1bd6eb65d812818808b942154439cc5ca7809c648279356d491e6190ac384bf54ac359249d0a3a644ed0bda790c583ee37dba6b69229a1646f1f26dee9e47d765157ee79af05760941ccf5e8d73ab924651f1bb544dc8c9e9a25efc738b1bf4dc6f14f7867d839c5a5652a202b7c4a776931bf32f5f1c69bd108931198e512f4a53e6cb192e1c368465fe0f55e805f0c25361f3cbefc8331450cf098b46dfa9215d58265bc34ee473d0d3764e5164ae4b0549682d31d6682b8aeb8f1a525fa3cc281aef4969c9a5b0d73418ae92bc5b83a1ace34ff5dae01ab5806912db5a602fb95325e5e5f84a3871e738fb87e5ded758e78b7118ea7fd6dee57119844b7b4d444413bbd528a87a8e8ab54b5a98d61799118d51169bd592fd0da804505c1c34da59b306280c1a2b3d93f523137e63e0904f5972c3ec10e850a2402604f1a543b5dcae847c4c24105b55188c547f65d02cf6446a3bec79311527d10270de7d1a265ff308338686905b4d10b618eec9988b219143d47e06e15ac513a49bb6fde181889ec1eea30da7df9383596f0ed3caca7c3f913178f24870414fb2f1896a8c85fb7efc2c7cb34a238040770dc42f1181ba6cfca3a0a75eeaaf9c15f014e1504134cf6150d6594508424745e0384f67746e60a759e3d6c0592b3d7730de70deefaaba0c98cbeb58f52e7082186db7a7bda67590ca14541fa8c93425bbede0f0a29dcc8524c06d5b2d7835a0bb0ad11dfa7bb86d354d9f1417d74284d1c92c2cd7231c509a7d076e5d3d81b8d12766fc1f5ba014d846e41834d7a6fa66c1bba108574dff20477ef56f2079f6e2ed0728193dd1185f07fe74adedea21cfeb11234ee353c582547d04c5367c14af4698f513ec982a9b8a5b28767457e44ac83365ce2d7b61e77ac2e3ed253e100cca9a7b9bfce1b15bf4fa0f9a3d7211a14663e939b2072ff8a21d1f17cecec36e83cfbc8e415fbcc4f66665992003db82f2a09e368930ea70300b0da19ca243daa79b846c44541e8dba9379ce396bc5a70f82935e3f779ec390683cce5871158d31a0c440d36699c4cbe04c280eb9b751b18f04ffd40248dfbe8834f32f17958a5a28f63a1acafe6b9cebe836ac9287f05ec70928d9b52236dafe76583085d5312d4ccdc9ca73023b8a87bceec6406d134147104f4541961d227f560f7dd33ed04599049893c866e9902e4deae049fe325e3a5b7c3cf9a630f7727d0f633934ca9602ba34dc346a6167f76a026d3adc70bb7b734ed6e2b026b5b598bc6ba77b52beb8d3b527a04f4df86313962d5b4311b21e50483a715e0d80054554a2c9c691071690df8e1c431c61d32236e8d14f91db9de60c714983334b86b1a2b9d61cca4c9b2bcfc7cd0558772155c2c5414dfad8891d0cfb0632b18b52630d5192cad47aca5d1f8dd0b907b5e8e87e1e1b729ef7be26bfcfdf9306880603cc7875b78b80d310bf6cd0a5f9870d62d48f3517aa7bba6a3b098c1bd4c4d1f42a7df272c04fc63b6799811f060dab479185b7b6b3a20c3c7873c70bde16d37cdb5f4868cacaf904c6c4d61baa7142182f33938f1cc1364ba25518fd2746fb4bc61080f4f9036c24d7249a2ee3d01b9a5441e80b0de6c2d9ed512ccee768c654a784261bf3d7a79acefefbcaf71addfa6053661e3d0e6fb12af326c086bcfdc24400243e2028ea378e1952c065fbf4b3233ed499b1a22a65743343aea789669858b30d70963ac0b1d2a4abe51d9e740d360a9e20d50db269493b29a4802b6b0e8b00e54e1895542519eebc6237bb8afca07f6334014854040f16bdc95b14d4f0a74cd179f66eb43c681f7ca4897cedaf23c04408aa2c2f0999f04740e5f494bf0f86c31fbf45f026be8f1809d6783ea02d8643a97242d3147aef2844bf7e3a6990129b34e864765d1fdf0d8bc7be52fb8b8516aa1a59cff8e8c90da5da22a6353736c92de945c770566d53848a132f21f858a87153c00c950e9c56c109d24663cada2729384ab48ca4506368496f25b52af7f1395d4af7e6d0108508ed6670dd6833923653c612f844f35a0060a50ae8b28dfe568c5a84566477cf83c7d87904265c739f2fb46c6f41a8adb5069ef37905939f8e3c01ae1f88b564d2aac3272078dd75f0ef8dd16780e97a77acf33ef13bd643f6f026e59c5f8b4cc9e23cf0ef9f6a46043b27d933821b69ca3b3e470bd9888c73559444c0bdb192bfe0103e906909ed1e454547eec16705afc8074a578440c4bde84862fd21b4c1d98538db4bf1b05128144c9ff2a25b98300a9856a887bb853a3ca68b361cff721413ddc22f63f14c923afd6a8f55b97f073ce7958ab47c5e73a9a3bff279e28938496c0759afeacb78b11a0b742e9fab6cceb529e7e97280eacb34872d006b5c418f2cec01147350cc04564fcebba62c2f8a2f8e9010fbc2bf079a01b55d6de081575be0c0f93382f769f88f5b8b0ea6a363d362cd561e677185e29e49c06e77852ddcf39b0d2baf8365e39c7d0e74705bed78bd9783defba30f4f4f0c5ab7ba01249ab582f15014642fda6e63b5a24ba2b5e6f0241e73f407b6659d4d66d5ca0153a1c6afcee70912ae165617655996a05e641d649af73ac21c07ae9129fb0b85cb3315c568698eed533c6d7cebde16f98510257bcb64f462607850af195014f344df890df559258b98f0d2f3458993fb80f17cf5ffb7f9e6be59f7047f9d0a64fbc1969501878c1dc999ca6e7191ec5fa0881c34efe3844dbb943e765346d45adb091eca0a84b7794f4181970c1df723ffe21867962b2d7b15d44f2887b95bf6422064c5d6da29bbf4df0a6822b0e27a94868dd919a1b4d6b7768d8de7d1cfa085aa472d977d379fcc3a7f329a23c6c0e443822e82fe650cde5dda6c8d838d6dc25e5615db16154f79124793ffb4c81aa63f737810ffb6a0cea420c2eb8536138b2eeb2680921323cc12d4def6048ad0a0471adc335e6535244c35eedcda2c31637584864200f81a5ffd6f3f7aa462b8890a2441abac608f1438d8ccf83897f93685ffc4e611693f9a49bbd2ca732a50219beb628681cc7b2fedb180a4d849840bcf81d5ffecc64f2c0638c86b754cc27c46292ad5d64564562c96ec13437b71888bd40df5411ba89a5b96d0c1fb76eef331a196759fcee41fda77ae967e320af1c2017c58d2bd58688053a4d206c088ddd7bb2932355dc35fa4c1844aabe93be6abe02dc3e51a75e0c2eabc1d834e9e55af9220a0285802d443678fadf67555edc054a691e3ca79531e1c8612a9b3079d50fe67119dd51cd98ad7a4f1d0461f6696f07cab93f710994e0fabc1922899f6edec3134e80399165a5c954d6d89b8ada3e217f7d2e1cb18c0b944535d2609ba211d08653db3f7699ef9c9e724a597534e9d25a1c010806972ac9e7f43eb5dd036ba1e38da191f95378712b884847e01f83baa599fa47a91760526ea4b8897e819241cdd3aaee246da9762c3770b0805821b818464c398a0c3a982ca2a3d0091adf79f72e9a37c10eafaa020e6fecbbe8c3fa6ffab2b57d4f2cdbd282a79c30c7eb8013452c97ba26f84c331dc6bcc5a746cbca0be43176d1a034316370b99c3f2d0c0115832d61a2f394df2f1ee29977469acb55791a74465ea73ad952a75380627eac1bf5ee04da246a44f7e9ff537f216d5314b49c9fbe3f2fa55e45aeaa5e4601a2e507abe8726dbe78d9142ae443e1b83be7c87cfd3959cf6c9142e7e0c3fc275166cefb028f33d46d7e0baf8680046e82e7a8d3d19b122f98eaf4f4bc6d6b6ae255860ef349a459813a567668ccb5d3aa04c0de5227a067d27435534c51cc46f08cec4c8b6c764d1f1068cec1d6caf762dc544feefb60a1207362f841229d3b73de4f3d7c18980a1bb622363969162edb0dc194db5dccdc5234b471067a9eec628cc264b459673729571be75828e44b7edfa91e581eb27f0488eaed802739f4292f622a943f406268691a894159800c6012d00cd31a0f00b4979d0d15b491aef3c743bb171bc0480f1dfa01c37398280bd8f07c760914728ab00077ddce32b490a9f0e997ebd684d964f2031868612340f48d66b7171d2e97acc3fa85de66ebbac167f5c134b153afd3e6a1c4e50d66458d0e632de45794fe08ae8485966676876039766b7e15624c9c4cea5d2c74352421c790a2d3446072a4c4f5e44790c9222b3e5143f8f0f53eab0fc02e8b734cc41fa99ed89701bc82f2710371d2a7504b3e1ccbe9de97fe146accd82c2a", 0x1000, 0x1, 0x0, 0x0, r3}, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x7, 0x101, r4, &(0x7f0000001140)="b11e29cece8c0294deb775396b46a2df513b7568ec36cfd86c050b3924a321d2773bfb4a921a83c4110f238459f5d9ae01a8a67dc10a43f792cab6ba2ac8aef4ab6d376faba26f564890516cc51e249afdc075da67bb381f08e74a1d8e4246756339c321ee08ababfd5e", 0x6a, 0x8, 0x0, 0x1, r5}, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x4, r6, &(0x7f0000001240)="03ba8a3cfcd834abaebbc0914bf749a42e171b2bccb0030f91bd3a86cfa938c6ffcbb0eaa73c8a9cc75d868093ef842ab2c5b3921bab2d0b6b6e3a8ea2f88475402a38f311ee66fb0d30e9085f89459894d74ede83d99f780064ba55cfd4ccef78b5ff7c5af2e287bca16c9aeec8e65dd025d072a85fd8f262cbe644b0a17034e2cc8e7378bdc9eca3b4521a6e7a8de3dd522f8ab2e505ced9f4232842728dba4fae85fc8f26", 0xa6, 0x8, 0x0, 0x1, 0xffffffffffffff9c}, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x2, 0x3f, r7, &(0x7f0000001340)="8b1756c8c955ef5ad07b3fedec5718c32c229f6ea6fb9b887102d35fe7c252d67509cff40817ab6095fcc4a411037a6cf984eff2f7fb68eb0926033eadb94f6f9272b7f21b52c5da4b8b5fe5d0365b94637b2694c30a2f871fb395635fabc86e0ba89283c7203e2869fd8054879eb1ba8d17e0", 0x73, 0x8, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x3, r8, &(0x7f0000001440)="697d6d7b5e5acc36f3bdb6bacdb9f8156e25ace3d973087f4bb41b5db89be03dcd9eebd37dfb4d7b5b1c535aa99545791181f7d9aee5bd5847217318852e0bab3e619b61ebb71f1ef29ba483dc35c716df878ce74ed94d8f287c1797b50b2a25b8777bbedec4b1c158261309d94b6d61d6", 0x71, 0x2, 0x0, 0x1}, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x5, 0x2795, r9, &(0x7f0000001540)="80ba3a8ed1c09bea77cd29bb831956ba7ebf0523127745f936ee8e33a1c351cceda164bda6021e5a61729a552bb8517e096a331b0a3ee2e2cde31316d13d41d7a9d40e01322d979a2e731e9ddef95af22100d0f2ee69f21b894b281c78aba6437e394c1334cfd3349be0202b527eeb17cd92a5760587", 0x76, 0x6, 0x0, 0x0, r10}]) r11 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r11, 0xc0184908, 0x0) [ 509.212099] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 509.220166] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.228264] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.236333] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.244401] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.252482] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.260485] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 509.268582] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 509.276669] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 509.284781] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 509.292843] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 509.299293] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 509.306872] Interruptibility = 00000000 ActivityState = 00000000 [ 509.313189] *** Host State *** [ 509.316435] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c07f380 [ 509.322553] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 509.329008] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 509.336945] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 509.342931] CR0=0000000080050033 CR3=000000005e34b000 CR4=00000000001426e0 [ 509.349989] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 509.356792] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 509.362928] *** Control State *** [ 509.366421] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 509.373216] EntryControls=0000d1ff ExitControls=002fefff [ 509.378710] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 509.385730] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.392490] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.399106] reason=80000021 qualification=0000000000000000 [ 509.405509] IDTVectoring: info=00000000 errcode=00000000 [ 509.410993] TSC Offset = 0xfffffeeb43090bef [ 509.415400] EPT pointer = 0x000000005e69901e [ 509.453933] QAT: Invalid ioctl 12:18:27 executing program 3: unshare(0x28020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats\x00') bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000000), 0x0}, 0x18) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x10}) [ 509.479884] QAT: Invalid ioctl [ 509.511699] *** Guest State *** [ 509.515144] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 509.524132] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 509.533096] CR3 = 0x0000000000000000 [ 509.536867] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 509.542925] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 509.548960] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:18:27 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x12, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'nr0\x01\x00', 0x4006}) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) socketpair$unix(0x1, 0x10200000000001, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000140)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r1, &(0x7f0000000080), 0xfdef) [ 509.555854] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 509.563972] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.572072] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.580097] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.588164] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.596255] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 509.604395] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 509.612523] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 509.620537] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 509.628616] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 509.636738] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 509.643294] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 509.651321] Interruptibility = 00000000 ActivityState = 00000000 [ 509.657689] *** Host State *** 12:18:27 executing program 4: r0 = syz_open_dev$cec(&(0x7f00000002c0)='/dev/cec#\x00', 0x0, 0x2) ioctl$RTC_UIE_OFF(r0, 0x7004) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r1}, 0x2c) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) r5 = getgid() r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000008}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r6, 0xc10, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x1) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000000280)=0xe8) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66f73b9267c819ef530d05675d8f44ba3d", @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=r4, @ANYBLOB=',group_id=', @ANYRESDEC=r5, @ANYBLOB=',allow_other,max_read=0x0000000000000007,blksize=0x0000000000000400,max_read=0x0000000000001994,allow_other,fscontext=user_u,uid>', @ANYRESDEC=r7, @ANYBLOB=',\x00']) [ 509.660922] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c68f380 [ 509.667097] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 509.673595] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 509.681431] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 509.687445] CR0=0000000080050033 CR3=0000000061eb2000 CR4=00000000001426e0 [ 509.694563] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 509.701276] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 509.707459] *** Control State *** [ 509.710960] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 509.717752] EntryControls=0000d1ff ExitControls=002fefff [ 509.723304] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 509.730274] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.737068] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 509.743767] reason=80000021 qualification=0000000000000000 [ 509.750131] IDTVectoring: info=00000000 errcode=00000000 [ 509.755720] TSC Offset = 0xfffffeeb15f26ebc [ 509.760078] TPR Threshold = 0x00 [ 509.763560] EPT pointer = 0x000000006248c01e 12:18:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x4, 0x80000) ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f00000002c0)=""/160) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x398) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r5 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0xffffffffffffff39, 0x1) ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r2) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:18:28 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x400000, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000100)=0x316, 0x4) r1 = openat$md(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/md0\x00', 0x50000, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) sendfile(r1, r2, &(0x7f0000000080), 0x20) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r3, 0xc0184908, 0x0) 12:18:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:28 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$binfmt_script(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="2321202e2f66696c653020766d6e6574302070707030296574683020776c616e3073656375726974792b205b706f7369785f61636c1f61636365737376626f786e657431766d6e657431656d306e6f64657620246c6f0a4b9fd4aef9de0a77e2b95d6b189b666a505ea4e98bc90a5a431cd272453117630136e240cdff644e19007d7375bb00ec5705040063840ce6320421046a9273174b55917a6b85039afe5ea6f460104f1e39cebe11680b141f29bc08cfe420a5d37fd307b0edbce852af2e50bb9fa251fb53039027b8a530cc601535762bc3f0d823196cd3ee38591c2dd7a4d813d518bc5d306a691c044df5f14cb0db52caa6d4c227950fc173cd43af19601bb4c68d8e244bcc258b3e1cab2b442130098f2eee122f0932cdc727211505878cd534cfc22beb55403261f21ad188eaf67527a5603fe0a94e26d883624825f7dd1a7eefbb200f999c96e7b71c"], 0x11d) r1 = accept$inet(0xffffffffffffff9c, 0x0, &(0x7f00000001c0)) accept4(r1, &(0x7f0000000200)=@nl, &(0x7f0000000280)=0x80, 0x80000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r2}, 0x2c) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f00000002c0)={0x2f, @broadcast, 0x4e21, 0x4, 'fo\x00', 0xb, 0x1, 0x5b}, 0x2c) 12:18:28 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001140)='/dev/ptmx\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)) 12:18:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040)) unshare(0x28020400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) [ 510.246572] QAT: Invalid ioctl 12:18:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f00000005c0)={0x2, 0x0, 0x2080, {0x105000, 0x4000, 0x2}, [], "06dc0f613f48c55984aa31df4d32a69a8c0021a44f044ddd41dd2d25f33a454c7197e16dbdff1d966ba5a0c10169e02a0cc87a7528d0490919c1268d3a77d99573f7b43a59d179c4820261657eeefc18f5b1b7f5ba195ff00c90ee786e38672a2360cc09392cdeb5bf88f20b7358ecb2046e7a83decf00f04262836710e693282451bf587c813b7a66d41a6534b10b2fcdc1ec7abf507f84db0737709243f69723056c850c5ed291a03a8bd668b4de238b34a89ee7cade5716da0e23c739708823612da9fe59310942be349f3571b0fdbb5b1d4ac50ad13f9fb30ffbda5179957236fe8f28a3c4fc5b727190fc1e374b12a7080ff0954a773b655d6d257c5fa069b4e6b868c12efcbdbc5e491032a034896e05f6b26f15a36161545dc524295b97744f2827c134c6a6a53b30a2ddd94a4d550606ec9df16fb23871392d08fb9010a9eb647580eef1d01d5683f62de3c30201b68f166895e1b4b15755b882a386d17240f7d4086184276660db2fc41fd7120c939a792456073052378bd874f654ab29fb8a9676183804962cdc17bbea86e850b739e3876543c444da12380161af44cc45112bc858237185d32b402e9de58c557bf8aa36b153aacdca59c48732c6b7d78789cdfec152b346622914889b6833e714b4489fd744c04cc4b8021e833907da7400099e32756f4eb6631fe28480a7cf5e84b8ddc77a8b01a0cb10bed05086b59ad9c0a87f0abfefab2724d4dc07ffbeecbb479203df0e90c1ff352fa67d08dc086748cd8ff529c489300c6a9d986531a4f078cdeecfe00debfd14692788decaf99658b3862a210077da0ea98a83ccc03e490012964b9f3aaca416b9e9ea9f1162f6d8dbc1198ce590a5875e1c3087f2168ffc22e5a262548c54157411906ff37a519a97bbc1add01438f5b99f021d259f245be08031fa2b236653f1515d7e9c8a100b5d4be84626a9590035195761fbc1002b8bb864b460fe4264a859c145595fb42589ec71db9cd83db1b03a3635315a6558cdef04b436ae730fa7b0c0baf340913684193d18dbb2f8690d4d51fbf454345189220e7da7be48a61579a78513546ae28b6f67b517d80980efe15b852e5382a39eff95e5cd127360945dff682c68eb15799c459e4330f671e52d61d82527cd721a0d2ea938bf6382860010ce64c0cc933cc94941529de81c4bb53a2fe7daea2ca22ac28f7f6e9d576e4af438b279a60a2f0e5308fd83bcd7b6ed7258a5081566ee7f237ae14256c9b1bab4a4d71b3d5031e98c489d842e31eebe5ee575f966ef8b076efa1e094141f049afab098a14a54ad1504f50ae1a9437b4535e342ca179a03e009a9d7c61dba4bbebc9a1f396088c0fdfcb143b2e0783806bced9f4d9d97b911cc31228b1b2a705e56031bcf1db7006f39ae113c62ef92e9911712c24189cc8de82f2edeafacbbc921d400680fca9ac949451d2ff7644fa06fc010cfea193de193580709c91b3b699320cb7208164f0b3dc48f726fcfcfd90e77de1b18aecbd5d9263fc3214f41f353b4d25316ba4907c7d5f9bdf450606a8df2ce879a95ab7554be21eaea6ec9b3befcac09a92acade9b13aa69372347549b3256dc1390e0f1de4c9fcb9ec7d34f54f600c50e2f5e3a8e704114fc167491fe548c7940b3e00ca99349a989859779d29df0c521975b5296f72f818ebcb74156fea528b263b95708afbf4c5d37e215365c02b047c3ab9cbe52a4204c0f7d543dee030efb9ee2f7134576851a21813ef5f482a8e70953d3eedd74b1d6a51aa220b005518d15ba2001fbe4767b78057ac359c82378264840e042b4cee1f14231d8ddf40310bb40e60f4929336a8d005405f5cb632888d05bab60dbe214dcce9ebcb8d7110ee7069a5ea8bbb06ceadbcb784280f1735a32ad538445b663f62461b29908176ba8eb30d233ca742f4bfad8cbb3397cb0418c26c6c24ec9f9e8848206a424c6439924293b7c3ae0728cf33de751b10833ad654ad6014c06d9f19de0d1a772e7f6bef248de1a76793d5c1771883a5155bd0d588421c371db6e44d93a68403c939f4443744a8dd104f8735c0acc8e8905dbb358f9e6d0eb7cc7cc0f17af86dd691f2fc5e34ac28810cb57aac791af91e8121a27a780fb9869a406177f96559af191a7703385df6198c0eb400562b9614fb62a2acf150cdd8dc9e6bd3b6e1613dfbd8c0641fab808d2793dbffecbf807649bd1b94d97530c09aba283cd419533590ae1aa9c8ccdebf70c953b14a1c877e4d81f4630386fd51ea00fd46ce28b04d27b4fd81acc8262f5631fcf4635c2f117e206723475ef63c1e86eec5aa8dc832385fe232f7eddcc17d5254227a2d2263cdc82a451fdbaeeaaa0325601b5b57cc9b6ff733e6105c46d562be4e1a5a40a89a24fb6ca2ec7d86ad9adc6957456c1ebfb6882bd4253ae5c4a380898271459e5ce6a22ee97f4f708283fc7f73d235aaca6bca5273676ac7a349b0b640db05beb886d6a44538be774273ff9a91c2e18d29bf216c13adaa521ef3b7ffa0d871abc98fcfa072ab550f045882ca70407e213b36f81237ed4593ac5bc0bf39770c66ba36928c4a4aed844d1f681eddcdef702f37ed8dc831dd8163b3cd189b1c44e2a525ec59969f18fc29c27376bd4a729f4fa923f483c1ce65086a58aa7b6aabe8cf8b390b86d714154f6a541a82439c601c322ec717daf12de4ee8c2e250744fabbc5649ce805abfe0f493b3fed089f32513e31d02faa96b5b957c0dde4446a6f023f9acd6c2b6cc28537a8d977abdcb76329d70890de94bf7a6c4769258adc3723d878f598f811d9834ceba1f3c5bea9d8ee2835e5ad2e569951b7daf58fe2b9e4a0c077b28728d866bd28bed1b8098529a8ab6486eda0514d04eb181d37d73d5eff4864894bca61366c865e83a4a1aba00ec7144950bba5973a192f9259d1dbdc70c6968045a5110f6c4c3ab8a74d9d59b694c73872cbfa3ac8cbe239d7ec7091d2b1659d82b778c2c52ac67df5cc5efc1d2824b68db8a50addc2caa2535e6d02f2561545519aab04743e0e8bdda7a6c090f058b707653ba82a6a41d903b9e51e38c7083d489a8ce70d2a6048783cd4a8d56f2c69c6c41bc862fb855c7587ecb346a235572dfc80b6b69d8e0694919223ffc14695935bc2f4822c0c35a7bc5ad7ca4c1e67861ab2466931f2f6eebd1497050a70e275b98e2bd86e66ce16298b72033448109497d85abeb1d3364c5b7e28dbd4a7880fcefd3a250b42181161a3a925144d5003734dec296d435d8a5596f3e72a1c89c3308e04b6f509cfc943fd91433cb09498c13d2993b98d01c8039b47a6c339feea0d495bc0238d15bd6505242f5bda00f6ea0e6e3a625ca41b651630b33ec51247d4d56b79c4cb9eefa195eeccbe9bd00b9dbdfe8da8330a20749aa4fa048d028ae44606c4337785984362dd531c3aa2a58cb25a1149480fc974e81d0bc6903a1bc9fe3fb525c67d8c5be2f9942e05cc82c2eedd3cd9b9cfcf14d696d73b25f7259205ea0e6019f8b17d601e5c0b471ea9a8aa2d489caf4fd207d88d069264f859b4fea1d29856f93ae878dafba2f2758d73c9d867185c6e6d487ac9a4d363f2a74a50301a9c9517a1bb5dbdc3a841d3f4d15435e3ff83edf5c8c4cc802ea42ce5c3eeb9339293cd39c2786e6cdcc2159a9db4dbef57e9cf8d731cecba78225dc2ef5a8ee16eae1ce481e73c071e76c126c27406837ef4451f428fadcf94e1c7a04837125a5380937b58c4157918c710dda80a42f2d84870409b42a4b5e107eb8bb134f717bc3a8ddbfc510b6a9184d3a89cf4b353ffeb1ed2369c18721a54ad6d9fc77a26f38220fb3905bbce706312f1938cc46a7ba3bc4aeb570021b9e5938527cdcba0067b0c2e3c17c8ecec807691d19679291cecf6a0583ef00eb4c34f83e550d5978a75b208b82511540fd0ac93e59c0bcc33e1cf360f914e4a280cb93aa93c2cd4ed74d1f55afcc16bda2a91ef270007cda9a22aa833de5d7e093ed42eb7c6d662ef352aa94fa08f189f952b46980958eb2689818b4e597e79dcbe37cf29c98d4a5526fff819e61f200289b7f59b491840b4a5fb7862aac311aea6858f24fd9912c69705a7c2ecb4c21de5e53bed3461809db00ae9124bab4095a28b416bacc138fba811b33e2c85e066759facc9dac7b1a4be02907644f7cea38f6fe1f1f7b4d6e015a984d85acc734c1a4b977b0e02dd82979d85116ab9f99383aae7c7fe06883519935de0d924bebc89f13042255a74d4109c81c8e012cd7aef0b5ad7d85baca0a184390235910c495668db3640621fe0993f26f1d530d7e54aeb769225513193b16d2a1808267d50f48e7c288778058dbd44e6ccf0d4fc91d15023f4120f67e7a154a709523b69c628e87cd9e50f72113f083282dda7227d97eee0453adcf1411fc46a032955216b514bab980231a5a6c4934873e38bf384f5310146cb64b5d5cc47b6d51f6d6c52819b57e359e19995b48cce6b8f6ce26649caa829a768f4136beacc6280b88702ab3c29f5479c1921cb3685d02ae6fe02c4388f0658bc3660c1a28378b34b164464b63255f77a33ca2634ec13862a605514ba93cf8e68555d1613f64927e3d1c1a46052f10af1ded0a6592e9f848e05c5a815a2643a3d17ae61eb99d2d44ba3524d97a84e8b2b5a98bf74bbd61aa8ab61f6c408a3b16655a20095782caca4a13af83c7e02568fccd44ffc5982182ae062e37ab649f4277e819aeb80fd95ddc17c076322ba6d3b2b54dd41ace5f960ef2c15abcdcdaf7d99e8c347c1589432b7f2292bd47c510610d21155d3fb51737d2e258cf4e7c4d71e1a78baee45344f661e16e459024d990d57ff757b95339e76aa26b0531db9bbd0cfc05edc6ffba80b78929063b282928e7e95f63926e1fa94453a7a66f38391f23f21c34f6cef4be988bab9d3d81f9870dc5b39042d3cc4fabdcaf4da30ef0940cbd0cdf6d8c84848453a4fa8c8310e050667002542f56779744de5ccffb342ed86e259985b2465f57a6554de7d2cece2d5b1f262ddcaa2ef33c22e889f03610c6f41444c16a28ef4c5ac8e4016a58ee9ec3f85a7e3e5a63825e4df047d08dec5e668acdc32a6d7e6695313bcdca468fc8e1e1cb4610f6357b188613bfa151adccdd81744e27606aa4695f1e20d2fce5d3327e93997886b1701dd9fbdf9ce8399c2403b6edc22cec372bda2b47b60ca64db5e5e87de1a30e0376f3ad86b11b580aeaba67ecdd09c649f92a38a382c2ccc10d7f2e0b9171e25a36772d69d8e73d3ad42fff9637b0365e691e61269242838b6d36a3733f7e3d0deb9bbff9e3dd46d3d23120f249ba8167c5922d73311889ff5589f398645abae9110e3794f30252270f13463a6fa7d6a25b177db149bcc64b8bd6829c2412368b9b3f45a3639634ca377346a1528e1e754e9f484801a362c33a42d58d24003e40980405ece7efbebff0036cfcec7b768dc8537d10e6ee7af6b40964c61c1ab9c8e7ff678f719bb165d7ab7ee88acb3b6a54830b0c62570b29c4194ed5e8a2167a00a9d94937485715dc8a016e63b2aa60f3d5ba214899b58e9be99be87060230a7ec73eba9a3de4bffc7de5c1dbcdbade79b91f446a73c095ef0588c782ec0c8794b607139b6c6159058984b75ebce104ecf3bef27a39f45e50316fb4bd7f9318b7285ced7404342b071c1b06b825e01e6c212be4d384a2c6db29ea842c212533d2cad3f90efe2575f53340e352e502340227395fbe1bea3b7662b5b44a08ec2a59f176a5ea58d0c867c0c", "2bab227286cd7aceaa3fa8dd7c62a6da239eb248c32473895b02fc019b06201a88491f5828088fdc840153002578c535412bb5c1523684505b6e92c5d8f171c6b62601e35d73a4e3fb91c74fdd94b92b9be678d4d1d0b32832e0f4e08eaa90ed7fe7142f4ab43a225d72b0e36f84fb8c744f8aee41d9abf24e81c0969bcb645eed6c84bba94f90119f6d691b7c406b80138c3649d68b0a61840ae276343b027fd8065e6b2d6ea00813f93d7a9130d4e003d0eeee8c35bdaa3d61852071f21e1a9b6bee2d27012ea1a51fa00ef8a0ca9c639670219b7ecf02b8f9d714316b79de27b1e6e1b7e56cbdbcf22f5233ee265353f48bb3f810246eb56ce6b7608ed6470674538bb2818f86de44dff0b340ccfcdf0964de72250a4e3ce862bbeca1fd4ff19ff7d41ff736fc28505a9b3a214bccc91a5902d27739b4fff5f38763cb72429f66dc2c9d66d251b4132bfaef9b33942e6fd9f63e94ad07309f08fcbaf3bd9a13efcf6d5852eaea546584213861ea94d18967548d1833350d5d72e6b23e4bb3f550d5c2bf504792a2bac256e2fc8c10fa7ceb7a33a0694c28fde8210a05ed1f37b9d566f99db17b13204c766493c624e77810fbffc0e2257970c2dd90776cfe86120e4a90a1bf5902271f1edff9f9204b42586219d0a40deda4e77f6b165ca5494a310115e2250c0c17ea30a0aa9a39a7a0fc4652f09b32d24c4ac89da8daf563a1c3c6a220b4c3b39a70fcb2ab66d07991e7d95a8ac2d2c98eb6a1a01ec22afdc6cc769cc05d547aa99a01642e6410a22ecca413b0e7185488a38faa704f9cf00a3dcc98cd59f857b65b1ee3a86b00054406f497fb0c605e3b8f38cf08aa5e3f50e260c3b8635846d87c855f60cde038c5389391ccdb45ed50661f27597c73ddf1e18f5d1cf5b737615d975f78738ddfab1228f844a0a200347f9a4854c24337fc5f49edd88464ddf04dc5b5c3318905af8ea737adc5e35b0701db20f481450cfba85bb039e33f972a5332628c04e04e110150233b930ddac2bdbbea4457e68dcffd01b1aae2447a57c063c0d69770328094088d2043aa17ee8d1f6ba3297240060b29b4f2f9af2c0fc7dbf87189dec5518f50fc60caf22438bbe2efd0c5013b67bf0eda892b67f26a9daf416bbb25c06ee767f46cc2164e52bdcc6ddd0d8bc1880f838a806da30a83dad77ed0c3a2907bbd35ddbc3b0f653e6ebbacb9ef717559d0b8762682eaa53e2b43789c058968a42e5485cd079f40a99468265dafbe803099578bc8c9049647eca1407325458e36f3b40796d1f4ac2ae9c162d1ba13f3bcd8af8fcb9555b62c2f6e367ce8f1b211f29ddd9bdfb404e6ed07b8735d4479d51ce7f921981948e029393c0b8853cf73503574e36ff09d09110670ae3ff93023d3c0a06ace36c89d199fb777545162794931a21af60a416278ca68adf6ce2907e68da53e9b57cb6364f1b331c711eb51010bea96187320eeed5753647010f1d49b20f1bbb9cd1944579bdbe8f1104493c9d8df7e96190cd9e908c59d100570f270fd4a1a78cf2d38835e760717b52cbece617426b340f0554c788058c5274454416055917fefaad53a2067128969035d322b4238f94b795bdfcc613bc6034f341acb14e3228149dbaaf8978b6d52ed4dd5ad0872e01d8c39d696118f0f1550cb028b81618e29ab0848cc69ced2bf58fab16fab9c2bf3904664fe77e0db28419472b55640f3268c806c4c6886549609b168aeb3d567856aaeff5192b87f6544b103ae526a9ba652fba1707fe43b1fa4434bcc04410dce6b473762f37aba8c4ec2c23709267fd4fa8e282d8d9936fb7db7af1e3b6b21f65ecc3e85e63477d30d93acb245cdd6b09d73214fe35745be22f224be5c85c99490d6ff41df32cf7ee042957b82c1c31070cc3daadf5d0e438504fafd1d8dc490bdba57ee01a07957bb37e783546dd5df50b73145ea09378b79d4a53ec02083a42866b72af12d14c5d0c26b0db46ea0ebb5160a21371c618771379c0f37d7f970d407a717d5a5162fdafdd1602d7516eba167105467d432a0900e01e047bd71f36719c4f586593f471829b227962d86d031bc89dc9a7c6943cc70e9f7825de034d020e993a91745d4c7a308f3767cd9fdcd575040c4b8fe0d9c38650b44245f47d13bbc044139f82fdb7cf3db989a97c3fb9ab66ededc6b6d9d405fa0d3e9db83bae795e0a0ebdeafd1999ea83fd4856ad688057b906e8846475dc92195b5be74baaf7a92fd235176e2f5b2c4292abb9131aa76b7b8348431f82973379679cb0473e897a657d52b384b6c92a03cb8e490f322ab0a20c8b164a8bd43d21a6de0f6ce3d0e84a95a1a285f15f496f97aed9ce97f019313e33e58599a9b4b8c4a88adc59f1fd0bf4821d179e234e629b0a626a857651e1fed5b42eda95f4686e0b60640eddf91ad2dfb76f4d26e5771c7ac1bc9a23a2b080fc242a44b54f55f8f78002c1189eb186180b978e73bfedba5df290f7b19801e176a32229c511066569a6637a3ee61d0d3cd4fd99fc3e66dd34d0a501a0725d214f850298cec9e77c38e280a5f992e4eba05ac010ff6b5e0c70f67032734fe67f482e8603948527da75af019d6d998330fd4ccf74a0b1c8b305b106f5b1ff9763942f6b92dc2b70536f827d9690c6a3173c0d3f4ba617c5e154dc6939b16243f8ed1a8effa8ace0b5eaf435c32a7913f979cbef8556f88a0f01d7e69ef8df2dcef183c1a84d4501cc20e7d73e9c1e0c5e2621e9aee161e0c4f5bf87a0249fe2dcd8ca7d674e05174ee4064e0ff4666be9844167ad42db3b35cc006be7132ca9be4b9754a99102f77f56cd48181cc2c591cd5930510580864007b2e163732c10879e9f1f014f772d6d415b330b793ef263446442ff3fc7f867c423bcd48f8553602735e5dda7f0ba3dec7b524140f8d7e125c117adcb382cbfe94c0e4933c33aab8fdd21ceb077913c0fbe088edbade15acc94a8b692dbecf57a5274769179d50321d71055d565040ea782d4c2b5f61336e681d73ac095a519dfaf4c18fd7eb469ce05e13535a3466399808ae287cb7101e3ea2428ea3c9a290c886cb62ad3800c7dee31cc176053d5e64d82de4818b152e65fa32cd48fd7ad8533f28e9a07a144a145a480e26ac97d853cee111a8a1d45805d71369141c0a597e33868c0a662e70fdedd4bda7472194528e44cdf6dc24b50c198a3e300aaa659255548214df0f97752e2da05ce453edad40cd3507f1092a4a62d424fb21227dfabd0b95d5b2dc817634ee8f3a83603d838228add9a58332796831cc31f0d350f990575e40179d4155005cced2131144fec1d16d7f54952b7175ba58e9e21ef2ea0b5ba26ed8f580dfece7dc7a931569bdddca35cbe7711e81f710c843c3248ef5c847545132752cbf92aa5f4b801ee0c504535abd25a54c49e26d09093bfb76a19c2fe226e3ac93069fdb8ae12171fc80e25ca5fbe148d594d62e28dd0235996fd4334ddef8c457241e28f4844e3373ff2ca93453d2edd41d0814a98b85c1e59ee669f736e82fa501f5d19d371f7ab99ddb662e1e4afecb2ef543444647383e13bc7ed1bfd3cb3df2279d5e8f4cccb8e2053f1562dac271b50f1d44be6833aee62743173435bf96d121d7b476701062e1dbbd51fb944a2198f0081b42ede0204341f45b77758a3ca7c30241fca9e640257b11248a993472d45a11b5d737148d7315f8042f87cd7e1c628ab1cac0b733a51ac2ee91940c3cc50fe0e45c010f57a48b25c38b01eae57cdfd28fd4e7a1eb4319dd57e2d044d13d396e5ee1167eb3a0a998908e68dda31e66cd75821cfcf7562a89e9c03c9075dd92080949b0781623c84b73424b136646993385781eedaec7bcff93af12672d7597cb324fd6eb2e67c0bc801f9a6fce32315c6fdef1be5aed4c0fe5ae46066e4744847567d9b0433f683d13671f11ddaf4bb6ba4984a69d1641a1005cd501303824f4e65b0a2420f80beedf8f7724d6ccfd1d43f05540877cc738ecb8088dc46de48aebd080ca8e966868c8b72a04470e6daeb062648233af880feb389c2a97563102334ca60e789579fd26049a30a9a102fa6d992a24c1ce414b00f638b118e1f18686d2ed3db1f1b0b097a06d168370b39e1a67bc3e92d9cd39ff690f33634dadab0480a7379b7c9a771d6e801199d29a084172f35b7c74711717e524934f18d8beb758a00fe602b1ccf7c2b6bd6f62c46f839c5e1a36f3eefd175bb469955d576277489cace2770e1051c5253e26bf1ff616b26db6b032bb1b7aa5c5e6b8b0a03b65aada6760f71d2f36c95bd90d0d23cf6596d8d531269c0d39f4aff4a6b3dd7394bc7f1e16714a8e80f9212c264f611979348f7d244da13f42b17d4c42dee0a7a8c9b23bdf6ee6bf6ed4e8ad8fba3f82c10b4b39676afc978612b6f5323d52b1f4f89ba296f02e59cfbe03d91dbef38f917f185ef17dd58e6000c60be5b9be46b9d6cdd80ae911587f35b5cf833ab8a5fdf7e2501e8dae02ac2beb8eae7379cfe10848dc82d4ce28b174f44cdb2650efa7ad66e75c168ebe02b6a3f3e6f4e450df788680ce926c76469eb2a2b0b1a38989770fd4b401c4a05d8ccef3827e42a8cb85acb5bec219b189184599e6742fe7375eea88effb5465f2220af77c602e7dd82d3120575aca4caae28368051f7e16bd82a6d1bd8a8107f07359d0b79f162c19160eeef9f97210508408153b40e762ebb2a92de5d271de3e92604ea1bd1b93685020bde5e509215fdd204c7f743a508599870d292c7dcb6eb5db56f5d43eb4e99bbb8f79cfa810fea52493a57df40cfa789e38b9d7912eb6a4bf341241b3d9eb9ba43957fc6cb41ed7259cd8e3d602360f175555d222fd1187c37a3c67c4a4767dc171e687f577bad72f339d1c222a32458b7b8c0be4b9604d9f8ba20c28833b4ebbde7dd614b4c39ce74d94e8ee52ea0a9d474f0fdd6d6c7f50cb84a1382a5c76b5c1c565b15c40cba25264361d5d1087c43e8f8cfb181b984ca8e7941f3368de9686058a7371d47334a3ca17686fefcc88ae95c972e131ce76d281ddde366f5e928dd36f5779c9a630c8337b0f9ac9773045e2e7f6896c05ee9d7392a35eab885f8ba4f3e3c2a363d0870dc0b43146d607d1efa10083c724c4d9fd20afa0fb5f01e804465bb495c98fe86419a4a44ac171edb516dde105ad9aca4782f088c87a96b4a904661127d7d0e684735a2c0e7a19c886f83caf669c23687bb98a7fcbe94af6c33b9190d2fa3552347be986afc2b728dce31e7c8970cd6270efcd1622cde8216bba64b3776427bc4a969cba0354adad5c526574b589a8cd06532fa829b7e3a73161685ca2224ed3053d4735213fc7d44f74685e872c5a51c5dd05fe65586447135eb5ac8d0fe427cf3883c7e1cec6f39c9349762878661a98af6748e7754d5740023fb980e4702784256767ae7f32468e970fb505989ab3477524da1f752def07fb997fa1b19ed512a37adabd96104e87f959d6e5ae5a4ce73c3d8d5e77f75e2bbaedaa664b8dc9f87b366c23a130be73864e4b28ee9a46887a46bdbb59b06ae628272e660dc3d60b2fe5dc3b72a77c871be2a4a4882672a49f07c37d2e37ffad901a9b8c87e8a2dcb5090f1953f673224107ff46ae512b277330d3216b5231f884f41c22ad0472e064fcc88fc005a2f9fde81b5737993afefd6f8756a78d04a9c807844bdb2680b0dc5566b7400d387a535e7ae4659c8b3bcae1bdb2e2b1ae5b45eb2235b75ff86de7073744f0d4f052f71716fa2d9b8634f8bb"}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x8000, 0x2) ioctl$EVIOCGBITSND(r4, 0x80404532, &(0x7f00000001c0)=""/245) [ 510.307942] QAT: Invalid ioctl 12:18:28 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uhid\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/168, 0xa8) 12:18:28 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x8, 0x4, 0xffffffffffffffed, 0x2, r0}, 0x2c) 12:18:28 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:28 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) uname(&(0x7f0000000000)=""/47) [ 510.631521] QAT: Invalid ioctl 12:18:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8000000000], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x3f, 0x82) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x80000, 0x0) recvfrom$inet6(r4, &(0x7f00000001c0)=""/90, 0x5a, 0x140, 0x0, 0x0) 12:18:28 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000040)={0x18, 0x1, 0x0, {0x3}}, 0x18) [ 510.836065] *** Guest State *** [ 510.839442] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 510.848517] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 510.857521] CR3 = 0x0000000000000000 [ 510.861275] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 510.867351] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 510.873438] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 510.880217] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 510.888313] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 510.896446] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 510.905389] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 510.913495] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 510.921553] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 510.929634] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 510.930745] QAT: Invalid ioctl [ 510.937720] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 510.937750] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 510.937786] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 510.937811] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 510.937835] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 510.937856] Interruptibility = 00000000 ActivityState = 00000000 [ 510.937866] *** Host State *** [ 510.937892] RIP = 0xffffffff812b0dfc RSP = 0xffff888061f5f380 [ 510.937934] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 510.937972] FSBase=00007feb364db700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 510.972086] QAT: Invalid ioctl [ 510.979389] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 511.018402] CR0=0000000080050033 CR3=0000000074a3f000 CR4=00000000001426f0 [ 511.025529] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 511.032302] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 511.038385] *** Control State *** [ 511.041950] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 511.048649] EntryControls=0000d1ff ExitControls=002fefff [ 511.054247] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 511.061221] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 511.067999] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 511.074679] reason=80000021 qualification=0000000000000000 [ 511.081043] IDTVectoring: info=00000000 errcode=00000000 12:18:29 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xd, 0x8, 0x4, 0xffffffffffffffed}, 0x2c) msgget(0x1, 0x2) [ 511.086646] TSC Offset = 0xfffffeea6452572d [ 511.090998] EPT pointer = 0x000000008da5501e 12:18:29 executing program 3: unshare(0x288203fe) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40000, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x6, 0x141080) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, r0}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={r1, &(0x7f0000000100), 0x0}, 0x18) connect$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @remote}, 0x10) 12:18:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0xffff, 0x80000) ioctl$EVIOCGLED(r4, 0x80404519, &(0x7f00000001c0)=""/55) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:29 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}}) syz_open_dev$sndctrl(&(0x7f0000000180)='/dev/snd/controlC#\x00', 0x100000008, 0x20882) chmod(&(0x7f0000000040)='./file0\x00', 0x40) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 12:18:29 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r0, 0xc00}, 0x2c) [ 511.369485] QAT: Invalid ioctl [ 511.380248] QAT: Invalid ioctl [ 511.404306] QAT: Invalid ioctl [ 511.407608] QAT: Invalid ioctl 12:18:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001140)='/dev/ptmx\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TCXONC(r0, 0x540a, 0x2) 12:18:29 executing program 4: socket$nl_route(0x10, 0x3, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x20000000) r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000001200)=""/4096, 0xfffffe19}], 0x1) 12:18:29 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200, 0x0) accept4$unix(r1, &(0x7f00000001c0), &(0x7f0000000240)=0x6e, 0x800) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x8) ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000280)={0x9, {0x70fd62ad, 0x80, 0x8, 0x9}}) ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f0000000040)={0x7, @capture={0x1000, 0x1, {0x8}, 0x3, 0x3f}}) 12:18:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0x10000, 0x20080) ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000200)=ANY=[@ANYBLOB="01f00000000000000100edbf02140000f3281d1dae592a7e01707013fce5776d07ff01fe29052c1240aab6ab8f7a22eae51cd0b3be14c34a0a972f24fe95bbddcb4d322b2b09352deefdd07912ce87a4b53210f17103a6388f6c159e7b7cdbb0dbee63388dc62a0e000000000000002abeedf9b8b17f487070b8aa227193a6af33ead4cb9893a2a63f658f67571c03e903a2330e3f6124fefcbd00000000000000000000000000"]) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = semget$private(0x0, 0x1, 0x0) semctl$GETALL(r5, 0x0, 0xd, &(0x7f0000000140)=""/30) 12:18:29 executing program 1: syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x5d9, 0x3fffd) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:29 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f00000004c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) close(r1) 12:18:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x8000001000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x15}) [ 511.825884] QAT: Invalid ioctl [ 511.865705] QAT: Invalid ioctl 12:18:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x14000, 0x0) write$smack_current(r4, &(0x7f00000002c0)='\x00', 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REGS(r5, 0x8090ae81, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) io_setup(0x100000000, &(0x7f0000000300)=0x0) io_submit(r6, 0x4, &(0x7f00000016c0)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x1f, r2, &(0x7f0000000340)="868726461b9e3f18ea1e0ac97eadd2574b5cc230149fc32dd5a3077a801fba774130dfb7459abdbf73d7501ce1043820b3c5fc32096b13c434361266a80f0c28a74dcd1b8e02b72bad6110cdb7f9415655efd5abac48ba8fb1412fd70818d400767b8aab5bb18c0655dae3d9777f60a09ae469cd22a846b45fbb756a4ca3c52ae4310a420e0a597ad7b5c4d94a0cd4e01c5d76c804c5e7e8a2e7e2b3268dbf78303b1a05d1a44e0e5f42e50d96cccbd64eabbba3960d2bd43aa161346ac1c1ccba45a01bd538c0d29f695b418ef1c43f8036f768a0002620454e3f77", 0xdc, 0x40, 0x0, 0x1, r4}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000480)="013a875a44657157cb1780e96977c1e8fc36e5f1449d390f705bf1deaf40e6574fad71219bb1bc5aed90d06f75c4c12a933f44fa86cf46834074c62a791f1f9a1a65", 0x42, 0x3, 0x0, 0x0, r4}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0xfd9, r4, &(0x7f00000005c0)="2632268f71ae50cea325ee5a6860c237a026a2371d96ac15332e85d103940b53dd4387ee341e5f447b4bdf30575c85fe6f003cdec5a6eebf5fb5b893eaf659db5a4f01ddf33cb3b913793a2d5dfbf95ebe506d85bd107f51fd44a121a962536ba37aee634b4ae09fa724f737a246dff5066d88d528a3282c73df9f629a933cfaf5ffcb807b0ede9b01866c3c8eed909cc15a884c2a72e924abf5488b1890ca", 0x9f, 0x7ff, 0x0, 0x1, 0xffffffffffffff9c}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0xf, 0x8ba, r0, &(0x7f0000000680)="e809e346e1310ec9c8a028fed2ac84b189649b274c13a48d3a2ab8d291ced2fb3369d078a48ae2ff91593ef1c407ddee76eb63dd6050a6fdf4d714703a2dd33148caf610e4dadc41d6b16818a3c24cf88971eb33df656e6652c4fd70db43575b9ee468fd4ef1aff0edf9a954b0ec5816633ab3315168b08f0f14676ac32e0e7b28e42c93c17cc217e165f5fbc311d49ba557cdc8e75f01cd09ec6f8cd202769351e30047bcda038a4af7fb8d3bcbeb031b8947b5170348eed957f217b12b99cb986c0733e53637cd5977185e6c8606c9e0e7ddf1d6e261e86f0e2371a0b62980d2b9874477bac9f903a7cefe9d6187c0488d916bb478563643b2acb3f32b2d8fd2cf0a95bec3caeecc5e3fe13cf51ad8b4693fdbaf823234ea0def6876cebd66c81bcdab049d077a52371f1a902edadbd8dbb3365c6cd88a9ad35a78791f4c4260ceb67b5e4ab91dbeddd44a552b72716a583b5201c3891d272d01168ac45efdb4e45f7c044fda32287d583db4d5c927a22125dcc4786acf0f88130e902a21a220aeab52110cbd4317bdcde4466a9a52ea1382ead2c33b8a60f03e399ae943fa2b16061e978a84f027724d32c4722819cb6f79ad5cef09895c4e8c06e0190e72f24fa8a7fa934f271f30b37716202cd5aa5e13f5f245ecef61446d7139c6d608a7d32491abe95c9b16cc0a1dcf5e0796068fca069574ff6b1aad09226940db762493d8710a5c9d4e6de6f88ba9fa98b665fb7232c131a36a5066f27bdb31f4e55930771e76b0099e7079fa8004382846b2f38db7d0af9250066ac8ead5869f19c088ec968066dc5095ec931be4472561085570a40d8b4378f444d73a7469a05b7a4d9e1d83108d51bd4f2cd3c20e75e8624f0bac8fa8dd155ce04fe90c86d1fd90729aca67a677fc284d7ad7166d18978e848b0ba3b809b11b2c2d08121a9be21de02367c4ae04113cc808e1fce7e2cc6c1749e58305f1d7b525e228751ccdc7fe346dc89e0ce0f68205a23df3392f72aca681f90faa225f3b879a77a6249b55bad6f1d572b55cce54563f30830e627b5f749b0bf1adb765888659dc1f45f2597a07d786e098ff4963163a44ed5544f6ff6b49f075524a77a65ffea9b742c531236c2e5869f9fffde168c45e02e2fbd4cd37224e01d79978ad94ea9a372eb9faff3938057299a996f7d468654b5c47e7a752f3a00fd69c200241a0874712d7f73012ea2e68d77a0fd6332513308e4154c4ba284da0b644785fadb8a2a17f743e0330fb104a97232f4c7cfbe017e662aad944a9f6373f3112cf83c5f3f763b078664500ea565cd5c88fef778233858c063a5833252b4dcc2b3f3dde92a55be596b0cc934e355e381a540d6296fe3f436fe82310314009dbf07f9514336714db502057f99206ccee3a1c096ce1e1417785683dc1c398ae3fbdbe9390d919c6098e9266933296769eded7d5b81e4f485ebdc9f4b43475e9215b98ef1d1b5efbc73746a8124383c5796aa85ad715c9e3176f8f3661219d56e860414edafe25d8eba2a7f1c9cd375d73af44b7b2b9f93fc5bf8ac93fce7a7105c44300f7d2a627d36b7b7fc3fefcac250a06facd4981e0c83cf3a345ac600b42cb75c9af014524749b843cd89ffea955b5f15a2dbddacac6273191e7ccc0dde72a991567d166b7ff2332c6da295d1390c6ff639eaa3b1cc4b8ced6e90d7599d5c90d662aebebd4e00654d976b735b99f8a7b6c11a1a11b4347e6bc7823f6127395fba4f66e1dd03dd4e283ee77d7b805043ef96d2aa080ac69d5ab639c4a107e09674a117efb7d2394668ca585729cbf7c86c7758cc1fb9375a5dc4b1637884e5303bafe2e3a1d0f5cf137bc534056e0a4613a2d10548d6d74ddc7a122eda624b5f143d17d396438d146800cd4d6fa243db7807e5d0d88544a1743fdba7beec3fc369e93d1feeb993fc6624f206679bb68db7d45e427eb1ed2d6c56f39504724cc6905a4848b4711eba821fbaea55f0923343a27b2e340f942d3a78ad97797210249dbf564eb93c5c5606a965a666973deff027ab32ead9fa7752666e900fa339208a0ebe6bc1213f5cbb80552e5f0a8acfd337a5a7a2d28a5c17d27166d7a31fe37330fb22116594677e2ccc3ba1941c012f6850e547f7a17198c7925b709cad58704ec648d51f912aed595b9f920d80df9dfcd450387845eed99b2d0d33ec7ffb9655a1ae7a6924441392a807470a2a3606650fc6e7e8cf8800268fc5c1b475f39756d952530dd8dccd65aa8eedce141bf5d24b3beb1eaa10f0844a48216b7e3d0475a98241616e6b0aa75933119cd9bd1eebce31a5da962337a96c50a88d55358f899a4e0ef22657be908f3fecab1cc26401a6d68a3b7a0220a4299048dc04a710e394d8acee2a0349c74c137eb4766b9fc95eea4b0534f8fa03810cb6b2eb6dff6d421da01181a27392463962604398dd5ea6cc6854f06981064665e27bb1e75ad34c07fefc9ade19a1c25bfc22f225865f0ea7de73d8bd85fae8da0a143dbd579c8ecc654a3adddf4b6d73847cfc93926af2780520ac7e998e30b53ceeae67424cbb919e48ed8386350e88a73c8436bca06fc362aed7901ba5c2093e8059d4857d46eccab536f7b6e7a40b462208559a6a00e15d299b2393073a5b86ce5498bd0dc2030e245502db48db64142923eaa45d41b93b88bbcc2fcc1ad1b7f6dd155cf1cf70029ba9b99efcdd61ceb2d378e8509ed314e64ff2d1d0bf69a2380a30ff8be54d2a075fd212edf199329cb77cbef6c46d5df19fae33157f0b0fbe77d054dcd93da3def19b2dec09f8a87d3093425dafc0cf9d4efe0967275aabaf26d3f315976b3d871f72894be0ac6674bef599c5f170078319c546b7394bce1c579fe4dcadc7e42ad9ef56eb914f6137f42dd502df69a65fc18d343deb6d16bdad869240c6b3a9448d580efebc9fbfc7ae719ef7e46e742894f555f7abe62bb7100767a7d27129071655bce7d163ad5a81794cd6629ee47c36dfcf59432497f37a78a450a2d600fe44888cfea6cc5907ade285916e0a7b44133eadf8461f509414ca30560bbc126fccdf6ec7d361dbe22ce37a6cc8a768d223a9d02ec2af2634a66acfc1a2f1d0edc30d687c5fad37b643f0033ab7d05bc42840566d362304b0d9cbf2587915cecc5caa559c5880a7e96b86bc130e7f184a0239448a4ca285fda2b02cdc9bbeb2f5e4fd9e88a713f5b8719ae599fc1196a7993026b2ec39786b1bcfd92e9eae6e3196539c92dab7f03487e75933c6e8dd1923c3e2d7f858025ca5f38b27208f7b37f2351f8a675ddd5a567ad5390d3f1899be0e5e55549f1b61aef944daffe35b0f06ae971853a8192deca656764fb0f501c49c50a5b1db87eb07e905cb92c7d91f4a062b2cccc7a194870cd396d8b806ad6cee16bdb3d3ab077ee02f3122fc4368d7a973bc70fd4be4cad17a90197e6af9ffe87520d111e225c6b260b159936cafd9ea91743a08c12e8a40c4c0b3001b7c11661492d7d67b8c4f010dd53dc604a0c6f38931c14a4c289b8e193411b49e8a888c76607e007774fec8887b93111ab1f3912611ec0b5559669b10cbafa09502f8c6ce4df2494bffe96116dad71628f689ac1e185c2ed63fe7cac6ad9bfc9ffddfd9790badda666814ecc432717ab7dea441bfecd090c532efe8413ae7f01cba25fbac46d5130cf43e49907c944ab6281c475a4ef1bb03ca5748cf465af76674d45d55d05421c460bdc182f44e23dbcee11b87e1f523138c08ecfbe5354917aa9c7e440699d3854f1b295daa5a820c84056bdcc34d639b49790dd8139f9714e86e2da11f929cb46bec22795d114275815facc056947e6c73af0388c3403e0f937f9933d4a8c1fc4ba73ea177a6b3fe60049e54bb6f30ee197ed4926bdfb91a27ef74fbdf5121de60f2cbd424f034146b69e74449c249f2a46869355122fbf34e5bd3cfe8c112300bb4365cc3bd809e580051431dfb2a0f8ffffcabdeab22da4136e009443b50dfaffbda234fb35ab8eca83575c18c45b3d1fec0ffd2b189b4ba07f8cbfc9f569e67f31cc4ece9aae601b7c484435acadb7e9f23e38c8e3ae24f6832fa36887a262f8a30675de4c9390cd860e0209854665c5816f559ed1b4cff82d3f37049f77fb97f94041c64b07119dfbbf8bb54673debc9e0625ad9631bba9263c1316258d54a42cde8c806faa61b870545f4c7abca911242a8c90e06443a2da05272321c59746cb4df2b9b294d49999ac5f0ac4a5683588ac57a3fad616b5e2b4c088f0a385d09ae05c5582311e1c153216cdc9d0699326d6bfda35b2e1443ef18256bb47fb956c91a8ee48f9bcd28fd57f9f18240ca4c89070fd3d90cafbe14f41ae466b65e90fdc1e9a4bfd3a144c011da9e87897b2e150e34f441e541791e95e3d203caa2aa874c92e3dc4bb85b3e1ab7f7f4a0050313d8749d8eaddec88612869ca6cab4efb5feba92b7217bfb865b56555eaa0dfa40ddf35a74c708d6417c8e0b0ebc7b391c4966c4a4f9e14132b0c4110f3a6fa1c0defc0c717aa7157c02ddce616b7c355a5cf6a58f9b27f1eca2b2fc76133c83020443cf6d7f8a68ece5aa268c1c78629546e6fce9d53555a592479545986261589a1464b2c3e9c7eda15fd4318971bca625100c3c3166d73afe997c2a53b15ae1c1a56c7d0b800f7262b4098108f2cbbbba7d3018ec8dc10435ac93c8282eccef9c6abce4131b565cc1f0bbfdcde7f8ee00adc3c239013e12d0534bc27035232359a192bed7b31630af630c6ce87c470249fe6918bd4f38bd68683dc4b8230bdfd86f8ed71a978c1b16dbda3800544b5fd785f52bd6be300b940db0ac26cab18b8499ed7cf8685c04ca86a7350e95d81d90815e03616f3e4c12f8d3cee0bb3c38ef0af0895ef1ea1d3f502aaf772d7c76adc896e273226ba9cf5da899d00a9018d6eb3187def36afc232b2d1295ad6cfa6ff90cf86a57fb591d7dfe8cd8649f57ff240239d958095925dc3f150f18067564fec4e5dca3a5c09905c7121d43621f010e8317e6c3ca986c50f25174967f33a9c8a01298928555672a6fc4121b357484c88384430a2e138667c8fd4c84d39c1b37940a2dbcb62c5d7e3b12812662be68305b352d972c8a2b5f6d842f89d338f8b1c4b4a09916479d7c0013062ae9a2ffed59973cf12e40e2c41cbd7e1eec266eccff2aa44394d415186e1b025ced426fab6ef1db94c33416886476fac7b883653949c12e4d387def591e30b03caae65294d33354da8dd42fe50c9e718b3288cbd2d73c41ba2ff4d52754cab47a4144eb3b4734c14ba87e306bf4735ebfb08ed369926303ca79b6428889c7208ffe4afdba7dc401409967e7188cbaf80180d8cec3c8fc2b2a9aca2d36db6974b0e8d56171603f8cf21fa89e6767228e429dbf15a69e1e4fe8b07d4b68c7158e07a8837779362f9cf18f6aff9db68c4c74b08c6b71a258b9a8afb05b2bbd615faded6db07fea67f3f5aa577c31afc4943dcc97de646c9cabf4c21b239789b1357a6b94ee553ed034b01b78fba6fd0905c1d6a4202ff64614fe0553fd769c44dc3afe88911ba112460aa066d4d1062bf2fb4aedf0337da80309a7a397625ae4ac2dfb1224f7e82184447dd7e0ebc606bcf73ee4e4bbbd80828d97e63c5da9b4b17d6b1ae85ab9f1d3cdd546c0af6f552effda18dae0672de301474c8bf1082b3e104b4528c0e69acb5fcf444cf9bd986cf8ad8edc4bcdef234f9cbc60bae76d66343a6fe3cf5d27fe0537da2a47e64296f12796adf853e361f8abd", 0x1000, 0xffffffffffff56f7, 0x0, 0x0, r4}]) open(&(0x7f0000000140)='./file0\x00', 0x44000, 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) socket$rds(0x15, 0x5, 0x0) 12:18:30 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) write$capi20(r0, &(0x7f00000001c0)={0x10, 0xffffffffa7800c53, 0x5, 0x0, 0x7, 0x7ffd}, 0x10) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x47bfaf5e, 0x1}) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r1, 0x800, 0x70bd27, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4) 12:18:30 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000000)="ef1de7ccac59d9ee9e2a556cf8e7a95ef8be5568eee003c7c30416c2c7f4ab7229381eeed361a1528ddab9d8673aeb0346ded6b7f02d86b746eddd4a196961e64a5903025576cf495eaeb06ade7c5f4bc04694dceee5bb26ba9ae002d341d19a6df716f457755375dfabb3a3450839d3c0b050ab3c4966a9471524e7d79a73ee5b7fc1de788ba6318a8baba8794930306de7fa37497b54d1e01bd54cbe88966a8afebaad64eeadc80878b08fc9a23b6da07bccfc97", 0x0}, 0x18) 12:18:30 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0)) [ 512.194306] QAT: Invalid ioctl [ 512.214268] QAT: Invalid ioctl [ 512.274427] QAT: Invalid ioctl [ 512.341548] *** Guest State *** [ 512.345088] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 512.354112] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 512.363211] CR3 = 0x0000000000000000 [ 512.367012] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 512.373157] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 512.379255] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 512.386036] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 512.394132] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.402261] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.410279] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.418361] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.427426] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.435507] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 512.443871] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 512.452021] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 512.460037] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 512.468141] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 512.474664] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 512.482226] Interruptibility = 00000000 ActivityState = 00000000 [ 512.488487] *** Host State *** [ 512.491726] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c76f380 [ 512.497838] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 512.504358] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 512.512279] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 512.518666] CR0=0000000080050033 CR3=000000006bb98000 CR4=00000000001426f0 [ 512.525791] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 512.532565] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 512.538696] *** Control State *** [ 512.542260] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 512.548962] EntryControls=0000d1ff ExitControls=002fefff [ 512.554562] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 512.561550] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 512.568330] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 512.575028] reason=80000021 qualification=0000000000000000 [ 512.581376] IDTVectoring: info=00000000 errcode=00000000 [ 512.586921] TSC Offset = 0xfffffee999307221 12:18:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x8000001000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(0x0, 0x0, &(0x7f0000000200), 0x0, 0xffffffffffffffff) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) 12:18:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:30 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 512.591267] TPR Threshold = 0x00 [ 512.594731] EPT pointer = 0x0000000061fa601e [ 512.788515] QAT: Invalid ioctl [ 512.804363] QAT: Invalid ioctl [ 512.807733] *** Guest State *** [ 512.811236] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 512.820266] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 512.829301] CR3 = 0x0000000000000000 [ 512.833261] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 512.839298] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 512.845443] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 512.852264] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 512.860293] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.868416] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.876503] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00') getdents64(r0, &(0x7f0000000080)=""/82, 0x52) 12:18:30 executing program 2: clone(0x6102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x1f) [ 512.884622] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.892729] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 512.900773] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 512.908891] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 512.917005] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 512.925139] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 512.933258] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 512.945569] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 512.953121] Interruptibility = 00000000 ActivityState = 00000000 [ 512.959388] *** Host State *** [ 512.962697] RIP = 0xffffffff812b0dfc RSP = 0xffff88806d45f380 [ 512.968729] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 512.975293] FSBase=00007feb36499700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 512.983246] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 512.989213] CR0=0000000080050033 CR3=000000006bc98000 CR4=00000000001426e0 [ 512.996353] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 513.003121] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 513.009233] *** Control State *** [ 513.012784] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 513.019490] EntryControls=0000d1ff ExitControls=002fefff [ 513.025063] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 513.032098] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 12:18:31 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000180)='\xc9\xe9\xbf\xee\x00\t\x00', 0x0) write(r0, &(0x7f0000000200)="04", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) futex(&(0x7f00000000c0), 0x0, 0x0, 0x0, &(0x7f0000000140), 0x2) [ 513.038822] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 513.045487] reason=80000021 qualification=0000000000000000 [ 513.051933] IDTVectoring: info=00000000 errcode=00000000 [ 513.057415] TSC Offset = 0xfffffee960ddbec0 [ 513.061791] EPT pointer = 0x000000006c60d01e 12:18:31 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:31 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4, 0x102800101000) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) unshare(0x40000) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) [ 513.192650] *** Guest State *** [ 513.196098] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 513.205152] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 513.214150] CR3 = 0x0000000000000000 [ 513.217921] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 513.223993] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 513.230011] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 513.236836] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 513.244919] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.252994] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.261016] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.269109] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.277194] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.285292] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 513.293382] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 513.301398] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 513.302745] QAT: Invalid ioctl [ 513.309496] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 513.320763] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 513.327287] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 513.334830] Interruptibility = 00000000 ActivityState = 00000000 [ 513.341085] *** Host State *** [ 513.344386] RIP = 0xffffffff812b0dfc RSP = 0xffff888061f2f380 [ 513.350411] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 513.356919] FSBase=00007f3a33a8a700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 513.364865] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 513.370793] CR0=0000000080050033 CR3=000000006bb98000 CR4=00000000001426e0 [ 513.377905] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 513.384677] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 513.390759] *** Control State *** [ 513.394305] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 513.401021] EntryControls=0000d1ff ExitControls=002fefff [ 513.406650] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 513.413673] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 513.420370] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 513.427129] reason=80000021 qualification=0000000000000000 [ 513.433592] IDTVectoring: info=00000000 errcode=00000000 [ 513.439087] TSC Offset = 0xfffffee999307221 [ 513.443504] TPR Threshold = 0x00 [ 513.446896] EPT pointer = 0x0000000061fa601e 12:18:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x134, 0x0, 0x0, 0x1b) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2) lsetxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x1) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:31 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/uinput\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{}, 'syz0\x00', 0xfffffffffffffffe}) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 12:18:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:31 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000040)="0ddbf4", 0x0}, 0x18) 12:18:31 executing program 1: prctl$PR_GET_NAME(0x10, &(0x7f0000000280)=""/115) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000140)=0x3) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000080)={0x32, @local, 0x4e21, 0x4, 'sh\x00', 0x24, 0xf92, 0x34}, 0x2c) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) 12:18:31 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) syz_open_pts(r0, 0x0) 12:18:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x8000001000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) [ 513.718921] input input14: cannot allocate more than FF_MAX_EFFECTS effects [ 513.753077] QAT: Invalid ioctl [ 513.757976] QAT: Invalid ioctl [ 513.824870] QAT: Invalid ioctl [ 513.847794] *** Guest State *** [ 513.851232] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 513.860346] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 513.869273] CR3 = 0x0000000000000000 [ 513.873080] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 513.879085] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 513.885216] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 513.892015] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 513.900058] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.908167] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.916273] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.924378] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.932449] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 513.940462] GDTR: limit=0x0000ffff, base=0x0000000000000000 12:18:32 executing program 2: openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000300)=@v3={0x3000000, [{0x5388, 0x1}, {0x0, 0x3}], r0}, 0x18, 0x3) r1 = creat(&(0x7f00000007c0)='./file0\x00', 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0xb, &(0x7f000059dffc), &(0x7f0000000000)=0x4) clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$getown(r2, 0x9) pipe(&(0x7f00000000c0)) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)) write$FUSE_IOCTL(0xffffffffffffffff, 0x0, 0x0) init_module(&(0x7f0000000180)='/proc/thread-self/attr/current\x00', 0xffdec, &(0x7f0000000100)='ppp0em1cpuset\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000240)) [ 513.948590] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 513.956678] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 513.964756] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 513.968572] *** Guest State *** [ 513.972837] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 513.972862] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 513.972912] Interruptibility = 00000000 ActivityState = 00000000 [ 513.972934] *** Host State *** [ 513.976278] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 513.982767] RIP = 0xffffffff812b0dfc RSP = 0xffff888061fbf380 [ 513.982810] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 513.982840] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 513.982874] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 513.990376] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 513.996619] CR0=0000000080050033 CR3=000000006bc33000 CR4=00000000001426e0 [ 513.996649] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 513.996685] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 513.999880] CR3 = 0x0000000000000000 [ 514.008752] *** Control State *** [ 514.008773] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 514.008802] EntryControls=0000d1ff ExitControls=002fefff [ 514.014876] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 514.021243] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 12:18:32 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 514.029116] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 514.035024] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.035055] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.043984] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 514.050981] reason=80000021 qualification=0000000000000000 [ 514.050997] IDTVectoring: info=00000000 errcode=00000000 [ 514.051011] TSC Offset = 0xfffffee8c71fcb33 [ 514.051035] TPR Threshold = 0x00 [ 514.057845] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 514.063962] EPT pointer = 0x0000000079bcc01e [ 514.155211] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.163325] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.171340] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.179456] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.187545] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.195630] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 514.203771] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 514.211784] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 514.219908] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 514.228010] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 514.234646] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 514.242204] Interruptibility = 00000000 ActivityState = 00000000 [ 514.244559] QAT: Invalid ioctl [ 514.248454] *** Host State *** [ 514.248480] RIP = 0xffffffff812b0dfc RSP = 0xffff8880639af380 [ 514.248523] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 514.248558] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 514.248582] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 514.248609] CR0=0000000080050033 CR3=000000005f317000 CR4=00000000001426f0 [ 514.248647] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 514.295192] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 514.301269] *** Control State *** [ 514.304854] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 514.311557] EntryControls=0000d1ff ExitControls=002fefff [ 514.317145] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 514.324219] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.330928] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.337655] reason=80000021 qualification=0000000000000000 [ 514.344106] IDTVectoring: info=00000000 errcode=00000000 12:18:32 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) syz_open_dev$rtc(&(0x7f0000000040)='/dev/rtc#\x00', 0x5, 0x200) 12:18:32 executing program 3: unshare(0x828020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x8) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f0000000080)={'NETMAP\x00'}, &(0x7f00000000c0)=0x1e) [ 514.349584] TSC Offset = 0xfffffee8b816fec0 [ 514.354029] EPT pointer = 0x0000000068e1e01e 12:18:32 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffd92, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0xf769}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) [ 514.497636] QAT: Invalid ioctl [ 514.513829] QAT: Invalid ioctl [ 514.707646] *** Guest State *** [ 514.711012] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 514.720237] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 514.729160] CR3 = 0x0000000000000000 [ 514.733051] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 514.739060] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 514.745132] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 514.751952] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 514.759979] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.768117] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.776239] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.784374] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.792469] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 514.800478] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 514.808605] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 514.816666] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 514.824908] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 514.832968] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 514.839670] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 514.847242] Interruptibility = 00000000 ActivityState = 00000000 [ 514.853555] *** Host State *** [ 514.856801] RIP = 0xffffffff812b0dfc RSP = 0xffff8880639af380 [ 514.862948] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 514.869400] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 514.877353] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 514.883339] CR0=0000000080050033 CR3=000000005f317000 CR4=00000000001426e0 [ 514.890397] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 514.897231] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 514.903375] *** Control State *** [ 514.906867] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 514.913657] EntryControls=0000d1ff ExitControls=002fefff [ 514.919148] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 514.926320] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.933083] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 514.939715] reason=80000021 qualification=0000000000000000 [ 514.946171] IDTVectoring: info=00000000 errcode=00000000 [ 514.951680] TSC Offset = 0xfffffee84e2ed46a [ 514.956139] EPT pointer = 0x000000006413e01e 12:18:33 executing program 5: prctl$PR_GET_TIMERSLACK(0x1e) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:33 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000880)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000000)) 12:18:33 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:33 executing program 1: clock_gettime(0x0, &(0x7f0000002480)={0x0, 0x0}) recvmmsg(0xffffffffffffff9c, &(0x7f0000002300)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f0000000100)=[{&(0x7f0000000000)=""/10, 0xa}], 0x1, &(0x7f0000000140)=""/172, 0xac}}, {{&(0x7f0000000200)=@rc, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/84, 0x54}, {&(0x7f0000000300)=""/219, 0xdb}, {&(0x7f0000000400)=""/235, 0xeb}, {&(0x7f0000000500)=""/64, 0x40}, {&(0x7f0000000540)=""/48, 0x30}, {&(0x7f0000000580)=""/33, 0x21}], 0x6, &(0x7f0000000640)=""/136, 0x88}, 0x40}, {{&(0x7f0000000700)=@caif=@dbg, 0x80, &(0x7f0000001c80)=[{&(0x7f0000000780)=""/150, 0x96}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/109, 0x6d}, {&(0x7f00000018c0)=""/30, 0x1e}, {&(0x7f0000001900)=""/221, 0xdd}, {&(0x7f0000001a00)=""/159, 0x9f}, {&(0x7f0000001ac0)=""/3, 0x3}, {&(0x7f0000001b00)=""/165, 0xa5}, {&(0x7f0000001bc0)=""/17, 0x11}, {&(0x7f0000001c00)=""/122, 0x7a}], 0xa}, 0x4}, {{&(0x7f0000001d40)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f0000001dc0), 0x0, &(0x7f0000001e00)=""/197, 0xc5}, 0x2}, {{0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000001f00)=""/26, 0x1a}, {&(0x7f0000001f40)=""/1, 0x1}, {&(0x7f0000001f80)=""/97, 0x61}], 0x3, &(0x7f0000002040)=""/50, 0x32}, 0x6}, {{&(0x7f0000002080)=@in6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000002200)=[{&(0x7f0000002100)=""/219, 0xdb}], 0x1, &(0x7f0000002240)=""/191, 0xbf}, 0x8}], 0x6, 0x10040, &(0x7f00000024c0)={r0, r1+30000000}) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000002500)=@req={0x3, 0x8, 0x4, 0x4}, 0x10) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r3, 0xc0184908, 0x0) 12:18:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:18:33 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x802}) write$cgroup_subtree(r0, &(0x7f0000000040)={[{0x0, 'memory'}, {0x0, 'm\x88dory'}, {0x0, '\xbddma\xc3\xfc6r\xfa\xd4\xb5\xaeSg\x99\v7\x00\xc5\x12\x90r\x87V\xf5\xd9\x05\'qS\xe1\x83\xbd.\x04\xe9\x14n\x06\xd9\x8b\xc2\xe0\xf8\xb3z\xa8\xea\x0fj-\xcf\xc5\x12\xb2m\xf0\xd6\xa4S=yX\x9c(E\xba\xe1\xfbsa+\x9a\xccl\xbf\xb2L\xf1\x18\xcbXAb\xfcy\x81U\n@J\xe89H\xd9r\xe6-\xbd\x9a)m\xa7\xe343\xe4v:2\xb9\xf5\xa0\x99\xb2\x9c0\xb5\x0e\x9cy\xbfx\xd1/O\x9a\xf1A\xf7\x81\x9b\xde\f\xc2\x85\xed\x91\xbf\xach)\xc5@ff\x81\x15@\xa4`\x0e!9Y\f\xca~@\xe1\\b\x92\b\x8c\x9f\xe7\xe7\x8c\x8d\x8a&\x82F\xc10\xd0\xf7\xae)&\xf4&\x05p\x80[\x8d\x7f'}]}, 0xcf) [ 515.047636] QAT: Invalid ioctl [ 515.086610] QAT: Invalid ioctl 12:18:33 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) [ 515.197380] *** Guest State *** [ 515.200738] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 515.209850] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 515.218818] CR3 = 0x0000000000000000 [ 515.222635] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 515.228642] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 515.234722] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 515.241553] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 515.249660] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.257746] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.265831] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.273917] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.282012] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.290070] GDTR: limit=0x0000ffff, base=0x0000000000000000 12:18:33 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000540)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000001980)=""/191) [ 515.298156] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 515.306284] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 515.314376] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 515.322457] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 515.328904] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 515.336451] Interruptibility = 00000000 ActivityState = 00000000 [ 515.342768] *** Host State *** 12:18:33 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x2, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="24000000220007031dfffd946f610500000000000543000000000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 515.345999] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c76f380 [ 515.352092] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 515.358559] FSBase=00007feb364da700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 515.366459] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 515.372455] CR0=0000000080050033 CR3=0000000072044000 CR4=00000000001426f0 [ 515.379520] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 515.386299] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 515.392452] *** Control State *** [ 515.395950] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 515.402718] EntryControls=0000d1ff ExitControls=002fefff [ 515.408228] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 515.415286] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 515.422056] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 515.428669] reason=80000021 qualification=0000000000000000 [ 515.435116] IDTVectoring: info=00000000 errcode=00000000 [ 515.435679] *** Guest State *** [ 515.440600] TSC Offset = 0xfffffee80f888c53 [ 515.440615] TPR Threshold = 0x00 [ 515.440634] EPT pointer = 0x000000006b12901e [ 515.456468] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 515.465425] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 515.474366] CR3 = 0x0000000000000000 [ 515.478107] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 515.484277] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 515.490345] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 515.497133] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 515.505303] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.513427] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.521454] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.529625] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.537722] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 515.545845] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 515.553955] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 515.562067] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 515.570088] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 515.578194] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 515.584732] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 515.592342] Interruptibility = 00000000 ActivityState = 00000000 [ 515.598600] *** Host State *** [ 515.601938] RIP = 0xffffffff812b0dfc RSP = 0xffff88806260f380 [ 515.607972] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 515.614579] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 515.622500] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 515.628429] CR0=0000000080050033 CR3=0000000078c2d000 CR4=00000000001426e0 [ 515.635565] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 515.642330] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 515.648977] *** Control State *** [ 515.652556] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 515.659268] EntryControls=0000d1ff ExitControls=002fefff [ 515.664850] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 515.671818] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 515.678610] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 515.685351] reason=80000021 qualification=0000000000000000 [ 515.691705] IDTVectoring: info=00000000 errcode=00000000 12:18:33 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x40, 0x0) ioctl$RTC_VL_CLR(r1, 0x7014) getdents64(r1, &(0x7f0000000040)=""/163, 0xa3) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) prctl$PR_SET_TSC(0x1a, 0x2) [ 515.697292] TSC Offset = 0xfffffee7ea399868 [ 515.701657] TPR Threshold = 0x00 [ 515.705219] EPT pointer = 0x000000006203d01e [ 515.736659] QAT: Invalid ioctl [ 515.741457] QAT: Invalid ioctl 12:18:33 executing program 1: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x5, 0x141f4e78e9c1b6d0) ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f00000000c0)={0x0, 0x100000000, 0x10001, [], &(0x7f0000000080)=0x2}) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:18:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 515.908284] QAT: Invalid ioctl [ 516.205876] *** Guest State *** [ 516.209299] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 516.218305] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 516.227393] CR3 = 0x0000000000000000 [ 516.231158] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 516.237280] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 516.243414] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 516.250168] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 516.258276] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.266444] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.274526] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.282646] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.290686] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.298781] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 516.306899] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 516.315030] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 516.323145] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 516.331166] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 516.337709] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 516.345271] Interruptibility = 00000000 ActivityState = 00000000 [ 516.351529] *** Host State *** [ 516.354943] RIP = 0xffffffff812b0dfc RSP = 0xffff888061f2f380 [ 516.360976] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 516.367521] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 516.375470] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 516.381411] CR0=0000000080050033 CR3=00000000623bd000 CR4=00000000001426e0 [ 516.388649] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 516.395492] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 516.401571] *** Control State *** [ 516.405228] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 516.412036] EntryControls=0000d1ff ExitControls=002fefff [ 516.417535] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 516.424707] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 516.431499] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 516.438202] reason=80000021 qualification=0000000000000000 [ 516.444636] IDTVectoring: info=00000000 errcode=00000000 [ 516.450145] TSC Offset = 0xfffffee784207eca 12:18:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$RTC_AIE_OFF(r1, 0x7002) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:34 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x2, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="24000000220007031dfffd946f610500000000000543000000000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:18:34 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r1 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) fsetxattr(r1, &(0x7f0000000080)=@known='trusted.overlay.impure\x00', &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x11, 0x2) 12:18:34 executing program 3: unshare(0x28020400) semget$private(0x0, 0x2, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100), 0x0}, 0x18) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000000040)=""/244) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000140)={0x6, 0x4}) [ 516.454602] TPR Threshold = 0x00 [ 516.458025] EPT pointer = 0x000000006200101e [ 516.525263] QAT: Invalid ioctl [ 516.546739] QAT: Invalid ioctl 12:18:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x800, 0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0xfffffffffffffffa) timerfd_create(0x8, 0x0) clone(0x202102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x80001, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, &(0x7f0000000300), &(0x7f0000000340)=0x30) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f00000001c0)) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) bind$inet(r1, &(0x7f0000738ff0)={0x2, 0x4e21, @multicast1}, 0x10) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000080)) r4 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$get_keyring_id(0x0, r4, 0x7f) fsetxattr$security_smack_transmute(r2, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x1) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) modify_ldt$write2(0x11, &(0x7f0000000200)={0x8, 0x20000800, 0xffffffffffffffff, 0x7, 0x1, 0x7f, 0x9, 0x85f, 0x81, 0x80}, 0x10) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x4000, 0x0) write$P9_RRENAME(r5, &(0x7f0000000280)={0x7, 0x15, 0x2}, 0x7) syz_open_pts(r3, 0x200fe) ioctl$int_out(r0, 0x2, &(0x7f00000002c0)) connect$inet(r1, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) [ 516.603734] QAT: Invalid ioctl [ 516.619528] QAT: Invalid ioctl 12:18:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 516.789094] *** Guest State *** [ 516.792615] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 516.801511] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 516.810482] CR3 = 0x0000000000000000 [ 516.814302] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 516.820307] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 516.826469] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 516.833351] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 516.841380] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.849491] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.857650] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.865783] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.873864] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 516.881962] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 516.889984] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 516.898073] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 516.906203] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 516.914282] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 516.920719] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 516.928317] Interruptibility = 00000000 ActivityState = 00000000 [ 516.934631] *** Host State *** 12:18:34 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x440, 0x0) ioctl$VIDIOC_G_STD(0xffffffffffffff9c, 0x80085617, &(0x7f0000000280)=0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f00000002c0)=r1) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x10801, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000200)=0x74fb) r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x8040) fsetxattr$trusted_overlay_upper(r3, &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0xd6, 0x0, 0x4111d3ee, "741a020ea06fc1c9adbfbc59778f873c", "c91627d2f61ca9a561d795382c88116de2a611159b33527c9a218b00d4830d072d7dedcdc6136d9913c394b7ac08cca3288a26c2e8936e27e70d5de76b4c75d38b8aee9ef62ebdb42e4757a33c8fca359a0098b56ca17af8649eb5ebd37be5f54ff47a677bb6ae3d2b12866d5b2ab740340822e0c7f43394c4116e1bf80e3a5b55bf85750efb40274e3a0ca713141d6aa9e645d6cf29fb76388e26216c051b350173c4b3a53e8e37c56174fcd9eec30f61e75586614982fa84d9432a4224a5fb6b"}, 0xd6, 0x2) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r4, 0xc0184908, 0x0) [ 516.937860] RIP = 0xffffffff812b0dfc RSP = 0xffff8880600ef380 [ 516.943983] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 516.950430] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 516.958395] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 516.964404] CR0=0000000080050033 CR3=00000000621ba000 CR4=00000000001426f0 [ 516.971481] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 516.978330] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 516.984594] *** Control State *** [ 516.988103] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 516.994902] EntryControls=0000d1ff ExitControls=002fefff [ 517.000437] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 517.007648] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 517.014433] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 517.021045] reason=80000021 qualification=0000000000000000 [ 517.027544] IDTVectoring: info=00000000 errcode=00000000 [ 517.033101] TSC Offset = 0xfffffee73ecdd208 [ 517.037455] TPR Threshold = 0x00 [ 517.040852] EPT pointer = 0x000000006140201e [ 517.091488] *** Guest State *** [ 517.095122] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 517.104127] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 517.113068] CR3 = 0x0000000000000000 [ 517.116819] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 517.122965] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 517.128995] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 517.135878] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 517.144847] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 517.152963] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 517.160992] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 517.165823] QAT: Invalid ioctl [ 517.169101] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 517.180340] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 517.188428] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 517.196506] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 517.204626] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 517.212727] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 517.220735] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 517.227278] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 517.234849] Interruptibility = 00000000 ActivityState = 00000000 [ 517.241103] *** Host State *** [ 517.244448] RIP = 0xffffffff812b0dfc RSP = 0xffff88806260f380 [ 517.250504] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 517.257066] FSBase=00007feb364db700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 517.265011] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 517.266453] QAT: Invalid ioctl [ 517.270950] CR0=0000000080050033 CR3=000000005c1ea000 CR4=00000000001426f0 [ 517.270983] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 517.271008] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 517.271020] *** Control State *** [ 517.271041] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 517.271061] EntryControls=0000d1ff ExitControls=002fefff [ 517.271088] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 517.271109] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 517.271144] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 517.330350] reason=80000021 qualification=0000000000000000 [ 517.336807] IDTVectoring: info=00000000 errcode=00000000 [ 517.342351] TSC Offset = 0xfffffee7096985da [ 517.346708] EPT pointer = 0x00000000602f101e 12:18:37 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") sendmmsg$alg(r1, &(0x7f00000000c0)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="8e", 0x1}], 0x1}], 0x1, 0x0) readv(r1, &(0x7f00000007c0)=[{&(0x7f00000001c0)=""/104, 0x34910}], 0x1) 12:18:37 executing program 3: unshare(0x28020400) r0 = dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000140)={0x100, 0xffffffff, 0xbfe}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x440400, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x100, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @reserved}) r3 = semget(0x1, 0x2, 0x14) semctl$GETPID(r3, 0x1, 0xb, &(0x7f0000000340)=""/4096) write$P9_ROPEN(r2, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x88, 0x4, 0x5}, 0x40}}, 0x18) 12:18:37 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r2 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14}, 0x14}}, 0x4008004) sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) 12:18:37 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) readv(r0, &(0x7f00000024c0)=[{&(0x7f0000000040)=""/170, 0xaa}, {&(0x7f0000000100)=""/14, 0xe}, {&(0x7f0000000140)=""/255, 0xff}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000002240)=""/37, 0x25}, {&(0x7f00000025c0)=""/156, 0x9c}, {&(0x7f0000002340)=""/179, 0xb3}, {&(0x7f0000002400)=""/144, 0x90}], 0x9) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, 0x0) ioctl(r0, 0x5, &(0x7f0000002580)="0f6c") 12:18:37 executing program 5: r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0xefd1, 0x100) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f00000001c0)={0x20000000000, 0x4, 0x800, 0x0, 0x10000, 0x80, 0x100, 0x7, 0xe996, 0xffffffffffff691f, 0x0, 0x2, 0x0, 0x1, 0x5, 0x10000, 0x3ff, 0xffffffff, 0x4}) ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f0000000200)={0x0, 0x0, {0x1f, 0x1, 0x3005, 0x3, 0x0, 0x7}}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000280)="c4e11de3b83100c0fe67660fb5454c65dcf1c744240000800000c744240200800000c7442406000000000f011424b9060a0000b8cc9b30ccba000000000f30c4e17ddd1e67f20f2ca471e2660f38809f530700000fc768bf66b867000f00d8", 0x5f}], 0x1, 0x1, &(0x7f0000000340), 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000000340)={0x7fff, 0xd}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:18:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 519.779239] QAT: Invalid ioctl [ 519.790628] QAT: Invalid ioctl [ 519.810864] QAT: Invalid ioctl [ 519.946300] *** Guest State *** [ 519.949742] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 519.958812] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 519.967829] CR3 = 0x0000000000000000 [ 519.971637] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 519.977752] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 519.983871] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 519.990597] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 519.998696] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.006935] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.015090] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.023235] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.031282] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.039439] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.047550] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 520.055736] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.063911] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 520.072190] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 520.078675] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 520.086272] Interruptibility = 00000000 ActivityState = 00000000 [ 520.092652] *** Host State *** [ 520.095923] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bbbf380 [ 520.102573] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 520.109031] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 520.116989] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 520.123024] CR0=0000000080050033 CR3=000000006033d000 CR4=00000000001426e0 [ 520.130194] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 520.136986] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 520.143146] *** Control State *** [ 520.146651] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 520.153450] EntryControls=0000d1ff ExitControls=002fefff [ 520.158976] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 520.166104] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.172900] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.179517] reason=80000021 qualification=0000000000000000 [ 520.185990] IDTVectoring: info=00000000 errcode=00000000 [ 520.191490] TSC Offset = 0xfffffee5862dccfd 12:18:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000300)={0x0, 0x6, 0x4, 0x4, {0x0, 0x2710}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, "63d3d5df"}, 0x0, 0x0, @offset, 0x4}) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x8000020f4, 0x0) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r0, 0x2) ioctl$TIOCLINUX7(r1, 0x541c, &(0x7f0000000000)={0x7, 0x2}) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, 0x0) 12:18:38 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0xffff, 0x208000) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 520.195962] TPR Threshold = 0x00 [ 520.199378] EPT pointer = 0x00000000792fa01e 12:18:38 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000040)={0x0, 0x0, {0x0, 0x2000000, 0x0, 0x3, 0x0, 0x800}}) [ 520.487320] *** Guest State *** [ 520.490679] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 520.497700] *** Guest State *** [ 520.499707] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 520.503018] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 520.511921] CR3 = 0x0000000000000000 [ 520.511941] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 520.511979] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 520.521009] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 520.524792] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 520.524830] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 520.530833] CR3 = 0x0000000000000000 [ 520.536862] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.536927] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.536993] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.545893] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 520.552643] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.560607] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 520.564394] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.564426] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.572492] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 520.580469] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 520.588515] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 520.594533] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.594584] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 520.602620] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.602650] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.602680] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.602712] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.602746] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 520.602770] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.602807] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 520.608778] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 520.616812] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 520.624832] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 520.624861] Interruptibility = 00000000 ActivityState = 00000000 [ 520.631553] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 520.639579] *** Host State *** [ 520.647639] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 520.655705] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bbbf380 [ 520.663779] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 520.671725] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 12:18:38 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/rt6_stats\x00') preadv(r0, &(0x7f0000001300)=[{&(0x7f0000000000)=""/114, 0x72}], 0x1, 0x1000000000000000) [ 520.679747] Interruptibility = 00000000 ActivityState = 00000000 [ 520.679757] *** Host State *** [ 520.679780] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bf9f380 [ 520.679821] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 520.687835] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 520.687865] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 520.695902] FSBase=00007feb364db700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 520.703915] CR0=0000000080050033 CR3=000000006033d000 CR4=00000000001426f0 12:18:38 executing program 1: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0xb, 0x8000000000000002, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffdfffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xa0) getpid() bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001bc0)}, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) [ 520.703948] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 520.711974] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 520.719946] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 520.726416] CR0=0000000080050033 CR3=0000000074bae000 CR4=00000000001426e0 [ 520.734413] *** Control State *** [ 520.734444] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 520.741988] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 520.742010] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 520.742019] *** Control State *** [ 520.742037] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 520.742059] EntryControls=0000d1ff ExitControls=002fefff [ 520.742082] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 520.742115] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.742135] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.742152] reason=80000021 qualification=0000000000000000 [ 520.742166] IDTVectoring: info=00000000 errcode=00000000 [ 520.742189] TSC Offset = 0xfffffee538fb99dd [ 520.742200] TPR Threshold = 0x00 [ 520.742214] EPT pointer = 0x000000005c12f01e [ 520.946574] EntryControls=0000d1ff ExitControls=002fefff [ 520.952155] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 520.959129] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.965914] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 520.972647] reason=80000021 qualification=0000000000000000 [ 520.978993] IDTVectoring: info=00000000 errcode=00000000 [ 520.984598] TSC Offset = 0xfffffee5406734f9 12:18:39 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 520.988949] TPR Threshold = 0x00 [ 520.992430] EPT pointer = 0x0000000060ad101e 12:18:39 executing program 4: 12:18:39 executing program 3: unshare(0x28020408) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000000), 0x0}, 0x18) 12:18:39 executing program 1: 12:18:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x280201, 0x0) getpeername$packet(0xffffffffffffff9c, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000240)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4004000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)=@newtclass={0x104, 0x28, 0x104, 0x70bd2a, 0x25dfdbfb, {0x0, r5, {0xb, 0x7}, {0xffff, 0xe}, {0xa}}, [@tclass_kind_options=@c_drr={{0x8, 0x1, 'drr\x00'}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x1}}}, @TCA_RATE={0x8, 0x5, {0x2, 0x400}}, @tclass_kind_options=@c_dsmark={{0xc, 0x1, 'dsmark\x00'}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x8, 0x5, 0xfffffffffffffff9}}}, @tclass_kind_options=@c_hfsc={{0xc, 0x1, 'hfsc\x00'}, {0x54, 0x2, [@TCA_HFSC_FSC={0x10, 0x2, {0x5, 0xa9e, 0xfffffffffffffffc}}, @TCA_HFSC_USC={0x10, 0x3, {0x7, 0x2}}, @TCA_HFSC_USC={0x10, 0x3, {0xfffffffffffffffe, 0xfffffffffffffffd, 0x80}}, @TCA_HFSC_FSC={0x10, 0x2, {0x6, 0x8bc4, 0x1}}, @TCA_HFSC_USC={0x10, 0x3, {0x2, 0x401, 0x9}}]}}, @tclass_kind_options=@c_cbq={{0x8, 0x1, 'cbq\x00'}, {0x44, 0x2, [@TCA_CBQ_RATE={0x10, 0x5, {0x0, 0x1, 0x100, 0xffffffff, 0xffffffffffffefda, 0x6}}, @TCA_CBQ_RATE={0x10, 0x5, {0x2, 0x1, 0x4, 0xffffffff, 0xfffffffffffffc01, 0x1}}, @TCA_CBQ_WRROPT={0x10, 0x2, {0x8, 0x7, 0x263, 0x7, 0xffffffff, 0x2}}, @TCA_CBQ_RATE={0x10, 0x5, {0x7, 0x1, 0x8, 0x5, 0x7cc7, 0x100000000}}]}}]}, 0x104}, 0x1, 0x0, 0x0, 0x4000}, 0xc5) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:39 executing program 3: unshare(0x24000800) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000080)={0x1, 0x0, [0x3, 0x200, 0x1, 0x1ff, 0x9, 0x6, 0x741, 0x8000000000]}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100), 0x0}, 0x27a) 12:18:39 executing program 1: 12:18:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:39 executing program 4: 12:18:39 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:39 executing program 1: [ 521.637656] *** Guest State *** [ 521.641010] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 521.650167] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 521.659106] CR3 = 0x0000000000000000 [ 521.662979] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 521.669007] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 521.675133] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:18:39 executing program 3: unshare(0x28020400) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0), &(0x7f0000000140)=0x1466) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x0, 0x0) ioctl$UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f0000000040)={0x4, 0x9, 0x5}) 12:18:39 executing program 4: [ 521.682018] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 521.690027] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.698095] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.706254] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.714366] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.722442] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.730468] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 521.731464] *** Guest State *** [ 521.738564] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 521.738592] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 521.738630] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 521.738653] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 521.738676] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 521.738696] Interruptibility = 00000000 ActivityState = 00000000 [ 521.738719] *** Host State *** [ 521.742121] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 521.742191] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 521.750192] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd81f380 [ 521.758255] CR3 = 0x0000000000000000 [ 521.766300] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 521.766336] FSBase=00007feb364da700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 521.772801] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 521.780254] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 521.786573] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 521.789752] CR0=0000000080050033 CR3=0000000062007000 CR4=00000000001426f0 [ 521.798694] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 521.798723] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 521.798758] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.798792] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.798824] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.798858] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.798891] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 521.798916] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 521.798948] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 521.798984] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 521.807881] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 521.807912] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 521.813967] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 521.817667] *** Control State *** [ 521.824149] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 521.831987] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 521.832014] EntryControls=0000d1ff ExitControls=002fefff [ 521.837990] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 521.843926] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 521.843971] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 521.849994] Interruptibility = 00000000 ActivityState = 00000000 [ 521.857055] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 521.857085] reason=80000021 qualification=0000000000000000 [ 521.863802] *** Host State *** [ 521.863827] RIP = 0xffffffff812b0dfc RSP = 0xffff8882041af380 [ 521.863866] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 521.863903] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 521.871916] IDTVectoring: info=00000000 errcode=00000000 [ 521.871943] TSC Offset = 0xfffffee49b90a847 [ 521.879921] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 521.887927] TPR Threshold = 0x00 [ 521.887958] EPT pointer = 0x00000001fb7fa01e [ 521.895992] CR0=0000000080050033 CR3=0000000062cab000 CR4=00000000001426e0 [ 522.074653] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 522.081363] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 522.087527] *** Control State *** [ 522.091018] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 522.097789] EntryControls=0000d1ff ExitControls=002fefff [ 522.103360] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 522.110346] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 522.117166] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 522.123886] reason=80000021 qualification=0000000000000000 [ 522.130249] IDTVectoring: info=00000000 errcode=00000000 12:18:40 executing program 1: 12:18:40 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 522.135987] TSC Offset = 0xfffffee499a2be51 [ 522.140341] TPR Threshold = 0x00 [ 522.143836] EPT pointer = 0x00000001fe9ec01e 12:18:40 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 522.522058] *** Guest State *** [ 522.525480] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 522.534605] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 522.543560] CR3 = 0x0000000000000000 [ 522.547315] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 522.553474] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 522.559534] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 522.566354] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 522.574455] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 522.582633] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 522.590657] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 522.598791] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 522.606974] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 522.615110] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 522.623249] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 522.631277] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 522.639383] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 522.647473] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 522.653999] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 522.661492] Interruptibility = 00000000 ActivityState = 00000000 [ 522.667870] *** Host State *** [ 522.671092] RIP = 0xffffffff812b0dfc RSP = 0xffff8882041af380 [ 522.677218] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 522.683699] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 522.691517] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 522.697497] CR0=0000000080050033 CR3=0000000062cab000 CR4=00000000001426e0 [ 522.704593] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 522.711280] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 522.717520] *** Control State *** [ 522.721000] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 522.727772] EntryControls=0000d1ff ExitControls=002fefff [ 522.733340] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 522.740293] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 522.747063] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 522.753752] reason=80000021 qualification=0000000000000000 [ 522.760091] IDTVectoring: info=00000000 errcode=00000000 [ 522.765686] TSC Offset = 0xfffffee41d8d2bfc 12:18:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x7, 0x40) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)={0xa, 0x0, [{0xc00003ef, 0x0, 0x4404}, {0x43fd0acd21c4449c, 0x0, 0x3}, {0xbbf, 0x0, 0x46}, {0xaa2, 0x0, 0x8000}, {0xbfd, 0x0, 0x400}, {0x316, 0x0, 0x3}, {0xbef, 0x0, 0xfffffffffffffffb}, {0xbe7, 0x0, 0x7}, {0x2ff, 0x0, 0x3}, {0xf97, 0x0, 0x7}]}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:18:40 executing program 4: 12:18:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:40 executing program 1: 12:18:40 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 522.770030] EPT pointer = 0x000000005e30a01e 12:18:40 executing program 3: unshare(0x28020400) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x400, 0x0) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100), 0x0}, 0x18) 12:18:41 executing program 4: 12:18:41 executing program 1: 12:18:41 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:41 executing program 3: unshare(0x28020401) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x9}, 0xfffffffffffffedd) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:41 executing program 1: 12:18:41 executing program 4: 12:18:41 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:41 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x81, 0x1) ioctl$KVM_GET_NESTED_STATE(r1, 0xc080aebe, &(0x7f0000000340)={0x0, 0x0, 0x2080}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000040)={0x80000001, 0x5, 0x4, 0x400000, {0x0, 0x7530}, {0x2, 0xf, 0x9, 0x8001, 0x3f0f533a, 0x0, "47c6b084"}, 0x0, 0x2, @offset=0x33d3, 0x4}) [ 523.506956] *** Guest State *** [ 523.510316] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 523.519502] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 523.528500] CR3 = 0x0000000000000000 [ 523.532380] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 523.538384] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 523.544459] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 523.551198] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 523.559279] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 523.567423] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 523.575670] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 523.583764] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 523.591811] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:18:41 executing program 1: [ 523.599887] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 523.607987] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 523.616057] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 523.624162] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 523.632280] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 523.638727] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 523.646290] Interruptibility = 00000000 ActivityState = 00000000 [ 523.652613] *** Host State *** [ 523.655860] RIP = 0xffffffff812b0dfc RSP = 0xffff88820a86f380 [ 523.662155] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 523.668623] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 523.676533] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 523.682552] CR0=0000000080050033 CR3=0000000063a63000 CR4=00000000001426f0 [ 523.689614] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 523.696375] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 523.703427] *** Control State *** [ 523.706925] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 523.713717] EntryControls=0000d1ff ExitControls=002fefff [ 523.719212] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 523.726252] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 523.732998] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 523.739615] reason=80000021 qualification=0000000000000000 [ 523.746013] IDTVectoring: info=00000000 errcode=00000000 [ 523.751493] TSC Offset = 0xfffffee39ad3aee1 12:18:41 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 523.755895] EPT pointer = 0x000000006104c01e 12:18:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:41 executing program 1: 12:18:42 executing program 4: [ 524.015150] *** Guest State *** [ 524.018668] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 524.027821] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 524.036754] CR3 = 0x0000000000000000 [ 524.040503] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 524.046628] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 524.052721] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 524.059488] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 524.067610] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.075704] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.083828] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.091948] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.100024] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.108219] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 524.116367] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 524.124527] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 524.132613] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 524.140649] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 524.147205] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 524.154822] Interruptibility = 00000000 ActivityState = 00000000 [ 524.161080] *** Host State *** [ 524.164413] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd61f380 [ 524.170443] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 524.177007] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 524.184911] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 524.190834] CR0=0000000080050033 CR3=0000000063a63000 CR4=00000000001426e0 [ 524.197986] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 524.204762] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 524.210840] *** Control State *** [ 524.214437] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 524.221148] EntryControls=0000d1ff ExitControls=002fefff [ 524.226745] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 524.233778] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 524.240479] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 524.247218] reason=80000021 qualification=0000000000000000 [ 524.253640] IDTVectoring: info=00000000 errcode=00000000 [ 524.259120] TSC Offset = 0xfffffee354119ec2 12:18:42 executing program 3: r0 = fcntl$getown(0xffffffffffffffff, 0x9) r1 = getpid() r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x200, 0x0) r3 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/current\x00', 0x2, 0x0) kcmp(r0, r1, 0x7, r2, r3) getpid() unshare(0x28020400) r4 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1, 0x200000) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x5, 0x5, 0x9, 0x9, 0x0, r4}, 0x2c) setsockopt$inet_sctp6_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000080)={0x4, 0x8, 0x6, 0x6}, 0x8) r6 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000004780)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f0000004880)=0xe8) getsockopt$inet6_mreq(r4, 0x29, 0x14, &(0x7f0000005900)={@mcast2, 0x0}, &(0x7f0000005940)=0x14) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005a40)={{{@in=@broadcast, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}}}, &(0x7f0000005b40)=0xe8) recvmsg$kcm(r2, &(0x7f00000060c0)={&(0x7f0000005d00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000005f80)=[{&(0x7f0000005d80)=""/99, 0x63}, {&(0x7f0000005e00)=""/50, 0x32}, {&(0x7f0000005e40)=""/218, 0xda}, {&(0x7f0000005f40)=""/55, 0x37}], 0x4, &(0x7f0000005fc0)=""/225, 0xe1}, 0x40010003) getsockname$packet(r4, &(0x7f0000006100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000006140)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000006240)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000006340)=0xe8) getsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000006380)={@local, @multicast2, 0x0}, &(0x7f00000063c0)=0xc) recvmsg(r5, &(0x7f00000069c0)={&(0x7f0000006400)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f00000068c0)=[{&(0x7f0000006480)=""/139, 0x8b}, {&(0x7f0000006540)=""/150, 0x96}, {&(0x7f0000006600)=""/44, 0x2c}, {&(0x7f0000006640)=""/49, 0x31}, {&(0x7f0000006680)=""/223, 0xdf}, {&(0x7f0000006780)=""/181, 0xb5}, {&(0x7f0000006840)=""/110, 0x6e}], 0x7, &(0x7f0000006940)=""/84, 0x54}, 0x40000000) getsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000006ac0)={@multicast2, @empty, 0x0}, &(0x7f0000006b00)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000006b40)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000006c40)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000006c80)={'bridge_slave_0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000006cc0)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000006d00)={'team0\x00', 0x0}) getsockname$packet(r2, &(0x7f0000006d40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000006d80)=0x14) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000006dc0)={'team_slave_1\x00', 0x0}) recvmsg$kcm(r4, &(0x7f0000008180)={&(0x7f0000006e00)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000008100)=[{&(0x7f0000006e80)=""/21, 0x15}, {&(0x7f0000006ec0)=""/4096, 0x1000}, {&(0x7f0000007ec0)=""/80, 0x50}, {&(0x7f0000007f40)=""/227, 0xe3}, {&(0x7f0000008040)=""/37, 0x25}, {&(0x7f0000008080)=""/83, 0x53}], 0x6}, 0x2000) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f00000081c0)={0x0, @rand_addr, @multicast2}, &(0x7f0000008200)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f000000d180)={{{@in6=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@broadcast}}, &(0x7f000000d280)=0xe8) getsockname(r4, &(0x7f000000d3c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000d440)=0x80) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f000000d480)={{{@in6=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f000000d580)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f000000dbc0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f000000db80)={&(0x7f00000008c0)=ANY=[@ANYBLOB="bc050000ed681b61825c919ef7a9b4f1818d2b46a39eed99ccaa64332b9fa29294dd09e547e03197906b49027977a056e569dcab17521f57249aa3335cf4dd172b8ed9dacf8c6c7b7fa17613f2c6b8e45730d643abab7d4b1f4841ade7b4b0", @ANYRES16=r6, @ANYBLOB="040027bd7000fbdbdf250100000008000100", @ANYRES32=r7, @ANYBLOB="b001020038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400ad0400003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004009300000008000600", @ANYRES32=r9, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000140004006163746976656261636b7570000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r10, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="b00002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000100000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000500000008000100", @ANYRES32=r15, @ANYBLOB="b800020040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000700000008000600", @ANYRES32=r16, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r17, @ANYBLOB="08000100", @ANYRES32=r18, @ANYBLOB="bc00020040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r19, @ANYBLOB="08000700000000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c00040068617368000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r20, @ANYBLOB="08000100", @ANYRES32=r21, @ANYBLOB="6001020038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400060000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r22, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000400000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000600", @ANYRES32=r23, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r24, @ANYBLOB="0800010047202baaec57cc1be73301f5e34318bbe2e1d7f958b1560c97d9e234c1f602d9a35eae20ad77da10b182de3f7de57d1acdf6d07f513abd065ef6dc3850f09dc6c2278a038a5b1bb4d2dd77115257c3f8c96aa3ed748f8a39b2a24951c2119382fa36ff7d228fd5307b737caaf80c4b37df6db9a5c91eca8e01b998d9ddb4e5c3d4c9533f31cc3ac37d901c009026384e5d46061dde3e92ac6ed1702a12027113bdcb62615a9c5bccde7885b04d8490edae948abef38d415e7f3ffce49f74c2de030373ad80daa32e0d4232bd", @ANYRES32=r25, @ANYBLOB="4400020040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000600", @ANYRES32=r26], 0x5bc}, 0x1, 0x0, 0x0, 0x40800}, 0x40090) [ 524.263590] EPT pointer = 0x00000002128cd01e 12:18:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r4 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0, 0x80) ioctl$NBD_CLEAR_SOCK(r4, 0xab04) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:42 executing program 1: 12:18:42 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:42 executing program 4: 12:18:42 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8, 0x200000) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x40, 0xcf0e}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f00000000c0)={r2}, 0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:42 executing program 4: 12:18:42 executing program 1: 12:18:42 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 524.679143] *** Guest State *** [ 524.682582] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 524.691459] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 524.700486] CR3 = 0x0000000000000000 [ 524.704346] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 524.710349] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 524.716441] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 524.723304] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 524.731327] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.739417] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.747492] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.755636] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.763718] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.771735] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 524.779807] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 524.787974] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 524.796060] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 524.804126] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 524.810584] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 524.818119] Interruptibility = 00000000 ActivityState = 00000000 [ 524.824445] *** Host State *** [ 524.827677] RIP = 0xffffffff812b0dfc RSP = 0xffff888213ccf380 [ 524.833757] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 524.840217] FSBase=00007feb364b9700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 524.848109] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 524.854132] CR0=0000000080050033 CR3=0000000060abf000 CR4=00000000001426f0 [ 524.861228] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 524.867994] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 524.874134] *** Control State *** [ 524.877674] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 524.884786] EntryControls=0000d1ff ExitControls=002fefff [ 524.890278] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 524.897333] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 524.904896] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 524.911515] reason=80000021 qualification=0000000000000000 [ 524.916072] *** Guest State *** [ 524.917995] IDTVectoring: info=00000000 errcode=00000000 [ 524.918024] TSC Offset = 0xfffffee2ff7907aa [ 524.921372] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 524.926862] TPR Threshold = 0x00 [ 524.926881] EPT pointer = 0x00000001fd0e101e [ 524.948241] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 524.957270] CR3 = 0x0000000000000000 [ 524.961009] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 524.967117] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 524.973198] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 524.979923] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 524.988023] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 524.996118] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.004222] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.012329] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.020364] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.028463] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.036606] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 525.044686] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.052770] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 525.060772] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 525.067291] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 525.074854] Interruptibility = 00000000 ActivityState = 00000000 [ 525.081108] *** Host State *** [ 525.084412] RIP = 0xffffffff812b0dfc RSP = 0xffff8881ffeaf380 [ 525.090457] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 525.096988] FSBase=00007f3a33aac700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 525.104895] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 525.110855] CR0=0000000080050033 CR3=00000001fbca5000 CR4=00000000001426e0 [ 525.118009] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 525.124809] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 525.130904] *** Control State *** [ 525.134529] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 525.141236] EntryControls=0000d1ff ExitControls=002fefff [ 525.146831] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 525.153859] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 525.160568] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 525.167337] reason=80000021 qualification=0000000000000000 [ 525.173772] IDTVectoring: info=00000000 errcode=00000000 12:18:43 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:43 executing program 4: 12:18:43 executing program 1: [ 525.179247] TSC Offset = 0xfffffee2dc6a5905 [ 525.183705] EPT pointer = 0x00000001fd74101e [ 525.359590] *** Guest State *** [ 525.363112] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 525.372176] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 525.381064] CR3 = 0x0000000000000000 [ 525.384889] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 525.390895] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 525.397023] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 525.403833] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 525.411933] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.419954] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.428067] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.436212] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.444342] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.452453] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.460490] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 525.468641] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.476800] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 525.484915] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 525.491386] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 525.499021] Interruptibility = 00000000 ActivityState = 00000000 [ 525.505368] *** Host State *** [ 525.508605] RIP = 0xffffffff812b0dfc RSP = 0xffff8880614ef380 [ 525.514733] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 525.521215] FSBase=00007f3a33a8b700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 525.529280] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 525.535350] CR0=0000000080050033 CR3=00000001fbca5000 CR4=00000000001426e0 [ 525.542582] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 525.549325] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 525.555506] *** Control State *** [ 525.558995] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 525.565817] EntryControls=0000d1ff ExitControls=002fefff [ 525.571324] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 525.578383] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 525.585195] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 525.591816] reason=80000021 qualification=0000000000000000 [ 525.598293] IDTVectoring: info=00000000 errcode=00000000 [ 525.603875] TSC Offset = 0xfffffee2dc6a5905 12:18:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x800, 0x0) ioctl$IOC_PR_REGISTER(r4, 0x401870c8, &(0x7f0000000280)={0x9, 0x652d, 0x1}) ioctl(r1, 0x5, &(0x7f0000000140)="954a0b") ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000200)={[{0xfffffffffffffffa, 0xfffffffffffffff7, 0x2, 0x400, 0x6, 0xc05b, 0xd9, 0x7, 0xcf, 0x0, 0x7, 0x6, 0x1}, {0x9, 0x7d3, 0x5, 0x6, 0x100000000, 0x6, 0x2, 0x4, 0x8, 0x8, 0x4, 0x3, 0x4bc}, {0x1, 0x7fff, 0xffffffff, 0x8, 0x547, 0x1ff, 0x612c, 0x401, 0x1ff, 0x8, 0xfffffffffffffffe, 0x227, 0x7fffffff}], 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:43 executing program 3: openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x20000, 0x0) unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:43 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:43 executing program 1: 12:18:43 executing program 4: 12:18:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 525.608232] EPT pointer = 0x00000001fd74101e 12:18:43 executing program 4: 12:18:43 executing program 1: 12:18:43 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 525.860637] *** Guest State *** [ 525.864205] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 525.873265] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 525.882261] CR3 = 0x0000000000000000 [ 525.886009] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 525.892100] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 525.898112] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 525.904919] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 525.913042] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.921083] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.929174] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.937282] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.945375] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 525.953450] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.953924] *** Guest State *** [ 525.961468] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 525.961496] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 525.961541] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 525.964899] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 525.964938] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 525.972950] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 525.972976] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 525.972997] Interruptibility = 00000000 ActivityState = 00000000 [ 525.973021] *** Host State *** [ 525.981002] CR3 = 0x0000000000000000 [ 525.989025] RIP = 0xffffffff812b0dfc RSP = 0xffff888213caf380 [ 525.989063] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 525.989088] FSBase=00007feb364b9700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 525.989110] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 525.989135] CR0=0000000080050033 CR3=0000000079152000 CR4=00000000001426f0 [ 525.989162] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 525.989194] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 525.989204] *** Control State *** [ 525.989241] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 525.989257] EntryControls=0000d1ff ExitControls=002fefff [ 525.989292] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 525.998202] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 526.007092] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.007111] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.007140] reason=80000021 qualification=0000000000000000 [ 526.013629] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 526.021060] IDTVectoring: info=00000000 errcode=00000000 [ 526.027400] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 526.030584] TSC Offset = 0xfffffee25ee8b716 [ 526.034376] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 526.040337] TPR Threshold = 0x00 [ 526.046825] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.046858] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.046888] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.046921] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.046969] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.046992] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 526.047028] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 526.054893] EPT pointer = 0x000000006014e01e [ 526.224154] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 526.232321] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 526.240326] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 526.246871] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 526.254443] Interruptibility = 00000000 ActivityState = 00000000 [ 526.260711] *** Host State *** [ 526.264049] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fbd9f380 [ 526.270083] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 526.276630] FSBase=00007f3a33a8a700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 526.284568] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 526.290529] CR0=0000000080050033 CR3=00000001fd70a000 CR4=00000000001426e0 [ 526.297694] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 526.304477] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 526.310574] *** Control State *** [ 526.314202] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 526.320912] EntryControls=0000d1ff ExitControls=002fefff [ 526.326513] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 526.333537] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.340238] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.346949] reason=80000021 qualification=0000000000000000 [ 526.353380] IDTVectoring: info=00000000 errcode=00000000 12:18:44 executing program 1: 12:18:44 executing program 4: 12:18:44 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 526.358856] TSC Offset = 0xfffffee2572172ed [ 526.363400] TPR Threshold = 0x00 [ 526.366841] EPT pointer = 0x00000001fdab801e [ 526.660519] *** Guest State *** [ 526.664071] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 526.673097] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 526.682044] CR3 = 0x0000000000000000 [ 526.685802] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 526.691795] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 526.697916] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 526.704752] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 526.712871] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.720915] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.728978] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.737043] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.745081] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.753156] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 526.761198] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 526.769332] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 526.777422] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 526.785507] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 526.792025] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 526.799483] Interruptibility = 00000000 ActivityState = 00000000 [ 526.805837] *** Host State *** [ 526.809114] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fffdf380 [ 526.815210] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 526.821659] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 526.829612] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 526.835621] CR0=0000000080050033 CR3=00000001fd70a000 CR4=00000000001426f0 [ 526.842752] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 526.849443] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 526.855656] *** Control State *** [ 526.859138] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 526.865927] EntryControls=0000d1ff ExitControls=002fefff [ 526.871403] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 526.878414] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.885155] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 526.891743] reason=80000021 qualification=0000000000000000 [ 526.898151] IDTVectoring: info=00000000 errcode=00000000 [ 526.903704] TSC Offset = 0xfffffee1e5d9bc9d 12:18:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:45 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f00000000c0)="730eac7e3b29679eadd84be3ccae8d0e3edb7980819fd5575222d350eee6487af4b572e2d1658294853dd94a75b8adc36e859f3932a177a76838476458a3cdb7528a5dfe1db20000000000000000f48b2a15486eee7eab7ef101fc07f3f22178f145f9c2aa221651e36459338625742cc4ae7ecc7727f1ecb9c7ca4707f547bc4b23c9760c37a43845f95c4c9dbdde73a163da8659872946503c30fb8a1a42298dcecc69a2a69555bfbf0b4151a6b4ec4c0b71d9f374b091fd943b97f26228023b33d3b9e5073ad48da778779a7caf9a32ebbc18a5c5d0e26d0299e631de73b861bf6ccd00", 0x0}, 0xfffffffffffffe4d) 12:18:45 executing program 1: 12:18:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:45 executing program 4: [ 526.908048] EPT pointer = 0x000000006202e01e 12:18:45 executing program 4: [ 527.121405] *** Guest State *** [ 527.125030] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 527.134170] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 527.143191] CR3 = 0x0000000000000000 [ 527.146936] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 527.153028] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 527.159051] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 527.165966] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 527.174077] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.182205] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.190239] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.198339] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.206449] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.214548] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.222693] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 527.230750] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.238866] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 527.246944] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 527.253456] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 527.260937] Interruptibility = 00000000 ActivityState = 00000000 [ 527.267603] *** Host State *** 12:18:45 executing program 1: [ 527.270858] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fdeff380 [ 527.277138] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 527.283664] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 527.291496] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 527.297557] CR0=0000000080050033 CR3=00000000603f0000 CR4=00000000001426e0 [ 527.304699] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 527.311403] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 527.317597] *** Control State *** [ 527.321101] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 527.327978] EntryControls=0000d1ff ExitControls=002fefff [ 527.333536] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 527.340505] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 527.347319] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 527.354023] reason=80000021 qualification=0000000000000000 [ 527.360405] IDTVectoring: info=00000000 errcode=00000000 [ 527.365986] TSC Offset = 0xfffffee1b138ca1c [ 527.370356] TPR Threshold = 0x00 [ 527.373877] EPT pointer = 0x00000001fdacc01e [ 527.411545] *** Guest State *** 12:18:45 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 527.415063] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 527.424071] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 527.433101] CR3 = 0x0000000000000000 [ 527.436900] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 527.443081] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 527.449100] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 527.455939] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 527.464028] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.472155] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.480196] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.488324] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.496416] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.504554] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.512647] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 527.520662] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.528792] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 527.536886] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 527.543432] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 527.550918] Interruptibility = 00000000 ActivityState = 00000000 [ 527.557374] *** Host State *** [ 527.560653] RIP = 0xffffffff812b0dfc RSP = 0xffff8880639af380 [ 527.566752] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 527.573341] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 527.581175] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 527.587201] CR0=0000000080050033 CR3=00000001fbf51000 CR4=00000000001426e0 [ 527.594348] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 527.601063] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 527.607222] *** Control State *** [ 527.610716] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 527.617478] EntryControls=0000d1ff ExitControls=002fefff 12:18:45 executing program 4: 12:18:45 executing program 1: [ 527.623053] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 527.630020] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 527.636806] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 527.643485] reason=80000021 qualification=0000000000000000 [ 527.650348] IDTVectoring: info=00000000 errcode=00000000 [ 527.655923] TSC Offset = 0xfffffee184e6b80c [ 527.660272] TPR Threshold = 0x00 [ 527.663747] EPT pointer = 0x000000005b75f01e 12:18:45 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x40, 0x40) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000040)={0x5, 0x0, 0x9be3}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:18:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 527.850682] *** Guest State *** [ 527.854218] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 527.864092] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 527.873059] CR3 = 0x0000000000000000 [ 527.876804] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 527.882874] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 527.888877] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 527.895698] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 527.903816] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.911931] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.919964] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.928087] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.936190] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 527.944290] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.952385] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 527.960395] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 527.968466] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 527.976551] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 527.983076] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 527.990568] Interruptibility = 00000000 ActivityState = 00000000 [ 527.996876] *** Host State *** [ 528.000121] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fd28f380 [ 528.006224] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 528.012732] FSBase=00007f3a33a8a700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 528.020587] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 528.026573] CR0=0000000080050033 CR3=00000001fbf51000 CR4=00000000001426f0 [ 528.033687] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 528.040392] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 528.046524] *** Control State *** [ 528.050027] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 528.056809] EntryControls=0000d1ff ExitControls=002fefff [ 528.062363] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 528.069325] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.076072] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.082741] reason=80000021 qualification=0000000000000000 [ 528.089093] IDTVectoring: info=00000000 errcode=00000000 [ 528.094632] TSC Offset = 0xfffffee184e6b80c 12:18:45 executing program 1: 12:18:46 executing program 4: 12:18:46 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) recvmsg$kcm(r1, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x10080, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001040)={0xffffffffffffffff, r0, 0x0, 0xd, &(0x7f0000000140)='/dev/net/tun\x00'}, 0x30) perf_event_open(&(0x7f0000000fc0)={0x0, 0x70, 0x80000000, 0x100, 0x80, 0x0, 0x0, 0x3, 0x9800, 0x0, 0x2, 0x4, 0x5, 0x8000, 0x6, 0x7, 0x3, 0x1c2, 0x1ff, 0xf4c, 0x312aff51, 0x3, 0x72c, 0x1, 0x122, 0x55, 0x10001, 0x6, 0x0, 0x8, 0x0, 0xdd, 0xff, 0x0, 0x0, 0x2, 0x7ff, 0x81, 0x0, 0x0, 0x0, @perf_config_ext={0xd0, 0x9}, 0x28, 0x0, 0x5, 0x7, 0x0, 0x4de, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x8) write$cgroup_pid(r4, &(0x7f0000000100), 0xda4fff08) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000001280)={r1}) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000f80)=0x81) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x28, &(0x7f0000000040)}, 0x10) gettid() perf_event_open(&(0x7f0000000680)={0x0, 0x70, 0x0, 0x0, 0xc7c2, 0x1ff, 0x0, 0x0, 0x8084, 0xb400b2bc16037242, 0x0, 0x8, 0x0, 0x800, 0x9, 0x0, 0x400, 0x0, 0x8, 0x20, 0x9, 0xfff, 0x6, 0x9, 0xb240000000000000, 0x3, 0x0, 0x7, 0x0, 0xad36, 0x80, 0x0, 0x100, 0x1, 0x9, 0x57, 0x26, 0x20000, 0x0, 0xb56b, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x0, 0x5, 0x0, 0x20}, 0x0, 0x0, r3, 0x9) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000300)=ANY=[]) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x660c, 0x1701) perf_event_open(0x0, 0x0, 0x10, r5, 0x0) ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f00000002c0)) recvmsg(0xffffffffffffffff, 0x0, 0x10000) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair(0x0, 0x0, 0x4, &(0x7f0000000540)) [ 528.098996] TPR Threshold = 0x00 [ 528.102443] EPT pointer = 0x000000005b75f01e 12:18:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) lsetxattr$security_capability(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='security.capability\x00', &(0x7f00000003c0)=@v3={0x3000000, [{0x217, 0xfff}, {0x16, 0x400}], r3}, 0x18, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) getuid() getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x7000000000000000}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000100)={r5, 0x4}, 0x8) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000280)) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x800000000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x20600}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x224400, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 12:18:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0xb, 0x0, 0x0, 0x0) 12:18:46 executing program 3: unshare(0x24050400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)={r0, &(0x7f00000001c0)="a98c73cb04d96737ffb7ecdd19d51349b944a128f113d9ce953b7141b65b38841328fd64891f6138f29e5a6c986c139a5283599891eaca2ce3c687eef1c6b43e7c310498ba5014cf56425bd65c6ed21d50583690096fbe5da2083352b84ff7579c1df6f0d019d250b98e69603457b6b2cbbbd1729d0d09e17125fd40e55241d20bdf5483fe8d699ce1c35413fabcdaf16a2386553db553f0cdf7e9327260dc65bd5e025418", &(0x7f0000000280)=""/93}, 0x18) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10181) ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 528.445303] *** Guest State *** [ 528.448691] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 528.457772] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 528.466830] CR3 = 0x0000000000000000 [ 528.470593] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 528.476662] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 528.482742] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 528.489471] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 528.497556] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.505645] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.513718] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.521965] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.530011] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.538086] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 528.546161] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 528.554317] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 528.562393] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 528.570397] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 528.576931] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 528.584473] Interruptibility = 00000000 ActivityState = 00000000 [ 528.590730] *** Host State *** [ 528.594040] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fbdaf380 [ 528.600086] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 528.606706] FSBase=00007feb364da700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 528.614631] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 528.620580] CR0=0000000080050033 CR3=0000000060151000 CR4=00000000001426f0 [ 528.627740] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 528.634513] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 528.640628] *** Control State *** [ 528.644224] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 528.650930] EntryControls=0000d1ff ExitControls=002fefff [ 528.656521] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 528.663568] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.670272] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.676969] reason=80000021 qualification=0000000000000000 [ 528.683393] IDTVectoring: info=00000000 errcode=00000000 [ 528.688871] TSC Offset = 0xfffffee0f607cb65 [ 528.693331] TPR Threshold = 0x00 12:18:46 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) fsetxattr(r0, &(0x7f0000000000)=@random={'osx.', 'self\x00'}, &(0x7f0000000040)='&nodevwlan0&vmnet1vmnet1', 0x18, 0x0) socketpair(0x1, 0x806, 0xa51, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000000c0)) 12:18:46 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:46 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) sched_yield() accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffd92, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0xf769}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) [ 528.696731] EPT pointer = 0x00000001f6cbc01e [ 528.764864] *** Guest State *** [ 528.768226] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 528.777284] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 528.786338] CR3 = 0x0000000000000000 [ 528.790145] RSP = 0x0000800000000000 RIP = 0x0000000000000000 [ 528.796228] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 528.802306] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 528.809020] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 528.817104] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.825209] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.833306] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.841333] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.849406] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 528.857480] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 528.865568] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 528.873643] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 528.881664] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 528.889729] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 528.896315] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 528.903855] Interruptibility = 00000000 ActivityState = 00000000 [ 528.910114] *** Host State *** [ 528.913406] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fddff380 [ 528.919436] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 528.925950] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 528.933842] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 528.939772] CR0=0000000080050033 CR3=000000005f23b000 CR4=00000000001426f0 [ 528.946981] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 528.953770] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 528.959855] *** Control State *** [ 528.963397] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 528.970097] EntryControls=0000d1ff ExitControls=002fefff [ 528.975650] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 528.982680] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.989388] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 528.996051] reason=80000021 qualification=0000000000000000 [ 529.002452] IDTVectoring: info=00000000 errcode=00000000 [ 529.007936] TSC Offset = 0xfffffee0f575a0f1 [ 529.012343] EPT pointer = 0x00000001f745c01e 12:18:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe3000/0x18000)=nil, 0x0, 0x3f, 0x0, 0x0, 0xb3) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r4 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') sendmsg$FOU_CMD_GET(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4c4baecd7e8fefe4}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r4, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@FOU_ATTR_TYPE={0x8}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x87}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040}, 0x4010) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:47 executing program 3: unshare(0x28020400) r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x5, 0x80) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f0000000080)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x3, 0x2) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r1, &(0x7f0000000100), 0x0}, 0x18) 12:18:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:47 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='\xb7emory.events\x00', 0x26e1, 0x0) [ 529.579832] *** Guest State *** [ 529.583451] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 529.592465] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 529.601332] CR3 = 0x0000000000000000 [ 529.605139] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 529.611232] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 529.617322] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 529.625014] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 529.633094] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 529.641126] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 529.649368] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 529.657448] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 529.665519] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 529.673592] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 529.682367] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 529.690386] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 529.698465] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 529.706567] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 529.713065] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 529.720557] Interruptibility = 00000000 ActivityState = 00000000 [ 529.726885] *** Host State *** [ 529.730109] RIP = 0xffffffff812b0dfc RSP = 0xffff8880615ff380 [ 529.736176] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 529.742717] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 529.750560] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 529.756543] CR0=0000000080050033 CR3=00000001f6493000 CR4=00000000001426f0 [ 529.763661] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 529.770404] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 529.776540] *** Control State *** [ 529.780041] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 529.786804] EntryControls=0000d1ff ExitControls=002fefff [ 529.792385] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 529.799389] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 529.806154] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 529.812838] reason=80000021 qualification=0000000000000000 [ 529.819237] IDTVectoring: info=00000000 errcode=00000000 [ 529.824801] TSC Offset = 0xfffffee05d55e6d6 12:18:47 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000000)='cpuset.mems\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x7ffff000) [ 529.829195] EPT pointer = 0x00000001fb0b401e 12:18:47 executing program 2: sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) 12:18:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:48 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0xffffffffffffffff, 0x5, 0x7, 0x9, 0xb}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = dup2(r0, r0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000040)={0x20, 0x2, 0xad, 0x1, [], [], [], 0x4, 0x6, 0x7, 0x8, "b0f3590b9e62973916c27a4deef32a58"}) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) getsockopt$inet_buf(r1, 0x0, 0x39, &(0x7f0000000180)=""/146, &(0x7f0000000240)=0x92) ptrace$setopts(0x4200, r2, 0x80007fffffff, 0x20) 12:18:48 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) sched_yield() accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffd92, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0xf769}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) 12:18:48 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) sched_yield() accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffd92, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0xf769}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) [ 530.282701] *** Guest State *** [ 530.286200] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 530.295218] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 [ 530.304159] CR3 = 0x0000000000002000 [ 530.307973] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 530.314580] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 530.321105] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 530.327208] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 530.333445] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 530.340155] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 530.348275] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 530.356437] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 530.364514] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 530.372613] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 530.380625] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 530.388718] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 530.396807] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 530.404871] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 530.413022] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 530.421051] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 530.427599] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 530.435213] Interruptibility = 00000000 ActivityState = 00000000 [ 530.441468] *** Host State *** [ 530.444765] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f749f380 [ 530.450791] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 530.457322] FSBase=00007f3a33a8b700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 530.465282] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 530.471226] CR0=0000000080050033 CR3=00000001f6493000 CR4=00000000001426e0 12:18:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:48 executing program 2: sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) [ 530.478405] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 530.485303] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 530.491392] *** Control State *** [ 530.494969] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 530.501683] EntryControls=0000d1ff ExitControls=002fefff [ 530.507370] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 530.514510] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 530.521333] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 530.528051] reason=80000021 qualification=0000000000000000 [ 530.534489] IDTVectoring: info=00000000 errcode=00000000 [ 530.539962] TSC Offset = 0xfffffee05d55e6d6 [ 530.544430] EPT pointer = 0x00000001fb0b401e [ 530.646287] *** Guest State *** [ 530.649700] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 530.658754] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 530.667716] CR3 = 0x0000000000000000 [ 530.671480] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 530.677675] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 530.683830] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 530.690644] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 530.698775] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.707073] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.715234] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.723371] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.731401] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.739502] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 530.749413] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 530.757529] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 530.765603] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 530.773702] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 530.780151] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 530.787739] Interruptibility = 00000000 ActivityState = 00000000 [ 530.794063] *** Host State *** [ 530.797309] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fb61f380 [ 530.803403] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 530.809898] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 530.817805] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 530.823839] CR0=0000000080050033 CR3=00000001fdafb000 CR4=00000000001426e0 [ 530.830899] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 530.837697] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 530.843850] *** Control State *** [ 530.847359] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 530.854126] EntryControls=0000d1ff ExitControls=002fefff [ 530.859631] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 530.866658] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 530.873426] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 530.880042] reason=80000021 qualification=0000000000000000 [ 530.886495] IDTVectoring: info=00000000 errcode=00000000 [ 530.892041] TSC Offset = 0xfffffedfc4a67d5d [ 530.896402] EPT pointer = 0x00000001f69cd01e 12:18:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:49 executing program 2: sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) 12:18:49 executing program 3: unshare(0x28020400) pipe(&(0x7f0000000000)={0xffffffffffffffff}) syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x7, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x9, 0x9, 0x9, 0x0, 0xffffffffffffffff, 0xfffffffffffffff8}, 0x2c) ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000080)={0x0, 0xffff, 0x200, &(0x7f0000000040)=0xd2d}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f00000000c0), 0x0}, 0xfffffffffffffcdb) 12:18:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:49 executing program 2: r0 = socket(0x0, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:49 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) sched_yield() accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffd92, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0xf769}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) 12:18:49 executing program 4: unshare(0x28020400) r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x5, 0x80) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f0000000080)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x3, 0x2) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r1, &(0x7f0000000100), 0x0}, 0x18) [ 531.419859] *** Guest State *** [ 531.423430] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 531.432398] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 531.441262] CR3 = 0x0000000000000000 [ 531.445075] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 531.451126] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 531.457220] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 531.464016] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 531.472159] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.480193] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.488296] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.496383] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.504467] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.512545] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 531.520566] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 531.528662] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 531.536762] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 531.544833] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 531.551276] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 531.558915] Interruptibility = 00000000 ActivityState = 00000000 [ 531.565274] *** Host State *** [ 531.568524] RIP = 0xffffffff812b0dfc RSP = 0xffff8880615ff380 [ 531.574673] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 531.581179] FSBase=00007f3a33a8b700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 531.589133] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 531.595180] CR0=0000000080050033 CR3=0000000060996000 CR4=00000000001426e0 [ 531.602322] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 531.609023] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 531.615192] *** Control State *** [ 531.618795] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 531.625562] EntryControls=0000d1ff ExitControls=002fefff [ 531.631059] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 531.638164] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 531.644947] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 531.652148] reason=80000021 qualification=0000000000000000 [ 531.658511] IDTVectoring: info=00000000 errcode=00000000 [ 531.664069] TSC Offset = 0xfffffedf62fe326f 12:18:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 531.668423] EPT pointer = 0x00000001f6a6901e 12:18:49 executing program 3: unshare(0x28020400) prctl$PR_SET_SECUREBITS(0x1c, 0xd) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 531.792408] *** Guest State *** [ 531.795853] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 531.804972] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 531.813942] CR3 = 0x0000000000000000 [ 531.817686] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 531.823758] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 531.829774] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 531.836628] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 531.844776] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.852894] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.860931] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.869027] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.877382] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.885502] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 531.893608] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 531.901619] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 531.909757] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 531.917849] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 531.924401] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 531.931972] Interruptibility = 00000000 ActivityState = 00000000 [ 531.938231] *** Host State *** [ 531.941460] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f6dbf380 [ 531.947748] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 531.954323] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 531.962358] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 531.968290] CR0=0000000080050033 CR3=000000020e0eb000 CR4=00000000001426e0 [ 531.975483] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 531.982312] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 531.988396] *** Control State *** [ 531.991968] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 531.998654] EntryControls=0000d1ff ExitControls=002fefff [ 532.004225] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 532.011194] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.018088] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.024832] reason=80000021 qualification=0000000000000000 [ 532.031214] IDTVectoring: info=00000000 errcode=00000000 [ 532.036848] TSC Offset = 0xfffffedf277bce2e 12:18:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f00000001c0)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000140)={0x10201, 0x0, &(0x7f0000fea000/0x3000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:50 executing program 2: r0 = socket(0x0, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 532.041236] TPR Threshold = 0x00 [ 532.044742] EPT pointer = 0x00000001f6cc001e 12:18:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) lsetxattr$security_capability(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='security.capability\x00', &(0x7f00000003c0)=@v3={0x3000000, [{0x217, 0xfff}, {0x16, 0x400}], r3}, 0x18, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) getuid() getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x7000000000000000}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000100)={r5, 0x4}, 0x8) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000280)) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x800000000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x20600}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x224400, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 12:18:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 532.358006] *** Guest State *** [ 532.361524] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 532.370642] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 532.379582] CR3 = 0x0000000000000000 [ 532.383392] RSP = 0x0000800000000000 RIP = 0x0000000000000000 [ 532.389413] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 532.395552] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 532.402324] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 532.410344] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.418418] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.426527] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.434618] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.442718] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.450728] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 532.458797] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 532.466858] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 532.474946] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 532.483047] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 532.489500] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 532.497080] Interruptibility = 00000000 ActivityState = 00000000 [ 532.503377] *** Host State *** [ 532.506595] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fddff380 [ 532.512671] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 532.519247] FSBase=00007fc86b167700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 532.527136] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 532.533164] CR0=0000000080050033 CR3=0000000061f57000 CR4=00000000001426f0 [ 532.540252] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 532.547041] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 532.553179] *** Control State *** 12:18:50 executing program 2: r0 = socket(0x0, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:50 executing program 3: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f00000000c0)=0x80000001, 0x4) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_targets\x00') getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000ec0)={@broadcast, @rand_addr, 0x0}, &(0x7f0000000f00)=0xc) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000f40)={@empty, r2}, 0x14) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x100, 0x0) ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f0000000340)) unshare(0x28020400) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r4, &(0x7f0000000100), 0x0}, 0x18) [ 532.556680] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 532.563461] EntryControls=0000d1ff ExitControls=002fefff [ 532.568972] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 532.576002] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.582770] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.589387] reason=80000021 qualification=0000000000000000 [ 532.595830] IDTVectoring: info=00000000 errcode=00000000 [ 532.601315] TSC Offset = 0xfffffededf0de12d [ 532.605759] TPR Threshold = 0x00 [ 532.609166] EPT pointer = 0x00000001fd6c701e [ 532.636640] *** Guest State *** [ 532.640059] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 532.649085] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 532.658081] CR3 = 0x0000000000000000 [ 532.661991] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 532.668030] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 532.674265] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 532.681021] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 532.689220] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.697356] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.705500] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.713612] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.721637] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 532.729753] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 532.737868] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 532.745968] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 532.754043] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 532.762200] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 532.768651] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 532.776215] Interruptibility = 00000000 ActivityState = 00000000 [ 532.782530] *** Host State *** [ 532.785769] RIP = 0xffffffff812b0dfc RSP = 0xffff88820bb4f380 [ 532.791944] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 532.798409] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 532.806357] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 532.812389] CR0=0000000080050033 CR3=00000001fff83000 CR4=00000000001426f0 [ 532.819445] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 532.826256] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 532.832396] *** Control State *** 12:18:50 executing program 1: unshare(0x28020400) r0 = dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000140)={0x100, 0xffffffff, 0xbfe}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x440400, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x100, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @reserved}) r3 = semget(0x1, 0x2, 0x14) semctl$GETPID(r3, 0x1, 0xb, &(0x7f0000000340)=""/4096) write$P9_ROPEN(r2, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x88, 0x4, 0x5}, 0x40}}, 0x18) [ 532.835884] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 532.842674] EntryControls=0000d1ff ExitControls=002fefff [ 532.848166] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 532.855239] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.862000] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 532.868615] reason=80000021 qualification=0000000000000000 [ 532.875057] IDTVectoring: info=00000000 errcode=00000000 [ 532.880536] TSC Offset = 0xfffffedebdccdd3d [ 532.885017] TPR Threshold = 0x00 [ 532.888416] EPT pointer = 0x00000001f6c5401e 12:18:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:51 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5387, &(0x7f0000000040)) 12:18:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x80, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:18:51 executing program 2: r0 = socket(0xa, 0x0, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:51 executing program 1: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0x1, 0x28, &(0x7f0000000200)={0x0, 0x0}}, 0x10) r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={r0, 0x0, 0x8}, 0xfffffffffffffec5) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x101, 0x0, r1}, 0x2c) fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000140)) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0xffffffffffffffed, 0x0, r2}, 0x2c) fsetxattr$security_selinux(r2, &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000100)='system_u:object_r:unconfined_exec_t:s0\x00', 0x27, 0x2) 12:18:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 533.363815] *** Guest State *** [ 533.367241] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 533.376369] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 533.385303] CR3 = 0x0000000000000000 [ 533.389049] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 533.395198] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 533.401284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 533.408167] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 533.416280] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.424395] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.432499] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.440528] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.448660] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.456755] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 533.460242] *** Guest State *** [ 533.464893] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 533.464921] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 533.464958] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 533.464981] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 533.465004] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 533.465025] Interruptibility = 00000000 ActivityState = 00000000 [ 533.465047] *** Host State *** [ 533.468370] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 533.476408] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f74af380 [ 533.484446] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 533.492493] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 533.498922] CR3 = 0x0000000000000000 [ 533.506399] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 533.506423] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 533.506456] CR0=0000000080050033 CR3=00000001f7a4e000 CR4=00000000001426f0 [ 533.513006] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 533.516123] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 533.525020] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 533.530998] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 533.539893] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 533.539920] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 533.539969] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.540001] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.540054] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.540087] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.540119] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.540151] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 533.546657] *** Control State *** [ 533.550391] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 533.558233] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 533.558261] EntryControls=0000d1ff ExitControls=002fefff [ 533.564228] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 533.571249] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 533.577297] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 533.584020] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 12:18:51 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x6, 0x80200) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000040)="073f0000070000000bca7ace12", 0x0}, 0x3f) [ 533.584041] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 533.584059] reason=80000021 qualification=0000000000000000 [ 533.584075] IDTVectoring: info=00000000 errcode=00000000 [ 533.584101] TSC Offset = 0xfffffede53defed7 [ 533.590100] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 533.596219] EPT pointer = 0x000000020b78e01e [ 533.747388] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 533.755060] Interruptibility = 00000000 ActivityState = 00000000 [ 533.761314] *** Host State *** [ 533.764605] RIP = 0xffffffff812b0dfc RSP = 0xffff88820b2ff380 [ 533.770653] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 533.777237] FSBase=00007fc86b189700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 533.785157] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 533.791102] CR0=0000000080050033 CR3=000000006d456000 CR4=00000000001426e0 [ 533.798267] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 533.805057] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 533.811140] *** Control State *** 12:18:51 executing program 2: r0 = socket(0xa, 0x0, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 533.814766] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 533.821470] EntryControls=0000d1ff ExitControls=002fefff [ 533.827070] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 533.834101] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 533.840812] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 533.847542] reason=80000021 qualification=0000000000000000 [ 533.854030] IDTVectoring: info=00000000 errcode=00000000 [ 533.859528] TSC Offset = 0xfffffede4e2a7485 [ 533.863993] TPR Threshold = 0x00 [ 533.867401] EPT pointer = 0x00000001f684d01e [ 533.929913] *** Guest State *** [ 533.933399] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 533.942376] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 533.951241] CR3 = 0x0000000000000000 [ 533.955096] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 533.961106] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 533.967263] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 533.974037] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 533.982191] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.990239] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 533.998380] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.006485] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.014603] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.022677] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.030690] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 534.038848] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.046942] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 534.055057] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 534.061509] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 534.069124] Interruptibility = 00000000 ActivityState = 00000000 [ 534.075465] *** Host State *** [ 534.078707] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f6d6f380 [ 534.084846] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 534.091304] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 534.099248] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 534.105265] CR0=0000000080050033 CR3=00000001fdca1000 CR4=00000000001426e0 [ 534.112482] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 534.119210] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 534.125412] *** Control State *** 12:18:52 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair(0x9, 0x80000, 0x1f, &(0x7f0000000140)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 534.128906] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 534.135732] EntryControls=0000d1ff ExitControls=002fefff [ 534.141244] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 534.148305] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 534.155078] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 534.161699] reason=80000021 qualification=0000000000000000 [ 534.168122] IDTVectoring: info=00000000 errcode=00000000 [ 534.173729] TSC Offset = 0xfffffede110f8a6f 12:18:52 executing program 1 (fault-call:4 fault-nth:0): unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) [ 534.178107] TPR Threshold = 0x00 [ 534.181516] EPT pointer = 0x00000001f6d3201e 12:18:52 executing program 2: r0 = socket(0xa, 0x0, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:18:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x4801, 0x0) ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000180)={0x8000, 0x7ff}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r1, 0x7706, &(0x7f00000001c0)) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000280)={[{0x8, 0x4, 0x8, 0x100, 0x1fe9, 0x9, 0xfaf7, 0x8000, 0x550000, 0x0, 0x4cb2, 0x8, 0x20}, {0x40, 0x5, 0xffffffffffffff80, 0x5, 0x0, 0x3ff, 0x2, 0x5de, 0x0, 0x1ff, 0x46, 0x3, 0x1}, {0x7fff, 0xffffffff00000000, 0xffffffffffffffff, 0x7, 0x80000000, 0x1, 0x8, 0x6, 0x7, 0x1, 0x8, 0x10001, 0x7}], 0x7ff}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000005c0)=@filter={'filter\x00', 0xe, 0x4, 0x3c8, 0x240, 0xf0, 0xf0, 0xf0, 0xf0, 0x330, 0x330, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000240), {[{{@ip={@dev={0xac, 0x14, 0x14, 0x19}, @loopback, 0xff0000ff, 0xffffffff, 'lo\x00', 'irlan0\x00', {0xff}, {0xff}, 0x16, 0x1, 0x40}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x3, 0xad5}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}, {{@ip={@remote, @multicast2, 0x0, 0x0, 'lo\x00', 'yam0\x00', {}, {0xff}, 0xff, 0x1, 0x39}, 0x0, 0xf0, 0x150, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x8, 0x1000}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x10, 0x1, 0x5c0, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @local, 0x4, 0x6, [0x1e, 0x16, 0x12, 0x0, 0x2f, 0x2e, 0xe, 0x1f, 0x3c, 0x20, 0x2d, 0x3e, 0x3b, 0x0, 0xd, 0x23], 0x1, 0xdf89b93, 0x800}}}, {{@ip={@rand_addr, @empty, 0x0, 0xffffff00, 'sit0\x00', 'syz_tun\x00', {0xff}, {}, 0x2e, 0x2, 0x40}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x800, 0x60}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x428) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x26, 0x0, 0x7, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5], 0x3000, 0x205ff}) ioctl$KVM_GET_TSC_KHZ(r4, 0xaea3) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:18:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:52 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000180)={r0, &(0x7f00000001c0)="281d54297bd8db7064709e3de75a8218329b267f182b705353e046f8f72915a9c07d1d6c38f67c44051144e4851c7c3bda2319ccbeebad68931f067183de05be2c33ddbb42209feb504668b7552f44fe022d90ac06e01f7e00841832b6bf6d7c0bf6a9cfad882c1177bf6788a87027c8f276ba38ae5c64c0dd", &(0x7f00000000c0)=""/88}, 0xfffffffffffffe9e) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e20, 0x4, @loopback, 0x6}}, 0x1, 0x2}, &(0x7f0000000040)=0x90) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)={r1, 0x4}, &(0x7f0000000140)=0x8) unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) close(r0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000340)="be5469685242a90f095d3ea2184331bd6b00cf52fcf39308bb02ce836474d177cbae12c2b2742a6a91801c46dd70d61b1355d4", 0x0}, 0x18) 12:18:52 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x0) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 534.633717] *** Guest State *** [ 534.637306] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 534.646293] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 534.655232] CR3 = 0x0000000000000000 [ 534.658975] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 534.665106] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 534.671124] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 534.677986] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 534.686104] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.694210] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.697960] *** Guest State *** [ 534.702290] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.702328] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.702365] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.702392] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.702440] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 534.705748] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 534.713765] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.713800] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 534.713833] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 534.721821] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 534.729837] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 534.737825] CR3 = 0x0000000000000000 [ 534.745840] Interruptibility = 00000000 ActivityState = 00000000 [ 534.745850] *** Host State *** [ 534.745875] RIP = 0xffffffff812b0dfc RSP = 0xffff8882059af380 [ 534.745943] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 534.746008] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 534.754891] RSP = 0x0000000000000000 RIP = 0x0000000000003000 [ 534.754911] RFLAGS=0x000205ff DR7 = 0x0000000000000400 [ 534.754937] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 534.754964] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 534.755001] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.763026] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 534.763053] CR0=0000000080050033 CR3=00000001f69c8000 CR4=00000000001426f0 [ 534.763098] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 534.771076] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.777565] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 534.786466] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.794029] *** Control State *** [ 534.797769] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.804041] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 534.804074] EntryControls=0000d1ff ExitControls=002fefff [ 534.807279] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 534.813333] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 534.819742] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.827605] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 534.827636] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 534.833682] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 534.839645] reason=80000021 qualification=0000000000000000 [ 534.846408] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 534.854426] IDTVectoring: info=00000000 errcode=00000000 [ 534.854453] TSC Offset = 0xfffffedda0e34e42 [ 534.862498] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 534.868374] TPR Threshold = 0x00 [ 534.875453] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 534.882180] EPT pointer = 0x00000001f6a2601e [ 535.020970] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 535.028609] Interruptibility = 00000000 ActivityState = 00000000 [ 535.034936] *** Host State *** [ 535.038163] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fda9f380 [ 535.044342] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 535.050793] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 535.058726] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 535.064724] CR0=0000000080050033 CR3=00000001f75d5000 CR4=00000000001426e0 [ 535.071779] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 535.078626] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 535.084770] *** Control State *** [ 535.088261] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 535.095066] EntryControls=0000d1ff ExitControls=002fefff [ 535.100558] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 535.107615] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.114388] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.121003] reason=80000021 qualification=0000000000000000 [ 535.127460] IDTVectoring: info=00000000 errcode=00000000 12:18:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:53 executing program 4: r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000340)=0x14) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000003c0)={0x7, &(0x7f0000000380)=[{0x46, 0x5, 0xa08, 0x40}, {0x0, 0x4, 0x8, 0x8}, {0xd5, 0x200, 0x40, 0x2}, {0x8001, 0x4, 0x0, 0x7ff}, {0x9d79, 0x74c, 0x6, 0x3}, {0x0, 0x58, 0x1, 0x200}, {0x4, 0x0, 0x8, 0x9}]}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x10000) mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x100000012, r2, 0x0) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000000)='wlan1vboxnet0\x00') r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000280)={r5, 0x3, 0x6, @local}, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000440)={&(0x7f0000000200), 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="05000000277c0474f716a8c82175048fe552132556d79ba7b44a6670e851f6683203bb", @ANYRES16=r6, @ANYBLOB="00032dbd7000fbdbdf2501000000080006000c000000080004000300000008000500770000005800030008000500e000000208000500ffffffff0800030001000000080008001f00000008000500e000000108000500ac1414bb56a40800000000001400020076657468305f746f5f7465616d00000008000400990b0000480002000800070004000000080002004e220000080002004e22000008000b00020000001400010000000004000000000000010000000000080009005f010000080002004e23000008000500030000000800050000000000"], 0xdc}, 0x1, 0x0, 0x0, 0x20000010}, 0x30b440ecf40c6bc6) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20100000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00002bbd7000ffdbdf250100000000000000024100003200000000"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r8 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x80000, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(r8, 0xc02c564a, &(0x7f0000000000)={0x7, 0x36314d59, 0x3, @discrete={0x3, 0x4}}) [ 535.133004] TSC Offset = 0xfffffedda2f2e9bc [ 535.137365] TPR Threshold = 0x00 [ 535.140760] EPT pointer = 0x00000001fe78801e [ 535.316147] *** Guest State *** [ 535.319577] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 535.328605] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 535.337609] CR3 = 0x0000000000000000 [ 535.341368] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 535.347473] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 535.353559] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 535.360328] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 535.368477] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.372929] device team_slave_0 entered promiscuous mode [ 535.376571] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.376608] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.376645] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.376700] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.382308] device team_slave_1 entered promiscuous mode [ 535.390296] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 535.427943] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 535.436060] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 535.444158] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 535.452288] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 535.455175] *** Guest State *** [ 535.458730] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 535.458750] Interruptibility = 00000000 ActivityState = 00000000 [ 535.458760] *** Host State *** [ 535.458785] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f689f380 [ 535.458826] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 535.458855] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 535.458894] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 535.458921] CR0=0000000080050033 CR3=00000001f6443000 CR4=00000000001426e0 [ 535.458950] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 535.459003] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 535.459025] *** Control State *** [ 535.464737] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 535.469878] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 535.476177] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 535.479374] EntryControls=0000d1ff ExitControls=002fefff [ 535.485402] CR3 = 0x0000000000000000 [ 535.485429] RSP = 0x0000000000000000 RIP = 0x0000000000003000 [ 535.491918] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 535.499715] RFLAGS=0x000205ff DR7 = 0x0000000000000400 [ 535.505655] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.512738] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 535.519407] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.525509] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 535.525544] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.529042] reason=80000021 qualification=0000000000000000 [ 535.537945] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.544654] IDTVectoring: info=00000000 errcode=00000000 [ 535.553563] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.559000] TSC Offset = 0xfffffedd459f1847 [ 535.562788] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.568748] TPR Threshold = 0x00 12:18:53 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x0) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 535.575772] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.581746] EPT pointer = 0x00000001f7b3501e [ 535.588539] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 535.682205] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 535.690224] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 535.698355] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 535.706413] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 535.712949] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 535.720432] Interruptibility = 00000000 ActivityState = 00000000 [ 535.726774] *** Host State *** [ 535.730004] RIP = 0xffffffff812b0dfc RSP = 0xffff8881fda9f380 [ 535.736115] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 535.742628] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 535.750459] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 535.751614] device team_slave_0 left promiscuous mode [ 535.756484] CR0=0000000080050033 CR3=00000001f75d5000 CR4=00000000001426f0 [ 535.756515] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 535.756557] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 535.761755] device team_slave_1 left promiscuous mode [ 535.768801] *** Control State *** [ 535.768835] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 535.797089] EntryControls=0000d1ff ExitControls=002fefff [ 535.802685] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 535.809657] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.816448] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 535.823115] reason=80000021 qualification=0000000000000000 [ 535.829489] IDTVectoring: info=00000000 errcode=00000000 [ 535.835046] TSC Offset = 0xfffffedd32c81850 [ 535.839394] TPR Threshold = 0x00 [ 535.842856] EPT pointer = 0x00000001f7a4701e [ 535.862647] protocol 88fb is buggy, dev hsr_slave_0 [ 535.868320] protocol 88fb is buggy, dev hsr_slave_1 12:18:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:18:54 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x204000000) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x40, 0x0) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x7, 0x4) 12:18:54 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x0) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 536.269314] *** Guest State *** [ 536.273081] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 536.282105] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 536.290983] CR3 = 0x0000000000000000 [ 536.294807] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 536.300851] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 536.306937] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 536.313727] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 536.321828] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.329937] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.338030] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.346133] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.354234] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.362311] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 536.370340] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 536.378421] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 536.386523] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 536.394643] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 536.401095] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 536.408640] Interruptibility = 00000000 ActivityState = 00000000 [ 536.415002] *** Host State *** [ 536.418246] RIP = 0xffffffff812b0dfc RSP = 0xffff88820bb4f380 [ 536.424372] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 536.430825] FSBase=00007feb364db700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 536.438775] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 536.444778] CR0=0000000080050033 CR3=000000006265a000 CR4=00000000001426e0 [ 536.451927] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 536.458660] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 536.464856] *** Control State *** [ 536.468347] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 536.475143] EntryControls=0000d1ff ExitControls=002fefff [ 536.480650] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 536.487713] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 536.494483] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 536.501100] reason=80000021 qualification=0000000000000000 [ 536.507575] IDTVectoring: info=00000000 errcode=00000000 [ 536.513140] TSC Offset = 0xfffffedcc5cb192b [ 536.517715] EPT pointer = 0x00000001f749701e 12:19:03 executing program 1: unshare(0x28020400) r0 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x10002000, 0x40040) ioctl$CAPI_SET_FLAGS(r0, 0x80044324, &(0x7f00000002c0)=0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x3) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x0, 0xa40) write$tun(r3, &(0x7f00000001c0)={@val={0x0, 0x888e}, @void, @x25={0x2, 0x74802b8f, 0xf, "8da4b12910ff8082d903313fd48dbe2186e4bb0f0b199aa4c40f98ce74b77148a638ccd1854cdc0d711f3ed58307d3d4481280ed4e9597bceac51d7cd8dd7bbe85c987d693fe372549ae60d6da867dc0384aa2e718e0f5ddee8f22c3abe7c9a8d3173a3af45342d9a7fe19facbf62a562a956e01bc89f0d0b51177c9e3dc791c5de1c7679c998c2d3c0d18906634b0f6cfc30ad771642afb91c5310fcd4ad0009834d6155345d72b70b66f5d2408004619de"}}, 0xb9) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r1}, 0x2c) 12:19:03 executing program 3: unshare(0x28020420) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x422000, 0x12) clock_gettime(0x0, &(0x7f0000001c00)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r2, 0x402c5342, &(0x7f0000001c40)={0x2, 0x8001, 0x0, {r3, r4+10000000}, 0x198f, 0x2}) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000380)={0x0, 0x599b, 0x3, 0x100}, &(0x7f00000003c0)=0x10) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000001a00)={0x0, 0x5, 0xc526, 0x7, 0xff, 0x1ff}, &(0x7f0000001a40)=0x14) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000001a80)=@sack_info={0x0, 0x2, 0x9}, &(0x7f0000001ac0)=0xc) sendmmsg$inet_sctp(r5, &(0x7f0000001b80)=[{&(0x7f00000001c0)=@in6={0xa, 0x4e24, 0x3ff, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x1}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000200)="37bd639fcadfc4dc6167049b8fd2e4b09d74792188e02a2ab6f40942dde31a1ca3d360d8dd582b479b7136bf4e3ec3643740dbaaa6dddf3bfd22b026d103c6d0e645137896e4baca98e466e8367a2322c834c5df3e0b06bd1f125cbb27e4a430da3ebb70a027e6015c68bc5a321a07be0dd7cef43f2a794cab2aff6fcefafc095d6b9b711909ffd5cdb7e18807d7cdb1842b29d0ed1f0afb155c473ecec1cac88b68860ed522ee766370d25982796951aa17fe2b4bde274cd0f0126d3c73de6a19eca01f8c940390be59c6b502e10a4ae879ab2b7c62458060a9ab34fd85b7ad", 0xe0}], 0x1, &(0x7f0000000400)=[@sndinfo={0x20, 0x84, 0x2, {0xd01f, 0x200, 0x100000001, 0xff, r6}}, @init={0x18, 0x84, 0x0, {0xfffffffffffffeff, 0x5, 0x100, 0x6}}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x522db042}, @dstaddrv6={0x20, 0x84, 0x8, @loopback}, @authinfo={0x18, 0x84, 0x6, {0x6}}], 0x88, 0x8001}, {&(0x7f00000004c0)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10, &(0x7f0000001940)=[{&(0x7f0000000500)="dfba2f6dde095cc26e83758552b822b7f04867e4cc64ecf3dd6da0501aa19d693aac4eee934fc681f839fdcf", 0x2c}, {&(0x7f0000000540)="e9ad3a23b85926eb1234f34361816ee5f5ab737e63679e244bc0e5086ba4acb7cc4a06e3e2633f2556760d720cace68290bfb09f177e03d51fb19e49fc9908e6fdfd6a1fa4d42e62f55877df49da3dae4702b9733fb0d3e3fb2c641cb098eec9083d72b7129799d083ba22a229b4a42fd14cafab8dbace3617ca5cf404ffd508a7d7e0f25aae15bb796c39ea4c28c21f987eca462264c870d6150b58d9b6dcf8d47dde2b3000f06087df2b4cba36aefab1efbe2348b0c59fda5b7bdffee592e9d096d8cde3aa75e593d7edc027c232", 0xcf}, {&(0x7f0000000640)}, {&(0x7f0000000680)="c559bb5d94bed392ad89d2b0570970247621e640dc8b2648e62a957ae238e4d81a8cb32bb641a4e02bc4477a4976a9709fb921c948c82043e39df9", 0x3b}, {&(0x7f00000006c0)="d2081f425c653557bc782661acf0fb699391c022c608f0f0c04727154cdfb24b634b9ebe713f5d341a49dba025ac090c5bc917eed1cf1bbbfbb5970b22f0fdd337d7865d3539c20afb0a73ab2ace51feced087eea1a4c5f5f08537a6c3ecf6b4d628e5f01b4aec0cccba28e0ef0df999809ca0280ba9f6", 0x77}, {&(0x7f0000000740)="a51f619cab689e4c2064179d84b62163f8543f81ddfe2aefce98c6f58ec2f3a483b0aee62a290ebf684ae403c0c30e1e34fd0303e743e726705ac320ca19dd40a625008a8155413410fadf2ffca100afa4934e90c86ea8242bf706c2efe0f71a774f734d073b6cd575e424a03efc003e6694a3e7de24de97494c9184ff3e2cc82a792d63e7e1f0340c4ee02e51b228b333f7da196679389034a9f26a9b538b24c2f78e8baa2bd6729a1de5348b657612ff49cc3d2819302faf8bb14facfd8435ea780a5f5958faef19dd70ca09188a1f1866f5cf2a218b91fd716f692c066b7d", 0xe0}, {&(0x7f0000000840)="d642d061356fab3a628ace619431ee730ef3d99639670a4791575e1978a0aa70aebd98b1fe9f7547bc4840310fe88b1c5f07cb0c727a825970146300fca0a69c413b513edac2b194f35aab738b924db8ec59e23ca55838cd9f2663edc3c363cf50b393d0a2f4a6718d7cbe1ddc15aecdd76a74aff049cc734b68e6ed2971c32bcd5a0f910ced9bcd1bcd48baadf77023f02b326b6dc5d66b04cc8bb637ed6045", 0xa0}, {&(0x7f0000000900)="6d8f5ce827ec00df3c115b1349c43cb5c59baaf1e1b71c12daeae6eeeadb167bb5feeaef0687286fe539ae94a8e5951b4f4d93805dc2bfb1ae5d3d95c4af760cf24bbb63b6679051deaffa31f254d603c89aa93ba7b8932a5b6dbd121a9947fd29aad35ad7a5c0e97f92de25499c3fd561225735b32b524a1688a97ece2559562534f7d949a5c571a8f419c6577aba1962c8ed7144637843f5c81b0a7c1a323fa292cfafbc1c7a106e74a7cb75ee400921c5c964565ae94a30aa325639aea02f0a21967482baabf21d15a3b270c8e9332f70ca005068c3f19ec2fb774b783f09c0d0546069f8028a49e57db04509cc85fe5fa5b3915cdec1ec3d5da6564e1a39f2d4b7aada2cc8daaaea34f0642dd68d28dde91f09f105dd1fe2365b9ecb197ee9d6958921dd581cc17e7e357fb349be9fe0f5f0b1f667208a5d8822e2af2002f0c431b8219cbec0f014f2e07da3d454a33b984de8b6a5bd1909292794da35c638d5e98969f96bbbde8f64972c80127f8d5e54c5c473f84c0e42896cb0f3c71547fc3f3d693f91c95c15d276bcf63f8a86d5bfa928f6a349a7926c2426b1d2b5087ca65d3b4e7b02630e2f10daa63cbdd09f043f19e923e58ee6cc48a1b7bfa13f907003c6e0294adf6199a5642c883769712bdd06da19c46bbdc013612e619a32cee612bd98a9f401874e18d653444c7c3b52aed17e5c0286ea8c1af2815a0a60c1113aa7ec07514d7f8b1692b03056df4b0d8549008fb59e6d4d044017c0a6301c845bad85b023ba359103330940c86e33a209d589c345453242a902dac2dacb8c7cc30b7f3e21ce81cdac130de28c6fb69b9cbdee2874f7dd75387323a541e40024bf39e895e2ce741d72ebd18ffa61e2c7cb40850b45a6c47e4f7242fcc77e784d5a4dede2de85bcd73152460f1662db7c9dff29f13f2799ab9625320232d642387610b94781f9a1c35f79fcb49b50b2b74d16cf78d770202049a921a36668a3fadce4dad2a3786d0b16e4e08c21c497c6242f192a3fd289e067cbbe83ad6c614a7582cb4cc1b88583178e1c47c46320402a7535db9ebd1c92ca330892e6df4ceb0fca4b8fca762eb60108328a7ccf29256795903637fc7fd5c5c433e03a7775bf8f40f4f3acca411fbecd2a4bf017fb1dd4c470774ee5b5acdd7c73120198c3940b01d7140d2bc3e388b3ce5fc03a71400d1fea402a5f2c2724fb2d47d461276075c885c9d25e2cced96549b1cd1fce1f2db13fc5b4c505d0bb3e054f79d0f76be8a899a2ccc424fafd02bb019ca87368fe51b40e6c3c0edfb9e17349ffdb93949e3abdeae154197a283af987a66e6e8f212cb676618a22c95839aec2ec703a3b2146818a5667d5b74dc9bba131c4bc69bf4fdd26e0e501dabc0aabf6d41d04d42f63c0e38755a4ff9c5d0b490a832c0a726b2515f35425aaa9c860d25040097d7c79f1383fadec2c6c706fc66286e38b04f8ee311db1437657b9c8d4c90d402dec48beda159995253af24d6b49aca353c56a5ab95f698a5581ec2ec57ebffd0dda6d6d6578d534ce8330c0bf8e3ceb71658a5eda9af8b8ddd5090ed9bf824cace8f9263b8da9eb42bad52b8327206eada975583a6740ac300ff126f0e1eaa429ccb3616280ea570903c47fcdbeac730040726cdee7ff07cefcd8c496cd282437747d8fd6dcee0abbf2c7c3ffb8b57630518c6231e1bfc951ee4cdf3b6ba6932dc909c19944d6a795b52ac9a924ce38057ca651c6311be524298fc6831fa91117b6ac31bbac9dbd332c0319c258b09aa1d35954ff0a21013b25cf603e1f4cbba21b2bb3a70f94188423a57dfb2202f856944bf2c9a860ce35d58e14d52f0680c070deca91aa8abd595b3846e99860d3645c0573fead9f79fdf1f875fad7aaf618d691b61c72e4eda2e39d34f3289eff28820f490b229568fe018cc2a79fdb27fa3cb1192951c9aeb9e607948aa8e9a8b34178305e370c7fb006edb566fb9ddffeee9e690405a85f6bfe393d1708dd0779ed3d2ab0483596348676d7816581417f0218867a0aaae29081cb3885d13e6932565ebeba3608152eb61f0f9861e016ecf8d75535900e8da3b738fdad5b39c6c1de08cf765f4aa663d4ba79427a1b3a20ad16481e8b5515e326e591622b931110696bba9ef7ba7c76149f4c199eec4438dc90443554249c2a761f5607ad8ddcddced2a11531325d70bdd168696c5c3e199d15d649307d171bff912f4599ec6f400f4d05ab77ab647a64062e1a079c3503c71ce9fa54529e165afc417f7e03b56984fba7a970978e966b436f8434321c7ba2734888b90ec1d46f7153252d82662cf22ae337da95400572aedb5e97e81694fc005346f7cd32b9a25459ff129ef0a5684857c86e90fde1572cfebbd606eae2e65ba2a3867c041a65463666bd51f2a70960f22172c288b79990a4f8071dea512c7d9a4b64214acf04e2a236b8cf8ebf615112bc753d3f9d94de29df97ff639374406b4f60b653aa28548737efed1c7b931af5301e922412bceb7c5e8b4fca868ef841978c01756e3dd89f05ce151c95c43ec226f51d758b76565bc2ad40bba5e6906ce6ebd9c8129a877b8c38a461bbc0efdc076516a241abc5154feeab0426ec4009b14834df917e7dc986cba13e085d1c1cf31c558dc4e5bb3b60cc39a6d09537a2b63d881bb13be83f91862c88b0c7943cf0e8874497638346822bae42d70bbdbc8dc298ef9b3db99873bf6b4d739a6fff00e571ca23b2174e30aa09b6c6371e64caac5b32e17e8b20275ad52f6df22f67c438ee7b06a727edd541e54b2e58238943ea207c6ebf2e1a4de1afd12cca5cdcd258e4d151bdb9489dd398cd7c5ecb551765d5a83dd6d1f532bc9f7851d09ff0b385f7ebd921ffd5edb8306c1e941995ffda0122a6def4704d9df58221e44cb3779fa1302c8d4c7000e5e501156d1974523483c02dc37403b6fc740199aeb606cb31923d9ccd14c9f5a873c50fd1090e675d7afac8273c2840e200bb6d91a7de016bc5abf430ca9667720fd91b98a1527017b88004e33cc2e8eea81774a3374cd4e89bf9d983a452aceec54526c69dde6d6e00a2442992c9e06f9bee522410683339271353a26bd39f10f46e158f8369535284872520f497cd345f733ac2dec7d5613bf29e25ed1054597651d1e13ab720d3fac2ea77fa4d1b58a8123e593c5a64d92a26ef1c9a8cb236f744cd2c1da3d39f8a9d73a516b85a3cc43e36c5b693c4a763b6006ad58dcb39a7815ead72427630891150205765933eabd7767e873a07c163b9bc3683ec786b8746ae9f7e971799ea71350e308329d074a463667fd6e9907320550bed549bb6600776da19066682853d65f1554bb8e3c4ef582ac6392cfa818db7b3a39bb390ac864965d33f6b03e133e9cdd0cf657d8fa59d5a5ac7478e8d43f75a3efe7028a94efe050f1e38aeb0ae9460fe308a5150800515a2a4438410424e0a3ee1b78b73c1db922ec2b16819b891d06cf29e404ffccb31ac7786a9e0486de05b556306da3008726594055d7ded2e86647f9680e22718661e2aa0a71891266ebe7d78ca9b7f1dfb15c91dfdc8c664a8b40e4b1e836bdf3c2b1d884569ad508bf4476264f28b75542a804020da44348b8afce7a16814738e14377b64ac90b8780e2da6798ada309908cb25283ed178ea51d0ce273cb4110a7b50effb6a3c2fee56ce57c19df0032ebc963bbe38b1f727011f103a2fb1d815cacd8b5d6e5e5e64c64204e950e38372bfc5142e1d276bab24f138a812ce6b95194bde0d330ec1353dd0b54a7ea412b7ceadfbca4fbb076b5df5fbe42a43fcb40bda4fcbeb4d7ca82af4d9fe165f520e230a02be7fd96a8b327fc4b846e05383712f2e76140de95b66d365ae196a956d831d8f3e2ae42ba9a344430c1e4fd340bf3a7da1575770d2d9116d5cc508edb5458b99a14a5cbab9379eec14b8eda32e63490344101b68d07b541f3f8c98fa62a67f6f0ccd8fce4423c17bc2d72d4d531cffe17b127969229bdf565ef23af6ad46340b75279707b3c52a854e8bc8336cf46da44f4f2dee12770307c66c0ae02ead4ef07a99dee245a7b10a1bffd3b6b9c1803e9e74381bccb4cc58b8bb8e5e4a5840fe156fbf7fb5ca5981b0c1c6620aadc68777e7d95dee989c5cc0efc06dea2d30e4c97e691cf1b966a029efe10a918db73e6feba4c7f5bff8ac5beca01d16ba715dd408513ed1f4e3d89eed6f8918475004834b368d0d26e60f713e8f4627c2dd3210aafddab92bcc50f453b6c4f034caab1d82213e6aa8146cec5a1c54e25ff8e82e50ebb86f036462beddcb1e905a8810aae49866f99aef295fd69480d2f114b11cfca1ebd4c31a946e3c58c9a7da2c2950553a70299986c856f2e0a0b3e8225d5f6840ffcea1325f38850ba014d8e6db23074d05c5303ef420cda9c34936116a6c15b3d5a320c2218b314b470c4c36935a28ea69d68d0a15fda67428e03901a019e2a9c4a6c99b6ec1cd2f1c7382d4a4aaa527388ee370d20c8af1606ad5d2efc6485fc4aebf66c4997400cbe83a1d2c4f05ad5873c010283e1af20fc628c8767621e2cbc815d032db0dc4b6e7e446cfcb3366b60413f9cc288171e248de5c7e22abb7e1b2fe5f8f223faa255f73a1ea661e6b331889e116cf98656d939d3095fad88a8c9b60a3f9973056d05fbdafc3d47ccc94e264dc62781d2fd9419a5c478f844e2398785fa76f3f2917f2011f8ac529e5fd52a828c9add9d1c64dc46a6b533480e4136ddd92e6a5c6205fed65c3b4b7d912d8df0f8f254173c1e6a072882680c1063d631c52ac0e71d8279239557a877e8451f73f02ae232baeed8bbb4360e9f62e8c9809cdec2bf4c844e01b7db2924ccb60851ff961fbc3dd62a78e49cc41addafdb868be5dd4be5d54d879223ff337713bb2c72c30a3552f79362b97c62de7f3ff24ca2b2712d1abd0466767ebaf3dae7f946e89ee6a6c0f0f28e25c3e8bb31c805e95a98deee37c8f0f66d365fc09a67a4e5b207ee2ac945290586a68cf3b5dec7f2a0b06b0a3f7fb4adba0809f9f7f4c940cfee5384d6d8bd11b83cb26ba9d88c63c7b50e8a74721919fe092c5125b4a7f87d0e6ff8551dacf333034c2049e281ef91c1c649ec1fa187087ed7472eb8d28dacaec02f9a87f58d694139f6f48153c41cd6cf05f041c6eb01c6cbee6baa12d8d7b28418e43c93b4355521c7353476c8bae3f07edd3891ab50c989b5920c813615fbfcdcba7b0673d7be6f2921a6c92e5577f6c9cd7b64983b2501947730a3cac898c079807936642e638f3c8da92fed4525d7cea627bafca85c0b097be800a3ac7d29b3bb1e5d2e7804a9473e3771b032f561e86df92e3cd8c0265c341fff030a2347f4e4e5261ff2c1cc4c0b866e012f4957fae94cf70bda7701627ae1dfca76825f8bf691fc4c152c1626a67941cc7e80caaee3551d2a0e7b732dcbfb1829364fcc2caf0267e10c18b4aa7c45aaa0ea90f9025e5c57bb99a4ea0f61d280935c8b582d2315f2bad6a5f77000e4c302172fa43d359662f1bab10e03352acf29fbaea9bcaa19e79b53fa0bae27f3300d5fdbb52588145e9c6097f3719c6fb6f35388711cd3b98f385084019806d8ea5a6480485ed2b95162af132bf056bfa7c210a99f32e827728d2a932122084d6268f5998fedfbf99ccbbbd6db6771ad1d2018376892ad8ed37f22b6eb6df245789d727f2c6638091005099139660d4699715642b1afbe986202c99ceb040c1f968af8e77f2dda326cc833e1f5336fc6b2d0d4398", 0x1000}, {&(0x7f0000001900)="cbfa0883d5580927d3e828ce7bf7a490b0862bac02fe11eafc02a5b65278b9fe5e342fde726a4f", 0x27}], 0x9, &(0x7f0000001b00)=[@init={0x18, 0x84, 0x0, {0x0, 0x1f, 0x3, 0x8001}}, @sndrcv={0x30, 0x84, 0x1, {0x8, 0x0, 0x1, 0x81, 0x10001, 0x1ff, 0x40, 0x3, r7}}, @sndrcv={0x30, 0x84, 0x1, {0x7, 0x4, 0x0, 0x8, 0xffffffff00000000, 0x80000000, 0x80, 0x4, r8}}], 0x78}], 0x2, 0x10) getsockopt$inet_dccp_buf(r5, 0x21, 0x2, &(0x7f00000000c0)=""/185, &(0x7f0000000180)=0xb9) r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000001d00)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f0000001dc0)={&(0x7f0000001cc0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r9, 0x4, 0x70bd28, 0x25dfdbfc, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40804}, 0x4004014) 12:19:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x8000, 0x0) ioctl$VT_RELDISP(r3, 0x5605) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:19:03 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:03 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) personality(0x4000009) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000100)='/dev/sg#\x00', 0xffffffffffffffff}, 0x30) getpgid(r3) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000000c0)={0x0, r0, 0x100, 0x2, 0x1000, 0x4}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x31, 0xffffffffffffffff, 0x0) ioctl$SG_GET_VERSION_NUM(r0, 0x227a, &(0x7f0000000080)) [ 545.872726] *** Guest State *** [ 545.876205] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 545.885261] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 545.894256] CR3 = 0x0000000000000000 [ 545.898032] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 545.904163] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 545.910227] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 545.917110] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 545.920457] *** Guest State *** [ 545.925280] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.925318] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.925349] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.925382] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.925415] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.925439] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 545.925485] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 545.928817] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 545.936920] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 545.945034] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 545.953133] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 545.961126] CR3 = 0x0000000000000000 [ 545.969482] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 545.977392] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 545.985484] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 545.985519] Interruptibility = 00000000 ActivityState = 00000000 [ 545.994498] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 546.002568] *** Host State *** [ 546.002610] RIP = 0xffffffff812b0dfc RSP = 0xffff88805e24f380 [ 546.011493] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 546.019595] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 546.019636] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 546.023513] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 546.029946] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 546.036048] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.036087] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.036116] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.036147] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.036181] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.036213] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.036246] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 546.036269] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.036311] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 546.043888] CR0=0000000080050033 CR3=0000000010294000 CR4=00000000001426f0 [ 546.043927] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 546.050205] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 546.056294] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 546.056305] *** Control State *** [ 546.056324] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 546.056338] EntryControls=0000d1ff ExitControls=002fefff [ 546.056363] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 546.056380] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.056397] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.056414] reason=80000021 qualification=0000000000000000 [ 546.056429] IDTVectoring: info=00000000 errcode=00000000 [ 546.056442] TSC Offset = 0xfffffed79efa8075 [ 546.056453] TPR Threshold = 0x00 [ 546.056470] EPT pointer = 0x00000001f7bc901e [ 546.261174] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 546.268828] Interruptibility = 00000000 ActivityState = 00000000 [ 546.275219] *** Host State *** [ 546.278472] RIP = 0xffffffff812b0dfc RSP = 0xffff8881ffe3f380 [ 546.284612] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 546.291097] FSBase=00007f3a33aac700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 546.299059] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 546.305098] CR0=0000000080050033 CR3=000000006b195000 CR4=00000000001426e0 [ 546.312277] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 546.319014] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 12:19:04 executing program 3: unshare(0x28020400) r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) writev(r0, &(0x7f0000000580)=[{&(0x7f00000003c0)="87952b7cf199a53d516056369b4f3cd36ec02f7cd9e3ca64aa6ebf85b2887e83174f85e9859c820c9e7b3799c70db3ccd41def6c98107797ba93425e9eaf26f8ffaabdb3251c348cfabb0e332e2421f2fd21ec2837a954cbcebc714cec4b506d70d450514ffeadb9e7921754807f493b921f441b1d5c944b5e14459ab17c1dca7160d3ff017c688a5d1d3d4e59509e4fdda55588b656bac827fda0", 0x9b}, {&(0x7f0000000480)="e21d0905eabdc0bd6eb1990fb034240882f5e83e8b77a405d0f54ba93873704eee4ebe0ffb70c0f03a76f8047929c797", 0x30}, {&(0x7f00000004c0)="6db9ea06c7ccea18b3027cedda612d0a28332b066f2c6562c00bf46d0cb67907f892ee1182b756f75fcc6d427a8283834e2bf33cc8dccfafd301a72bec6583cd4cec640d29b584800c9b8a6f5de9ce11fc4ec0f13f6f34ceebaa701f308baf4e80ba9f9710cbc1b8ebe6ea074a161d10d50282190f824ea41f738f80c418d40112125976c61a7fa7b7fde3a2865716f370fcd8a6f8fb9283aa25476b44e1ed0c888f6f1743b3bb00dec7401a1a150ce2fa", 0xb1}], 0x3) r2 = syz_open_dev$vcsa(&(0x7f00000006c0)='/dev/vcsa#\x00', 0x3, 0x800) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000700)={0x20000000}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000005c0)={0x0, @in={{0x2, 0x4e20, @multicast1}}, [0x1, 0x0, 0x7, 0x6, 0x8, 0x81, 0x8, 0x9, 0x4b5, 0x0, 0xd1, 0x80, 0x9, 0xfb2, 0x9]}, &(0x7f0000000380)=0x100) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={r3, 0x100000001, 0x10}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYBLOB="3e000000d8c2707bb8840f69434abb62b80b0307113632d8c97220bdea908ca35f638e0f2093b46a97dc3760aadbd5680aa8766bcca04bf1c78396"], &(0x7f00000002c0)=0x46) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x22000, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e20, 0x40, @loopback, 0x8}}, [0x4, 0x6, 0x80000000, 0x101, 0x100, 0xb425, 0xa4, 0x4, 0x0, 0x80000000, 0x0, 0x5, 0x65e4, 0x3, 0x4]}, &(0x7f0000000140)=0x100) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r5, 0x84, 0x20, &(0x7f0000000200)=0x1, 0x4) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000180)={r6, 0x3}, &(0x7f00000001c0)=0x8) 12:19:04 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x4, 0x4, 0x4, 0x7}, 0x2c) close(r0) [ 546.325323] *** Control State *** [ 546.328845] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 546.335714] EntryControls=0000d1ff ExitControls=002fefff [ 546.341331] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 12:19:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:04 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x4, 0x4, 0x4, 0x7}, 0x2c) close(r0) [ 546.341352] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.341370] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.341389] reason=80000021 qualification=0000000000000000 [ 546.341406] IDTVectoring: info=00000000 errcode=00000000 [ 546.341421] TSC Offset = 0xfffffed7a03fc2a2 [ 546.341439] EPT pointer = 0x000000020b79901e 12:19:04 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 546.625343] *** Guest State *** [ 546.628848] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 546.637910] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 546.646939] CR3 = 0x0000000000000000 [ 546.650720] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 546.656864] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 546.663091] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 546.669929] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 546.678102] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.686314] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:19:04 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x12, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'nr0\x01\x00', 0x4006}) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, r1, 0x0, 0x11, &(0x7f0000000000)='\\trustedppp0proc\x00'}, 0x30) socketpair$unix(0x1, 0x10200000000001, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000140)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r1, &(0x7f0000000080), 0xfdef) [ 546.686347] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.686383] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.686420] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.686447] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.686483] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 546.686509] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.686543] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 546.686575] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 546.686602] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 546.686623] Interruptibility = 00000000 ActivityState = 00000000 [ 546.686632] *** Host State *** [ 546.686659] RIP = 0xffffffff812b0dfc RSP = 0xffff8881ffe3f380 [ 546.686703] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 546.686734] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 546.686762] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 546.686793] CR0=0000000080050033 CR3=000000006b195000 CR4=00000000001426f0 [ 546.686825] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 546.686849] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 546.686860] *** Control State *** [ 546.686883] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 546.686902] EntryControls=0000d1ff ExitControls=002fefff [ 546.686929] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 546.686951] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.686973] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.686991] reason=80000021 qualification=0000000000000000 [ 546.687006] IDTVectoring: info=00000000 errcode=00000000 [ 546.687020] TSC Offset = 0xfffffed73bb60f8d [ 546.687035] EPT pointer = 0x00000001f789f01e [ 546.687215] *** Guest State *** [ 546.687242] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 546.687268] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 546.687280] CR3 = 0x0000000000000000 [ 546.687301] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 546.687320] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 546.687346] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 546.687373] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 546.687408] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.687442] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.687473] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.687505] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.687540] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 546.687563] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.687597] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 546.687619] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 546.687652] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 546.687672] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 546.687692] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 546.687711] Interruptibility = 00000000 ActivityState = 00000000 [ 546.687721] *** Host State *** [ 546.687744] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f602f380 [ 546.687787] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 546.687813] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 546.687836] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 546.687861] CR0=0000000080050033 CR3=00000001f65c2000 CR4=00000000001426e0 [ 546.687905] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 546.687939] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 546.687964] *** Control State *** [ 546.687999] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 546.688092] EntryControls=0000d1ff ExitControls=002fefff [ 546.688127] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 546.688163] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.688206] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 546.688241] reason=80000021 qualification=0000000000000000 [ 546.688258] IDTVectoring: info=00000000 errcode=00000000 [ 546.688274] TSC Offset = 0xfffffed732c92603 [ 546.688287] TPR Threshold = 0x00 [ 546.688317] EPT pointer = 0x00000001f609d01e 12:19:15 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000180)=""/103, 0x67}], 0x10000000000000ec) prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x90380, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000001c0)={0x5aa3, 0x0, 0x10000, 0x8}) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r5, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:15 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f00000001c0), 0x12) write$cgroup_int(r1, &(0x7f0000000180), 0x10313) 12:19:15 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000040), 0x0}, 0xfffffef1) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80, 0x0) ioctl$KDSETLED(r1, 0x4b32, 0x5) ioctl$CAPI_GET_SERIAL(r1, 0xc0044308, &(0x7f0000000040)=0x3) 12:19:15 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 557.314521] QAT: Invalid ioctl [ 557.334997] QAT: Invalid ioctl [ 557.374678] *** Guest State *** [ 557.378429] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 557.387624] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 557.396672] CR3 = 0x0000000000000000 [ 557.400443] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 557.404807] *** Guest State *** [ 557.406616] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 557.406645] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 557.406677] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 557.406727] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.410047] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 557.416173] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.416230] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.416272] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.423044] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 557.423065] CR3 = 0x0000000000000000 [ 557.423112] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 557.431117] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.431144] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 557.431175] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 557.431222] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 557.439370] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 557.448292] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 557.448333] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 557.456424] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 557.464465] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 557.472570] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 557.481433] Interruptibility = 00000000 ActivityState = 00000000 [ 557.485287] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.485317] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.485345] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.485375] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.485405] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.485428] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 557.485459] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 557.485483] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 557.485515] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 557.485533] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 557.485555] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 557.485573] Interruptibility = 00000000 ActivityState = 00000000 [ 557.485582] *** Host State *** 12:19:15 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x0, 0x100082) r1 = memfd_create(&(0x7f0000000380)='selinux!\x00', 0x0) pwritev(r1, &(0x7f00000000c0)=[{&(0x7f00000005c0)='\'', 0x1}], 0x1, 0x81806) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) mincore(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0) sendfile(r0, r1, 0x0, 0x20000102000007) [ 557.485605] RIP = 0xffffffff812b0dfc RSP = 0xffff88803a35f380 [ 557.485647] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 557.485675] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 557.485699] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 557.485742] CR0=0000000080050033 CR3=000000007e990000 CR4=00000000001426e0 [ 557.491740] *** Host State *** [ 557.499844] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 557.507938] RIP = 0xffffffff812b0dfc RSP = 0xffff888039e8f380 [ 557.516032] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 557.516066] *** Control State *** [ 557.524170] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 557.524207] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 557.524228] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 557.524256] CR0=0000000080050033 CR3=000000005e0b5000 CR4=00000000001426f0 [ 557.524284] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 557.524306] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 557.524315] *** Control State *** [ 557.524336] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 557.524351] EntryControls=0000d1ff ExitControls=002fefff [ 557.524386] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 557.530398] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 557.538469] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 557.538504] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 557.544970] EntryControls=0000d1ff ExitControls=002fefff [ 557.545008] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 557.551692] reason=80000021 qualification=0000000000000000 [ 557.559269] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 557.559288] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 557.559304] reason=80000021 qualification=0000000000000000 [ 557.559318] IDTVectoring: info=00000000 errcode=00000000 [ 557.559330] TSC Offset = 0xfffffed1766eef39 [ 557.559342] TPR Threshold = 0x00 [ 557.559359] EPT pointer = 0x000000000f86301e [ 557.845698] *** Guest State *** [ 557.852146] IDTVectoring: info=00000000 errcode=00000000 [ 557.852162] TSC Offset = 0xfffffed1763551b2 [ 557.852175] TPR Threshold = 0x00 [ 557.852203] EPT pointer = 0x000000007acc501e [ 557.891367] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 557.900384] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 557.909427] CR3 = 0x0000000000000000 [ 557.913305] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 557.919334] RFLAGS=0x00020602 DR7 = 0x0000000000000400 12:19:15 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @random="e7dc0bd148fe", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0xf401, 0x0, @remote={0xac, 0x1c}, @local}, @igmp={0x0, 0x0, 0x0, @broadcast}}}}}, 0x0) [ 557.925511] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 557.932594] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 557.940650] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.948897] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.957008] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.965149] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.973286] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 557.981327] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 557.989479] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 557.997600] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 558.005768] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 558.013868] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 558.020351] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 558.027976] Interruptibility = 00000000 ActivityState = 00000000 [ 558.034351] *** Host State *** [ 558.037599] RIP = 0xffffffff812b0dfc RSP = 0xffff88803a35f380 [ 558.043750] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 558.050230] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 558.058210] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 558.064256] CR0=0000000080050033 CR3=000000007e990000 CR4=00000000001426e0 [ 558.071338] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 558.078185] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 558.084364] *** Control State *** [ 558.087862] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 558.094703] EntryControls=0000d1ff ExitControls=002fefff [ 558.100239] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 558.107354] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 558.114140] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 558.120774] reason=80000021 qualification=0000000000000000 12:19:16 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 558.127254] IDTVectoring: info=00000000 errcode=00000000 [ 558.132823] TSC Offset = 0xfffffed1398b734e [ 558.137216] EPT pointer = 0x0000000074bb401e 12:19:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{}, {0x20000000304, @link_local}, 0x3, {0x2, 0x0, @broadcast}, '\x00\x00\x00\x00\x01\x00\x00\x01\x00'}) 12:19:16 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) prctl$PR_GET_KEEPCAPS(0x7) r2 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x3, 0x2) ioctl$SG_SET_TIMEOUT(r2, 0x2201, &(0x7f0000000000)=0x2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="86040000de2f6040d6823c1bf1ee332c74aaa5ba39e51ab4d60c2b77afa6e1fa18bcb748d943b4f3867846bd86051e1fe6ed6e993165f101a6490e09cd86d0d19760baff3e002c6697ce9f71367759b6bccf5236017181da85b50a464a53b351d126d5f7ff9a047c0d3688f5b91a8c95430a81c2d98e94203eff03363264084c0880ac8f3624ec02c15d0e021e54c5bc39a71e9ebfb6906a962fce153684cc1bbf3a83c9f9e2bac33f74a1f1109a12f2843c306e9f8007d3827dabb8ca458b965fd8d4f2ab68ff0d238a66203a6801ce6ff6eb73bf66"], &(0x7f0000000340)=0x8e) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x9, 0x7cb2, 0x4}, &(0x7f0000000480)=0x10) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000280)={r3, @in6={{0xa, 0x4e21, 0x5, @local, 0x8}}}, 0x84) 12:19:16 executing program 5: r0 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x5, 0x40100) setsockopt$inet6_buf(r0, 0x29, 0xff, &(0x7f00000001c0)="bf37862413d8f95a35fe4f700f02881be1cbeaa098d0413513035014f1bebeae00f4effa51d4520585b1177bbbb0109a32a3e765c8c2e3bbf87a951b598e2d53385d93ebd811f34eebf2716832fc7c398b728baadc2f4e4fe72730aad092eb0c8aea8bd63d2eb2f2c1de35be507d1d88852c80fcd655ecbab9a9ae92e5df81d7d15ee050fe045ffdc110feac0ea10d3fa459833387621ff30c69ff313a9a691a2ac11f9954818c749eca7cc1", 0xac) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:19:16 executing program 3: unshare(0x10000002) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)={r0, 0x0, 0x53e, 0x1000, 0x6}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:16 executing program 4: r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000004740)=ANY=[@ANYPTR64=&(0x7f0000000200)=ANY=[@ANYBLOB="bd17cc82396722647ed61553e41cf75bdc86ad787a996e108cdc874a73bd909eeb18ad2db6636b7e9bf00e7a42e109cc395a5b51adc669c96ddfde41975ec5ce3ed3f3bd077fa66a1ac4345848edf4810f0879796ba96fbb6fd0edf0a9ab6cdcf2aaa776f818b5b4766ffa48c14cdb5e3c0d669c074c3eadf4970671765ab67810a8be422908b7a26e8e9082020cfdd6", @ANYRESOCT=r0], @ANYRESHEX], 0x1a) rename(&(0x7f0000000480)='./file0\x00', &(0x7f0000000080)='./file1/file0\x00') rename(&(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000100)='./file1\x00') [ 558.581270] *** Guest State *** [ 558.584926] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 558.593940] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 558.602916] CR3 = 0x0000000000000000 [ 558.606777] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 558.612988] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 558.619052] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 558.625924] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 558.634055] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.642250] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.650819] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.659022] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.667176] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.675343] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 558.683489] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 558.691546] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 558.699689] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 558.707806] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 558.714364] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 558.721948] Interruptibility = 00000000 ActivityState = 00000000 [ 558.728244] *** Host State *** [ 558.731515] RIP = 0xffffffff812b0dfc RSP = 0xffff88808e67f380 [ 558.737668] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 558.744250] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 558.752186] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 558.758157] CR0=0000000080050033 CR3=000000007974a000 CR4=00000000001426e0 [ 558.762578] *** Guest State *** [ 558.765351] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 558.765378] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 558.765388] *** Control State *** [ 558.765410] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 558.765427] EntryControls=0000d1ff ExitControls=002fefff [ 558.765455] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 558.765496] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 558.768839] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 558.775629] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 558.775669] reason=80000021 qualification=0000000000000000 [ 558.781946] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 558.785347] IDTVectoring: info=00000000 errcode=00000000 [ 558.792063] CR3 = 0x0000000000000000 [ 558.797563] TSC Offset = 0xfffffed0d5a0ea8e [ 558.804623] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 558.811337] TPR Threshold = 0x00 [ 558.820383] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 558.827001] EPT pointer = 0x00000000398e201e [ 558.876373] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 558.883371] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 558.891434] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.899683] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.907903] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.916138] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.924316] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 558.932613] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 558.940706] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 558.948944] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 558.957108] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 558.965376] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 558.972004] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 558.979546] Interruptibility = 00000000 ActivityState = 00000000 [ 558.986087] *** Host State *** [ 558.989371] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bb4f380 [ 558.995601] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 559.002203] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 559.010068] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 559.016213] CR0=0000000080050033 CR3=0000000079515000 CR4=00000000001426f0 [ 559.023409] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 559.030137] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 559.036369] *** Control State *** [ 559.039873] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 559.046740] EntryControls=0000d1ff ExitControls=002fefff [ 559.052386] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 559.059378] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 559.067100] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 559.073875] reason=80000021 qualification=0000000000000000 12:19:17 executing program 3: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x5, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x100001, 0x4) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000080)={0x5, 0x200, 0x93}) unshare(0x28020400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) 12:19:17 executing program 4: [ 559.080276] IDTVectoring: info=00000000 errcode=00000000 [ 559.085938] TSC Offset = 0xfffffed0bf133d7b [ 559.090314] TPR Threshold = 0x00 [ 559.093872] EPT pointer = 0x000000003987a01e 12:19:17 executing program 4: 12:19:17 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:17 executing program 4: 12:19:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x40, 0x200040) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x6c, r5, 0xf08, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xca9c}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x502480eb}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x300000000000}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x99d9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) 12:19:17 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x2000, 0x0) r3 = eventfd(0x21a2) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000000c0)={0x3, r3}) 12:19:17 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000000)="72b0ec58fa118eb8605dde9377b8f52c421ff0ccf904fd3b01545c31fb422a4725d26013432c7944fe73188b482f6dd9d58fefbd32e8de9e2f78655842dee449c7b8c12d6eed6273b04c6c8f0d30a8c466da32be26934a90b505be4ee3ec6a923013baa3e76e12bff8b0a1f9f2cead5d5350fb05bcd045e3b6497df1e63cfc679f2dec56929d2ca8a083787a885df61cac6bc224e3dd152aa52c91aab34f085b991679f7310825d85a083e1d2280d864ebf7") bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 559.545450] *** Guest State *** [ 559.548987] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 559.558067] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 559.567126] CR3 = 0x0000000000000000 [ 559.570916] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 559.577027] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 559.583161] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 559.589989] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 559.598157] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 559.606393] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 559.614550] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 559.622706] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 559.630770] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 559.638941] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 559.647631] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 559.655753] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 559.663898] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 559.672005] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 559.678484] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 559.686087] Interruptibility = 00000000 ActivityState = 00000000 [ 559.692660] *** Host State *** [ 559.695909] RIP = 0xffffffff812b0dfc RSP = 0xffff88805f17f380 [ 559.702114] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 559.708606] FSBase=00007feb364da700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 559.716623] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 559.722683] CR0=0000000080050033 CR3=0000000039dfb000 CR4=00000000001426e0 [ 559.729781] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 559.736643] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 559.742843] *** Control State *** [ 559.746367] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 559.753217] EntryControls=0000d1ff ExitControls=002fefff [ 559.758754] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 559.766180] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 559.773012] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 559.779667] reason=80000021 qualification=0000000000000000 [ 559.786190] IDTVectoring: info=00000000 errcode=00000000 [ 559.791716] TSC Offset = 0xfffffed050514fd0 12:19:17 executing program 4: 12:19:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 559.796215] TPR Threshold = 0x00 [ 559.799634] EPT pointer = 0x000000008fb7301e 12:19:17 executing program 4: 12:19:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 560.074747] *** Guest State *** [ 560.078318] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 560.087480] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 560.096593] CR3 = 0x0000000000000000 [ 560.100361] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 560.106593] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 560.112742] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 560.119478] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 560.121527] *** Guest State *** [ 560.127632] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.127668] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.127704] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.127737] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.127769] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.127805] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 560.131139] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 560.139277] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 560.147391] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 560.155492] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 560.163851] CR3 = 0x0000000000000000 [ 560.171727] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 560.179885] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 560.188870] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 560.196966] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 560.197008] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 560.205977] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 560.206011] Interruptibility = 00000000 ActivityState = 00000000 [ 560.214123] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 560.217841] *** Host State *** [ 560.225959] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.232043] RIP = 0xffffffff812b0dfc RSP = 0xffff888076fff380 [ 560.232081] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 560.232121] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 560.238567] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.244650] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 560.244688] CR0=0000000080050033 CR3=0000000039cc4000 CR4=00000000001426f0 [ 560.251396] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.258987] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 560.265416] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.265447] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 560.265470] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 560.265502] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 560.265526] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 560.265555] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 560.265575] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 560.265595] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 560.265614] Interruptibility = 00000000 ActivityState = 00000000 [ 560.265623] *** Host State *** [ 560.265645] RIP = 0xffffffff812b0dfc RSP = 0xffff88805baff380 [ 560.265684] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 560.265709] FSBase=00007feb364fc700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 560.265731] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 560.265756] CR0=0000000080050033 CR3=000000001507e000 CR4=00000000001426e0 [ 560.265783] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 560.265803] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 560.265811] *** Control State *** [ 560.265828] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 560.265842] EntryControls=0000d1ff ExitControls=002fefff [ 560.265865] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 560.265884] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 560.265902] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 560.265918] reason=80000021 qualification=0000000000000000 [ 560.265934] IDTVectoring: info=00000000 errcode=00000000 [ 560.265947] TSC Offset = 0xfffffecffc32b24b [ 560.265958] TPR Threshold = 0x00 [ 560.265973] EPT pointer = 0x000000007294f01e [ 560.521575] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 560.527830] *** Control State *** [ 560.531339] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 560.538211] EntryControls=0000d1ff ExitControls=002fefff [ 560.543812] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 560.550792] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 560.557656] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 560.564389] reason=80000021 qualification=0000000000000000 [ 560.570761] IDTVectoring: info=00000000 errcode=00000000 12:19:18 executing program 4: 12:19:18 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:18 executing program 4: [ 560.576400] TSC Offset = 0xfffffed007af1637 [ 560.580760] TPR Threshold = 0x00 [ 560.584237] EPT pointer = 0x0000000039de301e 12:19:18 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x200, 0x1, 0x1, 0xffffffff00000000}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:18 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000180)=@v1={0x1000000, [{0x10000, 0xfffffffffffffffc}]}, 0xc, 0x1) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:18 executing program 4: [ 560.966723] *** Guest State *** [ 560.970218] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 560.979345] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 560.988347] CR3 = 0x0000000000000000 [ 560.992169] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 560.998186] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 561.004369] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 561.011144] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 561.019281] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.027382] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.035478] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.043622] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.051712] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.059873] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 561.076312] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 561.084462] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 561.092564] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 561.100592] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 561.107179] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 561.114752] Interruptibility = 00000000 ActivityState = 00000000 [ 561.121012] *** Host State *** [ 561.124372] RIP = 0xffffffff812b0dfc RSP = 0xffff888039dcf380 [ 561.130406] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 561.136976] FSBase=00007feb364fc700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 561.144897] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 561.150830] CR0=0000000080050033 CR3=00000000797c1000 CR4=00000000001426f0 [ 561.158011] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 12:19:19 executing program 4: [ 561.164810] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 561.170918] *** Control State *** [ 561.174525] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 561.181240] EntryControls=0000d1ff ExitControls=002fefff [ 561.186845] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 561.193935] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 561.200648] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 561.207383] reason=80000021 qualification=0000000000000000 12:19:19 executing program 5: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x420002, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000240), &(0x7f0000000280)=0xc) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r4, 0x4010ae94, &(0x7f0000000380)={0x3c3b8cb1, 0x0, 0x40}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = msgget$private(0x0, 0x100) r7 = getuid() r8 = getegid() r9 = geteuid() getgroups(0x9, &(0x7f00000003c0)=[0xee01, 0xee00, 0xffffffffffffffff, 0xee00, 0xee01, 0xee00, 0xffffffffffffffff, 0xee01, 0x0]) r11 = fcntl$getown(r5, 0x9) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000400)=0x0) msgctl$IPC_SET(r6, 0x1, &(0x7f0000000440)={{0x0, r7, r8, r9, r10, 0x0, 0x2}, 0xffffffffffff8001, 0x3, 0x3f, 0x4, 0x207, 0x6, r11, r12}) getsockopt$SO_COOKIE(r3, 0x1, 0x39, &(0x7f0000000140), &(0x7f00000001c0)=0x8) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000004c0)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x80000000, 0x5, 0x6, 0x9, 0x7f, 0x2, 0x800, 0x20, 0x1ff, 0x5, 0xc22, 0x3f, 0x3ff, 0x9], 0xf000, 0x400}) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:19:19 executing program 3: unshare(0x18020400) r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x3, 0x10, 0x100, 0x61}, &(0x7f0000000080)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={r1, 0x7ffffffd, 0x100020}, &(0x7f0000000100)=0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r2, &(0x7f0000000100), 0x0}, 0x18) 12:19:19 executing program 4: [ 561.213809] IDTVectoring: info=00000000 errcode=00000000 [ 561.219290] TSC Offset = 0xfffffecf89a257f3 [ 561.223749] TPR Threshold = 0x00 [ 561.227150] EPT pointer = 0x0000000039fe901e 12:19:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:19 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x9, 0x0) ioctl$BLKFLSBUF(r1, 0x1261, &(0x7f0000000100)=0x101) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x6, 0x101400) [ 561.535405] *** Guest State *** [ 561.538787] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 561.547884] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 561.556859] CR3 = 0x0000000000000000 [ 561.560646] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 561.566797] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 561.572928] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 561.579732] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 561.587901] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.596043] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.604205] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.612331] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.620376] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 561.628570] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 561.636696] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 561.644834] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 561.653416] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 561.661463] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 561.668037] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 561.675630] Interruptibility = 00000000 ActivityState = 00000000 [ 561.681997] *** Host State *** 12:19:19 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:19 executing program 4: [ 561.685272] RIP = 0xffffffff812b0dfc RSP = 0xffff88806007f380 [ 561.691326] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 561.697881] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 561.705856] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 561.711816] CR0=0000000080050033 CR3=000000009400a000 CR4=00000000001426e0 [ 561.719578] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 561.726413] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 561.732592] *** Control State *** [ 561.736105] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 561.742898] EntryControls=0000d1ff ExitControls=002fefff [ 561.748405] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 561.755520] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 561.762352] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 561.768990] reason=80000021 qualification=0000000000000000 [ 561.775451] IDTVectoring: info=00000000 errcode=00000000 [ 561.780958] TSC Offset = 0xfffffecf3e5f8e8d [ 561.785433] TPR Threshold = 0x00 [ 561.788859] EPT pointer = 0x000000007948e01e 12:19:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:20 executing program 4: 12:19:20 executing program 1: unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) 12:19:20 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 562.105941] *** Guest State *** [ 562.109323] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 562.118393] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 562.127410] CR3 = 0x0000000000000000 [ 562.131204] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 562.137426] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 562.143606] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 562.150347] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 562.158568] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.166750] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.174942] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.183098] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.191152] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.199371] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 562.207545] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 562.215735] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 562.223922] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 562.232087] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 562.238584] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 562.246247] Interruptibility = 00000000 ActivityState = 00000000 [ 562.252627] *** Host State *** [ 562.255896] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bacf380 [ 562.262093] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 562.268574] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 562.276540] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 562.282649] CR0=0000000080050033 CR3=000000009400a000 CR4=00000000001426f0 [ 562.289741] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 562.296617] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 562.302814] *** Control State *** [ 562.306332] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 562.313163] EntryControls=0000d1ff ExitControls=002fefff [ 562.318692] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 562.325799] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 562.332658] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 562.339314] reason=80000021 qualification=0000000000000000 [ 562.345860] IDTVectoring: info=00000000 errcode=00000000 [ 562.351369] TSC Offset = 0xfffffecef483dd56 12:19:20 executing program 4: [ 562.355874] EPT pointer = 0x000000003a23b01e 12:19:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rfkill\x00', 0x58000, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000280)) getsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f00000002c0)=@assoc_id=0x0, &(0x7f0000000300)=0x4) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000340)={r4, 0x8}, 0x8) ioctl$CAPI_SET_FLAGS(r3, 0x80044324, &(0x7f0000000240)=0x1) accept4$vsock_stream(r3, &(0x7f00000004c0)={0x28, 0x0, 0xffffffff}, 0x10, 0x800) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x4001, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000001c0)=0x3) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000380)={{{@in=@multicast1, @in6=@remote}}, {{@in6=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000000480)=0xe8) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x8000000000], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$RTC_WIE_ON(r0, 0x700f) 12:19:20 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x10000) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req={0x80000000, 0x6, 0xd23, 0x1d8}, 0x10) socket$tipc(0x1e, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:20 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:20 executing program 4: 12:19:20 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:20 executing program 4: [ 562.838146] *** Guest State *** [ 562.841631] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 562.850926] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 562.859916] CR3 = 0x0000000000000000 [ 562.863801] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 562.869837] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 562.876011] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 562.882823] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 562.890871] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.899138] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.907364] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.915616] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.923814] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 562.932011] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 562.940087] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 562.948284] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 562.956440] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 562.964668] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 562.971166] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 562.978861] Interruptibility = 00000000 ActivityState = 00000000 [ 562.985295] *** Host State *** 12:19:20 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 562.988566] RIP = 0xffffffff812b0dfc RSP = 0xffff88806bb4f380 [ 562.994775] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 563.001266] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 563.009290] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 563.015432] CR0=0000000080050033 CR3=0000000039814000 CR4=00000000001426f0 [ 563.022674] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 563.029442] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 563.035739] *** Control State *** [ 563.039283] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 563.046235] EntryControls=0000d1ff ExitControls=002fefff [ 563.051774] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 563.058921] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 563.065762] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 563.072533] reason=80000021 qualification=0000000000000000 [ 563.078929] IDTVectoring: info=00000000 errcode=00000000 [ 563.084581] TSC Offset = 0xfffffece9300bc07 12:19:21 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x7, 0x9}, 0x2c) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000040)={{0x2, 0x0, 0x9, 0x2, 0x80000001}, 0x2, 0x8, 0xb5}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 563.088955] TPR Threshold = 0x00 [ 563.092493] EPT pointer = 0x0000000079cad01e 12:19:21 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:21 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 563.491659] *** Guest State *** [ 563.495211] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 563.504316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 563.513325] CR3 = 0x0000000000000000 [ 563.517093] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 563.523282] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 563.529326] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 563.536248] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 563.544469] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 563.552655] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 563.560716] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 563.568940] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 563.577120] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 563.585314] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 563.593489] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 563.601584] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 563.609828] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 563.618118] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 563.624987] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 563.632661] Interruptibility = 00000000 ActivityState = 00000000 [ 563.638943] *** Host State *** [ 563.642349] RIP = 0xffffffff812b0dfc RSP = 0xffff88808a83f380 [ 563.648713] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 563.655352] FSBase=00007f3a33a8a700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 563.663372] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 563.669342] CR0=0000000080050033 CR3=0000000039814000 CR4=00000000001426f0 [ 563.676598] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 563.683427] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 563.689540] *** Control State *** [ 563.693414] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 563.700143] EntryControls=0000d1ff ExitControls=002fefff [ 563.705872] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 563.712974] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 563.719716] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 563.726499] reason=80000021 qualification=0000000000000000 [ 563.732979] IDTVectoring: info=00000000 errcode=00000000 [ 563.738470] TSC Offset = 0xfffffece2f7425c9 [ 563.742999] EPT pointer = 0x000000005b77001e 12:19:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x1, 0x800) ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f00000001c0)={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x25}}, {0x306, @broadcast}, 0x6, {0x2, 0x4e20, @empty}, 'bcsh0\x00'}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:19:21 executing program 4: 12:19:21 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:21 executing program 3: unshare(0x40000000000011d) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x6, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:21 executing program 4: 12:19:22 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f0000000080)="8de24ad8e3bee637fffc74213628d84cf6449af8a18eba807f99fe5ba3f60dcc7d22f03f1d91f80d17846a0e5a62a34812429b3e3f7334006380df8754a094dae57d4e746ee2d56031b5ca8a62fb5d7e8ba7aad5269f240de72779451b1077e0b3e6cb9b2456257d18d9af2dafe20d7b833ba284a4ee1bba223249025a16fac27e43ce96a2f00a6d7edbbe442984fe8ae338ed20feede6511ff03df037e8a2a2dd421a7da252f2a75f176ee0ee0f4f21cf322d80e68e618096f0008a00afa19375ef2d3fe5ec7cfd88957f74bd09c544c15750612322a12cd2f7cf38966397b8f9b1d80925f56d91d500ffd7bc14834cfe91b7a1335b", &(0x7f0000000180)=""/181}, 0x18) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x20a00, 0x0) setsockopt$CAIFSO_LINK_SELECT(r1, 0x116, 0x7f, &(0x7f0000000040)=0xffffffff, 0x4) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:22 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 563.991469] *** Guest State *** [ 563.995063] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 564.004105] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 564.013099] CR3 = 0x0000000000000000 [ 564.016928] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 564.023147] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 564.029215] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 564.036094] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 564.044265] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.052471] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.060535] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.068732] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.076886] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.085040] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 564.093240] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 564.101302] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 564.109500] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 564.117666] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 564.124253] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 564.131767] Interruptibility = 00000000 ActivityState = 00000000 [ 564.138172] *** Host State *** [ 564.141442] RIP = 0xffffffff812b0dfc RSP = 0xffff88805c75f380 [ 564.147619] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 564.154204] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 564.162412] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 564.168362] CR0=0000000080050033 CR3=000000008a9ea000 CR4=00000000001426f0 [ 564.175547] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 564.182379] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 564.188479] *** Control State *** [ 564.192084] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 564.198813] EntryControls=0000d1ff ExitControls=002fefff [ 564.204416] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 564.211404] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 564.218291] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 564.225035] reason=80000021 qualification=0000000000000000 [ 564.231415] IDTVectoring: info=00000000 errcode=00000000 [ 564.237221] TSC Offset = 0xfffffecdecda3ee0 12:19:22 executing program 4: [ 564.241593] TPR Threshold = 0x00 [ 564.245117] EPT pointer = 0x0000000061c7101e 12:19:22 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/udmabuf\x00', 0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xf, 0x8, 0x4, 0x100000001, 0x0, r0}, 0xfffffffffffffe3d) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000180)={0x0, 0x7, 0x100000000, 0x2000003}) 12:19:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(0x0, 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(r0) mknod(&(0x7f0000000480)='./file0\x00', 0x1043, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 12:19:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000280)={0x74, 0x0, [0x8001, 0x1, 0x2, 0x9205]}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fcntl$setflags(r0, 0x2, 0x1) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x140, 0x0) ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f00000001c0)=0x800801c) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) getsockopt(r2, 0x8, 0x6, &(0x7f0000000200)=""/1, &(0x7f0000000240)=0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:22 executing program 3: unshare(0x28020400) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100), 0x0}, 0x18) r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) getrlimit(0x5, &(0x7f00000000c0)) recvfrom$inet(r0, &(0x7f0000000000)=""/181, 0xb5, 0x2000, 0x0, 0x0) 12:19:22 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:22 executing program 4: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f00000002c0)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000440)='projid_map\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0) 12:19:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:22 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 564.900229] *** Guest State *** [ 564.903786] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 564.912786] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 564.921664] CR3 = 0x0000000000000000 [ 564.925506] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 564.931528] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 564.937665] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 564.944477] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 564.952569] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.960607] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.968728] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.976856] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.985041] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.993229] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 565.001270] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 565.009382] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 565.017530] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 565.025624] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 565.032158] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 565.039665] Interruptibility = 00000000 ActivityState = 00000000 [ 565.046017] *** Host State *** [ 565.049259] RIP = 0xffffffff812b0dfc RSP = 0xffff88806377f380 [ 565.055387] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 565.062771] FSBase=00007f3a33aac700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 565.070614] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 565.076609] CR0=0000000080050033 CR3=0000000060075000 CR4=00000000001426e0 [ 565.083736] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 565.090459] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 565.096625] *** Control State *** 12:19:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(r0) [ 565.100125] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 565.106905] EntryControls=0000d1ff ExitControls=002fefff [ 565.112501] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 565.119478] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 565.126303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 565.132990] reason=80000021 qualification=0000000000000000 [ 565.139354] IDTVectoring: info=00000000 errcode=00000000 [ 565.144952] TSC Offset = 0xfffffecd716fcc95 [ 565.149316] EPT pointer = 0x000000005e1d501e 12:19:23 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) r2 = dup(r1) write$FUSE_ATTR(r2, &(0x7f0000000040)={0x78}, 0x78) write$P9_RREAD(r2, &(0x7f0000000100)={0x2a, 0x75, 0x0, {0x1f, "534d6dc24908d37ba626ccf1e2c7ac3df5267d3994869a966b4e97cd47b58c"}}, 0x2a) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:23 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:23 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000000)={0x40, 0xfffffffffffff13d, 0x400, 0x400, 0x8, 0x8}) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:23 executing program 4: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000002740)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {0x0}, {&(0x7f00000012c0)=""/66, 0x42}, {0x0}, {0x0}, {&(0x7f0000001540)=""/131, 0x83}, {&(0x7f0000001600)=""/4096, 0x1000}, {0x0}, {0x0}], 0x9) 12:19:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x440140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vfio/vfio\x00', 0x602440, 0x0) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000000300), &(0x7f0000000340)=0x4) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r5 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$revoke(0x3, r5) r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x40, 0x0) ioctl$TIOCLINUX2(r6, 0x541c, &(0x7f00000001c0)={0x2, 0x6, 0x0, 0x9, 0x2, 0x100000000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:19:23 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:23 executing program 4: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000280)) 12:19:23 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x10001, 0x40) getsockname$packet(0xffffffffffffffff, &(0x7f00000035c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000003600)=0x14) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000180)={0x6, &(0x7f0000000140)=[{}, {}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f00000001c0)={r3}) sendto$packet(r1, &(0x7f0000000040)="484e17a5ad8c07e3da2cab069c57fee66ac1bcdfa80c0a3306c45188efad2cef5de5771f56e1d1c98b0f4e131640876debbf93e4e5a163b2eb19db924029c93da38dda7ed4101899fbc80c85db586e702eada4a228afdd9d10e0048406edb28df2ff1f57a8eb4609c0a83b7e6ac2c52d82753efdd7fdf007d604303e685078caee8d6b39d2609f8c086cdce214690b779ee2743d45d8fccbeb4e9eb21962af2f38f4a42bdbb7c3bcbca01ecddf033d12c2c238797a4fe3dd9e135fb1bf9bb0b2bd3b05e840a17e0eca9cb32de335ed590c5a00d98afe5ac54aefb1ada9ee8153e043995bf2eab92c88f5f030836dc4e3", 0xf0, 0x84, &(0x7f0000003640)={0x11, 0x0, r2, 0x1, 0x3, 0x6, @random="9c9fffb3cf1f"}, 0x14) 12:19:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:23 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c12") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:24 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x3) 12:19:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) r4 = getpid() ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000200)={0x4, [0x800, 0x14b4, 0x80, 0xfff]}) prlimit64(r4, 0x8, &(0x7f0000000140)={0xfffffffffffffff7}, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:24 executing program 3: unshare(0x28020400) r0 = syz_open_dev$dspn(&(0x7f00000002c0)='/dev/dsp#\x00', 0x0, 0x808) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2020020}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="2400000019000100c428bd7000fcdbdf2502808021fd03fd03000a000008000200ffffffffe2d8e013a8b8342d9743a5d8501a587f2c8b9b1d39e957093e945aa05bfd2b9d9a17888e4397648c1e0ac8fef6c1d628d8b664d568661ee5dd5cddd8408f0537f6ff4f4d9fe173c0085e7589518da6ce3fcd8dc65a871a483a558884e4002e12682e7a2478d147b74109fc96b7ec0ad40df79766366e3c60d3d9f00225"], 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)={r1, &(0x7f0000000100), 0x0}, 0x18) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000000)=0x3) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000180)) socket$nl_route(0x10, 0x3, 0x0) [ 566.225774] *** Guest State *** [ 566.229142] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 566.238298] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 566.247301] CR3 = 0x0000000000000000 [ 566.251103] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 566.257229] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 566.263329] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 566.270102] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 566.278244] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.286439] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.294554] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.302844] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.310870] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.318977] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 566.327072] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 566.335214] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 566.343342] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 566.351348] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 566.357891] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 566.365448] Interruptibility = 00000000 ActivityState = 00000000 [ 566.371702] *** Host State *** [ 566.375187] RIP = 0xffffffff812b0dfc RSP = 0xffff888074aff380 [ 566.381274] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 566.387845] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 566.395773] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 566.401737] CR0=0000000080050033 CR3=00000002004d8000 CR4=00000000001426f0 [ 566.408895] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 566.415677] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 566.421759] *** Control State *** [ 566.425361] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 566.432178] EntryControls=0000d1ff ExitControls=002fefff [ 566.437682] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 566.444791] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.451499] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 566.458232] reason=80000021 qualification=0000000000000000 [ 566.464665] IDTVectoring: info=00000000 errcode=00000000 [ 566.470149] TSC Offset = 0xfffffeccb8b585de [ 566.474603] TPR Threshold = 0x00 [ 566.478007] EPT pointer = 0x000000020490201e [ 566.524930] *** Guest State *** [ 566.528311] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 566.537421] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 566.546389] CR3 = 0x0000000000000000 [ 566.550107] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 566.556171] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 566.562265] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 566.568959] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 566.577042] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.585102] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.593190] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.601240] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.609362] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 566.617448] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 566.625517] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 566.633566] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 566.641551] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 566.649611] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 566.656114] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 566.663692] Interruptibility = 00000000 ActivityState = 00000000 [ 566.669941] *** Host State *** [ 566.673248] RIP = 0xffffffff812b0dfc RSP = 0xffff888074aff380 [ 566.679262] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 566.685773] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 566.693639] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 566.699532] CR0=0000000080050033 CR3=00000002004d8000 CR4=00000000001426e0 [ 566.706694] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 566.713463] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 566.719546] *** Control State *** [ 566.723115] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 566.729819] EntryControls=0000d1ff ExitControls=002fefff [ 566.735392] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 566.742409] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.749099] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 566.755758] reason=80000021 qualification=0000000000000000 [ 566.762163] IDTVectoring: info=00000000 errcode=00000000 [ 566.767656] TSC Offset = 0xfffffecc8ce2bd37 [ 566.772102] EPT pointer = 0x00000000643a901e 12:19:35 executing program 1: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x800, 0x0) ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000180)=""/121) unshare(0x28020400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r1}, 0x2c) 12:19:35 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c12") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:19:35 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000440)='projid_map\x00') fstatfs(r0, &(0x7f0000000000)=""/223) 12:19:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket(0x1, 0x7, 0x9) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000140)={0x0, 0x800000}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000340)={0x2, 0x1, 0x820e, 0x916, 0x3, 0x3, 0x2, 0x1, r3}, 0x20) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000580)=0x2fff) r7 = dup2(r4, r4) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f00000019c0)=@sack_info={r3, 0x0, 0xe6}, 0xc) r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x40000101200, 0x0) r9 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000480)={'syz', 0x3}, &(0x7f00000004c0)="32de5187b63b917d057faebc60c8d84a5311c72bdcfaab793ecb5715134bd3b41fbf2404d3b6b8b7c731795eff75a3f6f0580e7b40a4dd6f20620c26e6e06cd608e226ca7358b84dd03e45a999023ed911873cd01dcc3f30fe33aff94613d2c8e9153a9e2d383299ad86a5fc95542695031d50ad848387c7fdc1bff5e0688e0103fb1c5e499369e6394d7b28f17dc384712b18cbf96b536447ab6e5a8a96df1e9870a55eaf5958dd3414b04852e0002fa4d3a5b4f34c540d992e38", 0xbb, 0xfffffffffffffffa) r10 = add_key$keyring(&(0x7f00000005c0)='keyring\x00', &(0x7f0000000600)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$negate(0xd, r9, 0x9, r10) ioctl$SNDRV_TIMER_IOCTL_INFO(r8, 0x80e85411, &(0x7f00000001c0)=""/130) ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000100)) ioctl$SG_SET_KEEP_ORPHAN(r7, 0x2287, &(0x7f0000000640)=0x2) ioctl$VIDIOC_ENCODER_CMD(r8, 0xc028564d, &(0x7f0000000280)={0x2, 0x1, [0x8001, 0x0, 0x4192, 0x275a, 0x5d0f2006, 0x101, 0x0, 0x3]}) ioctl$VIDIOC_G_JPEGCOMP(r8, 0x808c563d, &(0x7f0000000380)) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 12:19:35 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0xffffffffffffffff}, 0x2c) syz_extract_tcp_res(&(0x7f0000000000), 0x3, 0x7fffffff) r1 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200002}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x1b4, r2, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7f01}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x118, 0x1, [@TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5d8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x0, @ipv4={[], [], @multicast2}}}, {0x14, 0x2, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'lo\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7fff, @local, 0xffffffffffffff6d}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @ipv4={[], [], @broadcast}, 0x1f}}}}]}, @TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}]}, 0x1b4}, 0x1, 0x0, 0x0, 0xc000}, 0x10) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x200001, 0x0) setsockopt$RDS_RECVERR(r3, 0x114, 0x5, &(0x7f00000000c0)=0xd4a, 0x4) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)={r0, &(0x7f0000000100), 0x0}, 0x2b5) bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x40000000}, 0xc) 12:19:35 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c12") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:35 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000a00)='./file0\x00', 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) [ 577.256440] *** Guest State *** [ 577.259905] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 577.268958] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 577.277907] CR3 = 0x0000000000000000 [ 577.281709] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 577.287797] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 577.293892] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 577.300604] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 577.308691] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 577.316797] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 577.324882] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 577.332977] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 577.340996] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 577.349113] GDTR: limit=0x0000ffff, base=0x0000000000000000 12:19:35 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x14, 0x4, 0x3, 0x9, 0x8, r0, 0x7918}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x400, 0x0) write$vhci(r1, &(0x7f0000000340)=@HCI_SCODATA_PKT={0x3, "7b3c852e1b9bff528acdabef072ad62a0dfe7dc211ec99322d9c60777abcddcd3c9a0823d48ae217c8ddb24f54996aa6a116b59074eeec129a0f43520bd05a62879068230828b02ca96569d6c515296e5ec86595e223686a7a875b0430fb2cc01b9dda7d922708c91348d046a1522e20dd3fc94421119586b722abee3c7a326637bf692e2a89109f8fef5036e2f44a4a55367e9b3d6fd7e548183fc6cbfeba2b70c093cf598d8ea1b9866eb7b27defbe861f4acc6a13ce5d912cb741ae63f76dbeb5608a502a800670ca2ad64e5e0b83ef5c6ddb463e50c280b8c8cf97691648105d7534cfc5ce55dd561ecca4ca32629af75ce8ef662a3aa43053cd6a259dd600f81ab41305f6b855c7eb2ed907132298bb52bcafbcede994efa1f253907f153e70592ad2eb9cc361ad9eecd0737cfdd516f2f58dc0d97be1f6a8a12594bcafdc13d403413aef19049a53f18e9c9556deb9164c3751de6fe001075d3eb2c34c1231d72c5743f7a201dd6c38c6cecc0b7bd43be5e556a7f69f0ab6e76be8a048a68f99542e724f88a5970f6a5eee64832b699b23c161a1d9addefcac3ca35c9c0288ea44b99e563748dbed85306bb28fcbcfaa9035fc269718658326a8aea8ea23d2efb7527fe2d4781ec8d203449c6cdbc3df296755b27c36b6cd11905ffd87ad5e372d79e9daef17d9b98accb0efa789ca59a15ff57b10eeb4a72f11327b67210b1368baaa4395aa43dfeb3d0110fb8d46df553a29f5565acd05cf7fd00a8b5764c467e9f20c68ab8db94aa31d38b931aeb18c1772ca83e38f7dec180adffc253c65d4338552f65479b33aea84ee282e670d1637f22e02af2414bb189b74119264e832e737a4683d8bf00e8714dcd14a90f4e919f076243f6154e7f4a49b09a584f71070c86d6fd351590b81d68e425f5b200d431b85ea98e8ea1b3bb951ec14938da44c728e4a3f16b4c1c26612bb64681ecd672208d1bfa4e01d805c2cce2ca64c3db73ec539dfe9ac2479d7cf852aec1710c8e8069af7240c044d36abd42b44f209b377f4416b86ecaf05daaa52be2cfa749d51cf220757a0858887dc5f681d9ab32eed9734975c6b59ad00f102876cd77e7c8908d5c261848e4e346eceb1edd13080bb30652185a3532d8b54fae8c4400aa53ab58d20745c50b3b9654917a7e38051e5c8a8da025b21b74b6d79f48125543b5ebff727a7471d5f885aef20491c201c2eab84ca9a52eec32bbe0dcce52198efd5203858de7e439f062a1a42a3bac6d4b5b3d7d1dd4e245a70a1711f987985d049444f667bf27f9f3e866b55335f614832358984ebda79b7d10f30a62adfc4f52ae26e4c4674f27386b224ec3c9575115ec50aae2bdca6ec4d68a8a2688c32935f35654395d0170d19207515c34145821870ab32068e6bf2b2b9d63dc768b46b5451a120673329536277addba870b413f38917fef5dcd0f13b17a72e13add0af5484b0991a83140855eb14d476232afe5f5e80f38a3388d2eba04991901739853237661cee9634b32b12015820f2baf48029cc67dafe2900a361ef1470494276ccf5b65c81316d5433b28f8508eae0ff7ff3693a0693841e6f83e736009f574a11840551cf69d2becdb71571914d0a8bfb3dccc611292161d8c05cc9f32fd2399f3897674fca662f3a6dc7ad846cad0a223f99c819b5dd038e66b5d3624a96547735e4ae98a7f2142ce2a2948f5cc7fb99931ffa3c55fb075058fcb5e025ae658883046c0213d04a87560d2c9a78fcfa01ce09b79da052ee9b5b7fd035d08461080208941c22ca24449ecd69ca6bb426f99f91b8d429f68f651ddc15f976d7d71cc548bbde135c2d1d0a444e7a50650e758e6399453ffcebd7da1501ec86ec1205f955a4008e81be7ebfcc8e849acab17974a3ec089e9b0f5e7dd12d52948f0bc3a23124076087b1dc02c90caf24782f0d018c13c8dbde6e453539fb5c8767690754b5cabf95e1b88d3d34d507311f127a77a58bf523975d12c79fdab29cf24440895e402261dddbc722d703ac7481b701471299c37082b19cb46249d3d9a80bca1966410f3715655d7d87feef8366c500fbff7f01876a1dd339af87b6274c9c1cd2ebfe7880f501326b9aa070a7f964195f55e1bb276d40ecf875a6a62048453f503584a91c40907407b1b3309719b7969186f46e95da9b347445f7498e61df0867ebd72cc79d7c418a0918aa6f87369c2674749784ffa995c5acacdaade3c444dad2f96a5d4d150c4cf0d94232090483b12b5c336b81337754fc93f739051e021a940b2031f2fd860b59799d07a88395dba02600d851c3c88431dcba7fd3cdb3bd9ba796dce3335a590ab01f8685c6c788473ffe4868cd59d7cfc5ec40b6514ae093942129d7c2701420bfcd6c90726e0df0393f4c62803cb637484deeeb4eadb7a394ca30c4b5642b396a34b3d827ff33546dd4935684e945b3879d47cd7749064ccfe9d34537d4e9ab40d5c0b348d9e898fc279ae2cec28e348ed042e0999cb0c7a4ac2156a8aeb3a6fa13542b6b84d8184f3a871fcff729da13fdc7ec90ec7a401f9b60aa067dd609d454108afb722861282d27cfedd43e40ea3d59d40fbaa092778768cf86ffa3f24724d6a7e4934d926f9abc4be8718b1d26aac69311078c45487ffe90c6d144bec6ffac5ffebd93d2693416c0571b622053f075dec449dd967f395c056ecd0cd2ab2c1f8e495b1757e0e792c8ba0e705af6370b998bc01d2c48ce7f06e68c2566535fb6f230c5edcd9c32bd383540414173545d7853159f31f799c6fd3f8206c2e66cc51ef94f3aca6c6fa99f09ea9e2695f29b1de07bb4fe1303b64ce3c21d1abbb9bc5a48efee9141f2803158ff74c35ddcc805f3d13829bb5e0476a9f09992e10251fae1e0af498a152ed3f25c10fc79d3bb60f584eb19288650ec7d4c7e27ca96638cec8becfa41a7057e7e3f2c5ebffca0ada6cd5e27daa8232901596fdeb09237bded6f0f824d9ef5a9bb7e754a99676c1be735c8d23c8bda4dbff0223f4dbdc37e29a38e80b4de5999c43a173c0755608b6866a86bfe30d19202e2257acbc277ac7aeabd522e0438069b3479b8ac5910e4d2242d11c13e34a8d407ff499c28410f1c3cec7a60b450b27e3b88b95d8d65d4f44b5af8edce24bbbe409abbdf7afde00d2fb6c631cfea89c5c3b4e37d664092d2b6eae2614853dcf963f44e451c7862e568c3f4fd5b6b83a5bb91e307fc6f0ea4288382b36ac943a26d203491ca6c3a7401c2716807c084b25f28e1dfd0ee9fa799844414bbdae3381d957b312dace25f29d959eebbddd4d5c20006c51164dbd5f2d7bbe315ec3d5367ea6d3380afe8868f665a4f748af1eb8f8efdaff273d05a9e36b42e6ff49e576f246f5dee92d7a0c04d170dc3aaaa44e9ca363c14a9536ba4e3ae1b15895f179b44eb9118df5bfe91c8d09926ffbf67402210b8249787661a7d34da97d3be063f27c1dc8201f57720b69cab7d891d1a602425f363bb5217a98134f95e441684c3f94fb809ed6492881ec32d048f7cd72161edab5458c12aebc535ff8ed55957d29660109cf489eee90dcbcaf3110deb69bdea8651b5032202950bc37d62520fcb21e542bdee9fd392f61fb571a3ff83e3ae9389ee42c0501432b90a2f04ff07b9220e4ea4eee7efe264f0b4bd5ae3cdd7442b6dcc4a8c5e1427ed5ca407c196f3ddbbbf826baccbc38319ae6347453dc82a4849fb86a3babfb821b853ea34e284216f0000ed55b00ae7c1c95c43e7fa676b9e43184e885c8cda759e5daf28f6c31194cda0a096de579e25552093079f44f903e832c586295cb8a279bc4f0118d61fd2a2efe184f7759dcbd3d0408e3d7b89c129499ee82a40f2f22886cb490d3d9f71e2b6e1e5f6a529351352f709519bff01a4199455ca3bf41df3fe97915efc9c2cb02300d3ace73ef4393894718dd08b42b92080c7ae1bfacf0afe9ce614eab25a13c761d23f0f7df5c01330e08d98847e72a892e2eb2e8ae3edda2d623f1e9f8e0e86ce50f007da6489f4b9cac2bb9c9f748e37c09edac4c539079a5447c2258a47e52f30f421082549c827ad7c28d6e4b72f9010d44e46378478a6e9b25dfdbb12b636fba47c30202979d89d930a66013feea094ee354efc7da33f7c0490e39dcbeffbaeb135e5c8317c3285ebf6c9d6a5317b7588b613813a425de76e89b12d84971b4c158fb7071704ae3b90a6d3cfc515c03c222e2acb3ac76e97fe61ebe6afbb213ea97857ffb5d2300f33d873db858c0a4c89da53454a9cb10fa49587911a847492e7920c8e43f3befed2810c545147ab67ee291c198b0df79bb0b59268c5ba16f8e764b8a64d941cb647390fa6bece19787bc0437653042ab4a487e73d885f0c246b09f1b8e77c560483a10b4be36748f93bb53cdaf25f4e109d591bad3c691825aaaca68eb94b1585be04adabdbfde852338a2dcca2ab1a37799d0e19a2a5cf64a2cb6dfca827772acd61f187aa5477870fd6363b502e78e057b519b4a52ed68f77532503b9d7870d5349bb5069167c59c2d922426d393dc978c9b2885811dd47390ccfc1e581879bb099d2fb280b3bd50bceb16f5b023890c0b216d4cfb26a71460aeff3277eae69ff69002efffe447ecb83eef65c65fb26d2446c417c2622e8a428ffa865dea351539e996fc3df0b9eefa035854a93f5d6d5f253ae4433cba2dd8bf5f0e9cb9c34163976bbb164a24038d956e02c18de2af3e6aaf25da0b4101da5f657c94b0d7b50a3888c561db5d65f6026e5b77f0eb50020cebb6ee43af4e07aaa761287d0dbe1289bd4cdbc30c641a57bb08d55312a70715fc0723cd02761b07feddfd28ca8d0fe1c80c13488ba922dae5bd6d589b7496cf0ff0e78a4678ee93bc03009f83b9cf4558e43ddee74693c185f0a542cced078d403359946707acbfe6b0b95e7b9f14fad69b7e921b2957f4353398c6b3af8ad55e4b25f06df523ceedae934a0cc9b26b355c2704759a694076c9767fab3f9e207cb1efaacf5b4b14c1f728feae61d9c1b1272f89bab9fb7aa3aeac3c512da05cb1e07de2c202ea6a84c8af9ce867da8c119c4046feed0075630b758639a9602202677d3a24bb890d90cb35d28110267c2307f67ec3eea71ea41f37b5ab211d835a311cbb09c696bee6ad9757de0360d741f02194b291efd933683092280917390618ee4b5172bfa4bc844a90c786380171d8f8cb44ce8a526d3f20a87302fb83ba4e0cd58f4c383e596d72dd90d5854b8d3665672e01dcbc32e1f7e199594b8a191f75b03982010cbd2aa20daead37d24af011eeb79faa897a11725cc6057ff68500f864dc37d037ceb7bb1b6399ce934ff392ae615b688773f096115f782b4db598398ffbfaccc97c1441f754dfdb43370e29a536eced6f3b959af5863afd0257424503fd5b76f798fbc725e75abad01f32943b338eedf16044fc3898f38937d91cc2e75b5f9c0fb7eae66c1630496312024bb516dcfa6873671ae84fb566ea93e56a2509166e919501f97ccae50aa48f8821c699f3d9ef139fdce4c52d38abcb853cebc28b513ed7c02203e39ba072e42c53124eef182da78e122d3005f0d7274bd449dd2f2dffcef1e0086d8d4b84492c195a4b854e9699c15e6e2da2d271026b8a14b525ac841d6b6ef5afbbe308d6f4e2822443e9cc05827db4a4a5b333e97ecd2464c297a957773a4ce9c5e738029849841dff02c5e52c10568ffa58ce94278de9174fff148a748019cb1ebd7431f37720d69fbc42ba21570ed45c6d1b868"}, 0x1001) [ 577.357235] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 577.365325] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 577.373435] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 577.381441] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 577.387956] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 577.395584] Interruptibility = 00000000 ActivityState = 00000000 [ 577.401906] *** Host State *** [ 577.407795] RIP = 0xffffffff812b0dfc RSP = 0xffff88807206f380 [ 577.413947] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 577.420399] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 577.428337] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 577.434339] CR0=0000000080050033 CR3=00000000625e9000 CR4=00000000001426e0 [ 577.441408] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 577.448218] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 577.454379] *** Control State *** 12:19:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 577.457873] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 577.464669] EntryControls=0000d1ff ExitControls=002fefff [ 577.470164] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 577.477243] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 577.484011] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 577.490631] reason=80000021 qualification=0000000000000000 [ 577.497091] IDTVectoring: info=00000000 errcode=00000000 [ 577.502634] TSC Offset = 0xfffffec6d41aca57 [ 577.506983] TPR Threshold = 0x00 [ 577.510382] EPT pointer = 0x000000005e75c01e 12:19:35 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:35 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SVE_SET_VL(0x32, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clock_gettime(0x0, 0x0) openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000000), 0xc4, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x48, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) [ 577.853013] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 577.864526] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT 12:19:36 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x8000000d, 0x8, 0x4, 0xffffffffffffffe1, 0x0, r0, 0x1}, 0x2c) 12:19:36 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:19:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(0xffffffffffffffff) mknod(&(0x7f0000000480)='./file0\x00', 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 12:19:36 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x41e243, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x6}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000180)={r2, @in6={{0xa, 0x4e21, 0x98a, @remote, 0xffffffffffffffff}}}, 0x84) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x15, 0x0, 0x0, 0x80000000, 0x12, 0xffffffffffffffff, 0x2c2f}, 0x2c) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000340)={{0x3, 0x3, 0x6, 0x1, 0x2d}, 0x8, 0x800, 'id0\x00', 'timer0\x00', 0x0, 0x400, 0xff4a, 0x1, 0x6}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:36 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 578.272891] *** Guest State *** [ 578.276388] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 578.285571] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 578.294500] CR3 = 0x0000000000000000 [ 578.298252] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 578.304341] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 578.310356] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 578.317160] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 578.325251] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.333336] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.341358] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.349434] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.357510] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.365576] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 578.373690] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 578.381758] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 578.389874] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 578.397981] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 578.404475] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 578.412084] Interruptibility = 00000000 ActivityState = 00000000 [ 578.418348] *** Host State *** [ 578.421580] RIP = 0xffffffff812b0dfc RSP = 0xffff8881ffe3f380 [ 578.427659] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 578.434173] FSBase=00007f3a33aac700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 578.442100] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 578.448045] CR0=0000000080050033 CR3=000000020317e000 CR4=00000000001426f0 [ 578.455163] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 578.461942] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 578.468027] *** Control State *** 12:19:36 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000000)) [ 578.471513] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 578.478274] EntryControls=0000d1ff ExitControls=002fefff [ 578.483823] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 578.490792] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 578.497555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 578.504237] reason=80000021 qualification=0000000000000000 [ 578.510594] IDTVectoring: info=00000000 errcode=00000000 [ 578.516121] TSC Offset = 0xfffffec6469d6094 [ 578.520474] EPT pointer = 0x0000000011dc001e 12:19:36 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, 0x0) 12:19:36 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x20240, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x5, 0x8, 0x0, 0x100}, 'syz1\x00', 0x11}) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f00000000c0)) unshare(0x28020400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x15, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) [ 578.634760] *** Guest State *** [ 578.638303] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 578.647300] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 578.656344] CR3 = 0x0000000000000000 [ 578.660094] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 578.666164] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 578.672323] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 12:19:36 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a0") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 578.679236] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 578.687270] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.695317] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.703353] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.711339] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.719368] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 578.727414] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 578.735446] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 578.743499] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 578.751481] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 578.759486] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 578.765960] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 578.773480] Interruptibility = 00000000 ActivityState = 00000000 [ 578.779729] *** Host State *** 12:19:36 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a0") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 578.782999] RIP = 0xffffffff812b0dfc RSP = 0xffff88820b2ff380 [ 578.788991] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 578.795462] FSBase=00007f3a33a8b700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 578.803301] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 578.809190] CR0=0000000080050033 CR3=000000020317e000 CR4=00000000001426f0 [ 578.816293] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 578.823017] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 578.829072] *** Control State *** [ 578.832579] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 578.839244] EntryControls=0000d1ff ExitControls=002fefff [ 578.844748] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 578.851675] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 578.858422] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 578.865057] reason=80000021 qualification=0000000000000000 [ 578.871378] IDTVectoring: info=00000000 errcode=00000000 [ 578.876892] TSC Offset = 0xfffffec615a0eaad [ 578.881228] EPT pointer = 0x00000001f6d5601e 12:19:37 executing program 1: unshare(0x28020400) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0xf) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) finit_module(r0, &(0x7f0000000000)='/dev/vhci\x00', 0x3) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:37 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a0") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={0x0, 0xdbf}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000200)={r4, 0x10000, 0x9, [0x9, 0x2, 0x306ad127, 0x368, 0x5, 0x1, 0x10001, 0x5, 0x0]}, &(0x7f0000000240)=0x1a) mknod$loop(&(0x7f0000000280)='./file0\x00', 0x6000, 0x1) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$NBD_DO_IT(r0, 0xab03) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:37 executing program 4: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000000)) 12:19:37 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x8000001000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, [], [{}, {0x0, 0x981}]}) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRES16], 0xa) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) 12:19:37 executing program 3: getegid() unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x7, 0x9, 0x3}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:19:37 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) inotify_init1(0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f00000000c0)) 12:19:37 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f0000000700)='configfs\x00', 0x0, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x145000, 0x0) 12:19:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x80000002, 0x0, &(0x7f0000000b80)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r0, 0x20, &(0x7f00000001c0)="009d6fe8b3ea0c8e5750f1d17d4de26990d5652d749c2485096232b4c690196c43f4d87a7f9954d867a4dcf29f0997ce96ab2fe42f63ca63eda2d5af2ad4f3baa1e5e6d5d1268df69f75831d3734af958f8a2a93713a15727e258df7fb36dcaf127158f2a9a0703718da17c652dcbfcdd948b654c4e5c310492b179d762c17a8b7323eae77535844458bf76a2c592348a9cbf2d7b0605faddc") r3 = accept(r2, &(0x7f0000000280)=@alg, &(0x7f0000000140)=0x80) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000300)={0x0, 0x4}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000380)={r4, 0x8}, &(0x7f00000003c0)=0x8) syz_open_dev$adsp(&(0x7f0000000400)='/dev/adsp#\x00', 0x3f, 0x404000) syz_open_dev$usbmon(&(0x7f0000000440)='/dev/usbmon#\x00', 0x8001, 0x101000) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000480)='/dev/mixer\x00', 0x2, 0x0) r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/autofs\x00', 0x80000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400284) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000500)={r4, 0x200000}, &(0x7f0000000540)=0x8) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r8, 0x4008ae93, &(0x7f0000000580)=0x2fff) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000a80)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f00000006c0)={0x370, r9, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x84, 0x1, [@TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xcc70}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x74}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x30e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc668}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'bpq0\x00'}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'ib', 0x3a, 'veth1_to_bond\x00'}}]}, @TIPC_NLA_LINK={0x6c, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x24}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER={0x70, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'syz_tun\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'bcsh0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x100, @ipv4={[], [], @broadcast}}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7, @loopback, 0x4}}}}]}, @TIPC_NLA_NET={0x38, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x40}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffffffa9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffffffffffb}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10000}]}, @TIPC_NLA_NODE={0x2c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x68e4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1000}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x164, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100000000000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x24}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x7fffffff, @ipv4={[], [], @remote}, 0xfff}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x0, @remote, 0x10000}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ifb0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x200}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @rand_addr=0x9}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x8dfc, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xffffffffffffffff}}}}]}, @TIPC_NLA_MEDIA={0x28, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x370}, 0x1, 0x0, 0x0, 0x40000}, 0x40044) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f00000005c0)=@assoc_value={r5, 0x139f}, &(0x7f0000000600)=0x8) write$nbd(r7, &(0x7f0000000180)={0x67446698, 0x1, 0x3, 0x4, 0x4, "9570d597faea2e"}, 0x17) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000000)={[0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x20600}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 12:19:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) 12:19:37 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x1}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 579.825080] *** Guest State *** [ 579.828590] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 579.837652] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 579.846596] CR3 = 0x0000000000000000 [ 579.850357] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 579.856519] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 579.862609] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 579.869456] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 579.877623] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 579.885719] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 579.893855] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 579.901948] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 579.909991] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 579.918122] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 579.926182] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 579.934311] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 579.942449] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 579.950567] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 579.957103] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 579.964666] Interruptibility = 00000000 ActivityState = 00000000 [ 579.970914] *** Host State *** [ 579.974272] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f6c6f380 [ 579.980279] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 579.986884] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 579.994809] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 580.000742] CR0=0000000080050033 CR3=000000003000f000 CR4=00000000001426e0 [ 580.007900] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 580.014716] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 580.020801] *** Control State *** [ 580.024475] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 580.031235] EntryControls=0000d1ff ExitControls=002fefff [ 580.036849] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 580.043902] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 580.050594] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 580.057330] reason=80000021 qualification=0000000000000000 [ 580.063749] IDTVectoring: info=00000000 errcode=00000000 [ 580.069224] TSC Offset = 0xfffffec570771b0f [ 580.073699] EPT pointer = 0x00000002029e201e [ 580.095335] *** Guest State *** [ 580.098761] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 580.107971] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 580.116866] CR3 = 0x0000000000000000 [ 580.120593] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 580.126646] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 580.132680] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 580.139353] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 580.147437] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 580.155489] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 580.163576] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 580.171598] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 580.179675] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 580.187706] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 580.195793] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 580.203859] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 580.211961] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 580.219976] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 580.226488] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 580.234001] Interruptibility = 00000000 ActivityState = 00000000 [ 580.240247] *** Host State *** [ 580.243548] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f6c6f380 [ 580.249584] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 580.256095] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 580.263948] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 580.269861] CR0=0000000080050033 CR3=000000003000f000 CR4=00000000001426f0 [ 580.276979] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 580.283745] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 580.289834] *** Control State *** [ 580.293386] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 580.300075] EntryControls=0000d1ff ExitControls=002fefff [ 580.305612] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 580.312616] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 580.319306] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 580.325975] reason=80000021 qualification=0000000000000000 [ 580.332384] IDTVectoring: info=00000000 errcode=00000000 [ 580.337871] TSC Offset = 0xfffffec570771b0f [ 580.342314] EPT pointer = 0x00000002029e201e 12:19:48 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:48 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:48 executing program 0: connect$inet6(0xffffffffffffffff, 0x0, 0x0) dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() clone(0xa0140100, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x11) wait4(0x0, 0x0, 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, 0x0, 0x0) 12:19:48 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/rt6_stats\x00') preadv(r0, &(0x7f0000001300)=[{&(0x7f0000000000)=""/114, 0x72}], 0x1, 0x0) 12:19:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x101000, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000001c0)={0x0, 0x0, 0x6}) r3 = creat(&(0x7f0000000200)='./file0\x00', 0x28) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000240)={r2, 0x80000, r3}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:19:48 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x3, 0x9}, 0x2c) set_tid_address(&(0x7f0000000000)) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x28, &(0x7f0000000440)}, 0x10) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000040)="d64c840500003d59058a45116095942b3ce9715d2c3f8737280242f801de73c71170ac157b51115ee699a3a55b9ae2fc2c807c3e6b00e51e122af39d90574d77f131cf19024627d634b3bb3ee60e11c273100eee406b8807d3a9b6992cdaf69b95e2eecd72d91c", 0x67}, {&(0x7f00000000c0)="e8658418f2e43d1977819ad6577f5d5561f7fbb6629d7e49c93a1fbeb10d3bb6f401836d8bcd41cc800c47e2fef3b7ff34ca4431e2a58afaad3623a743cdd206", 0x40}, {&(0x7f0000000100)="78a96fad44cbd69365c5fdffd2e81cb17cdfe56bcff81385d7e2a0a0bde928e2866df43d774d1f112360136772a1ab9a44eb6f4b1dff2176bb0725ca7e56e5696222b58f5b0a325a222acee0117946b82884374ec2b879be709b27520fc9cebc1522126df5684affc65cd2fb9dfcc62d9788e11b85fa9562412530dedc1e0b48d88db05f56559891ae1d6628e12e4725185da0895d8cc0e34066a0", 0x9b}, {&(0x7f00000001c0)="2144a6c0cb", 0x5}, {&(0x7f0000000200)="5ea8d7505cac9cd5fa30c2b99449b7ed2fdeabe53a9f83b311f08a4c29a9b924420f846ce37c5ee32f79c51cbd4d8d0775477aafc76bcca4f3134eb9a2ebbdd22e3f22f205bb062845cfa80eaafc331cce95c9ddd2f00c994d2b3c0e6fa9eed1706ca342568f2664377b3463681fed08eb3eb9c75d2e695e50572cb7e913e5968fe848c73d6163a96ae2697b0ffab448bb79363e01d4b18d4ff5feeef5ef23efe55fdb8d686f0bd756b0479c678f1e4727f6bb7010e0baa3bfb3902a586b36a57aea71cb923fc2884512a58460924a083c6aa9e31c176d5ae36c990d50e679489a76d9b4808532922efddb6275ddd7b13fd3d06979f4855a54b8d54b", 0xfc}], 0x5, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000003c0)=0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000400)={0x1}) r2 = dup(r0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/autofs\x00', 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000500)={r2, r3, 0x7, 0x3}, 0x10) [ 590.586629] ptrace attach of "/root/syz-executor0"[20531] was attempted by "/root/syz-executor0"[20538] 12:19:48 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x0) 12:19:48 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x8, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000957db398c8198365aed9b460"], 0x0, 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) [ 590.669425] *** Guest State *** [ 590.673524] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 590.682504] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 590.691367] CR3 = 0x0000000000000000 [ 590.695225] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 590.701305] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 590.707497] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 590.714358] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 590.722482] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 590.730504] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 590.738643] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 590.746732] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 590.754852] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:19:48 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 590.762948] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 590.770971] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 590.779103] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 590.787189] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 590.795335] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 590.801781] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 590.809368] Interruptibility = 00000000 ActivityState = 00000000 [ 590.815694] *** Host State *** [ 590.818954] RIP = 0xffffffff812b0dfc RSP = 0xffff88820b6bf380 [ 590.825088] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 590.831567] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 590.839510] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 590.845508] CR0=0000000080050033 CR3=0000000078c3c000 CR4=00000000001426e0 [ 590.852666] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 590.859373] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 590.865556] *** Control State *** [ 590.869060] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 590.875874] EntryControls=0000d1ff ExitControls=002fefff [ 590.881370] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 590.889160] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 590.895964] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 590.902704] reason=80000021 qualification=0000000000000000 [ 590.909074] IDTVectoring: info=00000000 errcode=00000000 [ 590.914646] TSC Offset = 0xfffffebfa08206c9 12:19:49 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) shutdown(r0, 0x0) [ 590.919026] TPR Threshold = 0x00 [ 590.922559] EPT pointer = 0x00000001f7ae801e 12:19:49 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, 0x0, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) [ 591.011101] *** Guest State *** [ 591.014727] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 591.023734] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 591.032675] CR3 = 0x0000000000000000 [ 591.036422] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 591.042595] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 591.048617] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 591.055498] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 591.063602] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 591.071625] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 591.079749] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 591.087863] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 591.096022] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:19:49 executing program 0: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) accept$inet(0xffffffffffffffff, 0x0, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) open(0x0, 0x0, 0x0) write$cgroup_type(r0, &(0x7f0000000340)='threaded\x00', 0xa7571fbb) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) write(0xffffffffffffffff, &(0x7f0000000600), 0x0) [ 591.104108] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 591.112232] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 591.120285] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 591.128402] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 591.136504] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 591.143047] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 591.150533] Interruptibility = 00000000 ActivityState = 00000000 [ 591.156894] *** Host State *** [ 591.160152] RIP = 0xffffffff812b0dfc RSP = 0xffff8881ffe3f380 [ 591.166308] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 591.172837] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 591.180679] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 591.186709] CR0=0000000080050033 CR3=0000000078c3c000 CR4=00000000001426e0 [ 591.193849] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 591.200556] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 591.206744] *** Control State *** [ 591.210255] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 591.217056] EntryControls=0000d1ff ExitControls=002fefff [ 591.222620] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 591.229585] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 591.236362] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 591.243048] reason=80000021 qualification=0000000000000000 [ 591.249399] IDTVectoring: info=00000000 errcode=00000000 [ 591.254950] TSC Offset = 0xfffffebf6f87fd75 [ 591.259310] EPT pointer = 0x0000000200e9101e 12:19:49 executing program 3: unshare(0x100) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) r2 = syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/mnt\x00') flistxattr(r2, &(0x7f0000000140)=""/210, 0xd2) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r0, 0x28, &(0x7f0000000080)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={r3, 0x3, 0x10}, 0xc) 12:19:49 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:49 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, 0x0, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:49 executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000001740)=0xc) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) accept$inet(r0, 0x0, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000340)='threaded\x00', 0xa7571fbb) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r3, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) write(0xffffffffffffffff, &(0x7f0000000600), 0x0) 12:19:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) r4 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x0, 0x2) ioctl$IOC_PR_CLEAR(r4, 0x401070cd, &(0x7f00000001c0)={0x2}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff], 0x0, 0x20600}) write$P9_RSETATTR(r4, &(0x7f0000000200)={0x7, 0x1b, 0x1}, 0x7) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:49 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, 0x0, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) 12:19:49 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x200, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000240)={0x0, 0x2cc0d7f8}, &(0x7f00000002c0)=0x8) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x200000, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000340)={0x0, 0xfffffffffffffffa}, &(0x7f0000000380)=0x8) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000003c0)=@assoc_value={r2, 0x3}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x2, 0x2, 0x200, 0x100000001}, &(0x7f0000000100)=0x10) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000140)={@rand_addr, @multicast1}, &(0x7f0000000180)=0x8) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f00000001c0)) unshare(0x4007fd) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000500), &(0x7f0000000480)=0xfffffffffffffdf9) write$P9_RLINK(r1, &(0x7f00000004c0)={0x7, 0x47, 0x1}, 0x7) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000600)={@broadcast, @local}, 0x8) prctl$PR_SET_DUMPABLE(0x4, 0x1) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000080)={0x2, 0x8, 0x1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r3, &(0x7f0000000100), 0x0}, 0x18) setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000200)="99980f4e48874d17293e282e78", 0xd) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000540)={0xf8d, {{0x2, 0x4e23, @local}}}, 0x88) getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) 12:19:49 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) 12:19:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) socket$nl_crypto(0x10, 0x3, 0x15) recvfrom$inet6(r1, &(0x7f0000000140), 0x0, 0x40000000, &(0x7f00000001c0)={0xa, 0x4e24, 0x100, @empty, 0xffffffff}, 0x1c) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:19:49 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) r2 = syz_open_procfs(0x0, &(0x7f0000000800)='net/netfilter\x00') ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000840)={0xd, 0x912}) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200400, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000000c0)=0xe8) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f00000005c0)=0xe8) r9 = getgid() write$FUSE_DIRENTPLUS(r3, &(0x7f0000000600)={0x200, 0x0, 0x6, [{{0x3, 0x3, 0x39, 0x0, 0xd12, 0x7fffffff, {0x5, 0x9, 0x9, 0x3, 0x7f, 0x894, 0x80000001, 0x5, 0x12, 0xffff, 0x100000000, r4, r5, 0x9, 0x7}}, {0x0, 0x3b, 0x2, 0x0, '#/'}}, {{0x5, 0x3, 0x5, 0x6, 0x800, 0xfff, {0x6, 0x7, 0x1f, 0x8, 0x100, 0xfffffffffffffffc, 0xb8adc9e, 0x7, 0x7fff, 0x80000001, 0x8, r6, r7, 0x100000000}}, {0x6, 0x639, 0xa, 0xfffffffffffffff7, '/dev/vhci\x00'}}, {{0x4, 0x0, 0xff, 0x101, 0x2, 0xf34d, {0x5, 0x8, 0x92, 0x3ff, 0x101, 0x80000000, 0xfffffffffffffffc, 0x7fffffff, 0xd2, 0x5c7ef1d5, 0x80, r8, r9, 0x1, 0x32}}, {0x3, 0x0, 0xa, 0xffffffffffffff01, '/dev/vhci\x00'}}]}, 0x200) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:19:50 executing program 3: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x2, 0x0) unshare(0x20000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 592.156637] *** Guest State *** [ 592.160059] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 592.169087] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 592.178049] CR3 = 0x0000000000000000 [ 592.181768] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 592.188401] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 592.194470] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 592.201170] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 592.209234] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.217267] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.225314] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.233341] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.241337] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:19:50 executing program 0: 12:19:50 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) 12:19:50 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x20000, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000040)) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 592.249414] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 592.257559] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 592.265634] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 592.273658] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 592.281651] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 592.288227] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 592.295774] Interruptibility = 00000000 ActivityState = 00000000 [ 592.302134] *** Host State *** [ 592.305386] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f257f380 [ 592.311427] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 592.317978] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 592.325910] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 592.331930] CR0=0000000080050033 CR3=00000001f3a8a000 CR4=00000000001426f0 [ 592.338992] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 592.345766] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 592.351935] *** Control State *** [ 592.355432] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 592.362234] EntryControls=0000d1ff ExitControls=002fefff [ 592.367730] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 592.374776] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 592.381485] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 592.388199] reason=80000021 qualification=0000000000000000 [ 592.394622] IDTVectoring: info=00000000 errcode=00000000 [ 592.400103] TSC Offset = 0xfffffebed88e496f [ 592.404550] TPR Threshold = 0x00 [ 592.407949] EPT pointer = 0x00000001fbd1901e [ 592.671307] *** Guest State *** [ 592.674882] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 592.683881] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 592.692818] CR3 = 0x0000000000000000 [ 592.696568] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 592.702715] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 592.708732] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 592.715595] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 592.723916] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.732019] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.740059] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.748186] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 592.756342] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 12:19:50 executing program 4: 12:19:50 executing program 2: r0 = socket(0xa, 0x100000000000003, 0x2) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8906, 0x0) 12:19:50 executing program 0: [ 592.764488] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 592.772583] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 592.780599] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 592.788775] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 592.796856] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 592.803417] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 592.810964] Interruptibility = 00000000 ActivityState = 00000000 [ 592.817349] *** Host State *** [ 592.820591] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f257f380 [ 592.826725] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 592.833252] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 592.841092] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 592.847129] CR0=0000000080050033 CR3=00000001f3a8a000 CR4=00000000001426e0 [ 592.854264] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 592.860968] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 592.867164] *** Control State *** [ 592.870668] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 592.877488] EntryControls=0000d1ff ExitControls=002fefff [ 592.883081] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 592.890049] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 592.896872] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 592.903603] reason=80000021 qualification=0000000000000000 [ 592.909969] IDTVectoring: info=00000000 errcode=00000000 [ 592.915562] TSC Offset = 0xfffffebe8a89f2fc 12:19:51 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000040)={0x3ff, 0x0, 0x10001, 0x822}) ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000080)={r2, 0x9}) [ 592.919930] EPT pointer = 0x00000001f20f301e 12:19:51 executing program 0: 12:19:51 executing program 4: 12:19:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x0, 0x0) ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000001c0)=0x7ff) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000200)=0x5) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 593.298799] *** Guest State *** [ 593.302556] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 593.311438] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 593.320441] CR3 = 0x0000000000000000 [ 593.324260] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 593.330298] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 593.336367] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 593.343182] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 593.351225] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 593.359322] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 593.367410] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 593.375593] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 593.383727] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 593.391738] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 593.399821] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 593.407897] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 593.416071] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 593.424154] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 593.430595] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 593.438131] Interruptibility = 00000000 ActivityState = 00000000 [ 593.444453] *** Host State *** [ 593.447679] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f424f380 [ 593.453762] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 593.460246] FSBase=00007f3a33acd700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 593.468197] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 593.474207] CR0=0000000080050033 CR3=00000001f2552000 CR4=00000000001426f0 [ 593.481261] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 593.488072] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 593.494195] *** Control State *** [ 593.497679] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 593.504536] EntryControls=0000d1ff ExitControls=002fefff [ 593.510015] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 593.517047] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 593.523806] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 593.530432] reason=80000021 qualification=0000000000000000 [ 593.536854] IDTVectoring: info=00000000 errcode=00000000 [ 593.543248] TSC Offset = 0xfffffebe392cabfe [ 593.547603] TPR Threshold = 0x00 [ 593.550970] EPT pointer = 0x00000001f237b01e 12:20:01 executing program 1: openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80, 0x84) timer_create(0x1, &(0x7f0000000000)={0x0, 0x1c, 0x7, @thr={&(0x7f00000001c0)="74efe07288d16db3f88cbdf7904b951912c2d530015393722f4cb4d673bf61fe24b5d9b88875f16f23f0d27e0842872a13684c3c9c75bfa0eaf95d003c61dcb0299a9a799019569b2f3ca8b7329d75d348dc901a33d00c2b32d73b5bbe1c2060aea0c30b2a6c55559b1d070e2d71a6032418681e681b698b62f6f243b60cbb42cab0fa920677802013be4ed053f055a207c1dd13191a491773dcae2d7d6d545adc17ac78771e1061cc033e79eae6fc585cee7b0c11cc79075164851bc024169589d2f3e181552d67c9886b9539cad48063e6a6134aa3ec9c6a56e4f13185d44c", &(0x7f00000002c0)="d469c515c218ea9e1aa21089da244307b4920557e649a6c8e211c866f3493372dd84402606a3bb3efdd65c30938aeb1269da83d95a25aa9b542e9b01966e35b673fbc5281011877c0523c024fc2ea364b5096ac63d62940d71ee253ca3b4b4f66372a25893c125fea7220fed427d88ce0a24a630a2822a5a78f81fc9dc4d1fba617c298ec81098213d1b9181461f3cfaea6ef86f4db8b121399018e4d75cd68940d6d1a34ae6f09e266ff61b7891f1ca051d0cc1de0cac20a31cb2f6baab495cc53678c4947880251182b4ecb088db926bd6f7506b07ebe4e915ecd1deff8df5000ec20c876f9b9ee42cba8d8c33859412370aef4b84ee8a78c2f367c4ef46832ddf7557d7751795844ac91990a3a95ed8b4d9cbfebba8a8083f33d1f61aab44e076188f2e5d17dbeccc5482d85c2cb05c4e180be1132b30749283d24f189e364a111066e8643b963967c7f5628c2062676aed413458f2c9608640dcc9ffdb24cd60437722000d3a58c52933b167a995d937b91da59e1140987d42f062315efb57db9159292f4021ebc38e39dc9f2250bcb4109bbd15c46e95fd7c90a5fbf9f4825f5f68933d8a30297b1742f840a81325b696728e4344f0db874ca644132b6b5b1e74a8f01ab463524192853f973b63909642a3f66cb3dce32ea3149a514ce6bcd72c4deb880efa125abbeff6f667ab5d1c784d6e7d62de54f1e8fd583c2d189a8ab72a030ad3bede6918966e86cd5a9d48298ccbb3234513f29e24f6a84f22d5f6c53b9701fa2192ee3c8b2ee595b755acf020e192e2329b10e3e90cab500d31b17c7fd46a7ec1693e66043535beb280eefeadd13f492cc8be3b1494f0d9f5cc2d7fb0591ff70d6c71101a000d0690b7d3b829c1c8c9ef4c212b1d7de4da871a195dbfc161dd0e17f4add67a4d44c7d5dab5ec7fd3cb955086c524a71256964c82dd20ad4592ca92552279be4960aefded259dca284bfc1e4eb8baf7ac370c85c80e2a34b442ec13ea758e23cce23690014f172b1a742d5c720a6fd25f529cdfb9240ab48f8df1f775afea34d74b3655b54779069caa488a2a3f934ccd80a8822ec0c2335f1c884e4b0c618e4a073335a64b9537af2a77db9060d341b8e29390150cbe044bd834c8c8de4eacd13abbf9cd46314283e5e3367ec01a8bbbda96c617b9778f7c31c75f569e6f1c914062453ca1c704c2f4f7835ca52bf47cb9eb91f646d522e9d5cd7791d8cbb73d4eb1a9a6f87d6b02c7ff4c9f420634ac51e706cf63e786d8a3b5bca0a3047aa99436d633253fd3ed9151a09bc6fcee19848ed9e6419e51bb6a05fc187b28b1c774be0039c31279a00ef251d332ec799a6e2e0f4165489ed863a4c148816922a04210443fe6b4c945f4db6955dbd7c081c83911225b78466b3b5ff1ebabe60ef5af0e51ef55e22079fe23ee740554e52dcbcd96b41ddbb791ccd3c4a26d37d4f5e0a65f18a04e06784ff7109af25074bab66251a94f3cb0eb137db86e159f6a7c1b7329d2b8032ab828bc636cdc799ff9b8f792261b31ba517df83ef26eb611f26638b23e6428f5f15b86b84853f6ac49a9dbedfd66a4d1d881d3619cf214b1c1d65634ba821188462fe8c015b5ce73076024a76fe1907e65235aee892b70ebca64a694f7ef4479690b3fc59f89afb0cab7c6e752b3faa952affa8f079ffb32adcb057dd79313dd9ae832c4372c0f188abd41eb80ea1d3170ad7b6361ed33f97f2a2501c86a261167c8afc5ed65fe4dfc285d2aa1ffa715a6530ccf172c552504499e14c70edb4b12008ce6b60f53f8648cfc902f100327b243907810eec49d46dcc9bbbc52e703038deb227c5c64e40b02666f6e43d402496562e28529161d56f04664a1c07a57241870f0c3dde8febc19fb2d4edd6d92b8aa203112561150eb2f0dacda9f22ce649908237e86ba84929be96672019887117aaad2c4a9e140b37ddf8239929e54fc4f5d63c16f34cc9355666b4078875d617af7b09e6462a0aec259f2eea0241364495ad8aea3b72bc6602abe4d6e7fc1ab306b95640ea541f02dfc02881ab7bc9e4a325734329377eb995cfbc3adb5fdb2685fc39c03e34d663b67e7e3fe561ff970fa1ba66722df4b6731f464aff1ffb41c844f69f2dfa8e233fe9050e0d295a7f7f4a796131a6ea993228456655f96b517fca461dec11b6d228d36544189a336a49463abfc675e0b74eb0a2004f0c067a74f33a3e67f05261c46a655220c1af724ceb8bd5de997e5900269c01907e59384095c9caaecdeaecb6beb8330fde690db989437663c3e1cb8c6c2c9b557b39b375daa91b65ab06538fa0207c00710d6088b45c4151e9cf616cf88d1754389687a08cb7961d9b1e8077e392443a240851ddd638d17045b58a5557f0e205a75915d884d4764b5aa92fe1269227564711d32e8b4e85abbefeacb1af9692deb903e71abce4948e3554d41cd177dd536fc2c9b2874796b77ebad8be3d6c9747cbb43535e83471653ec44f2fb28e4a9285a0bf4e123d919a2a95fa81a50434a8a2444a187fc469145c73aaf10fa176a43fa7ee7dc34d071f74bd8af0d0d207273fa51b108f651def6e7893176b37547155788166d3c98a2337c2e8347e8a5fc38b36d03f4e5e41283eee183a5c9779b641ae61f6ac06befa3506aaa5c9bfc8658af2a2154a982fb04821ae6748214b1b95a418659da07f69a66b2cba76845dcc2517538ea116fda32758c3d7a70494bcc68a2d96bcba9615f96cae434cd1691d65beaa54ff0ba9e67ef8b6651301f30efbe0f998007d302e947457b65856bbbfc75ecc704ad5dca9b6e6cc94d538c0782e8df9bd46d3e7d1577aab4ad0e8f05329776244bc6d9db0b25ae077dd177ed88e1059e2c0c27fe421a4d6fb04897636bd48b778945327f5a93d65caba36afb07286e77f8bb2eda09316196aad4a7cd67f562ddab7838b4be5d873f96f10b76926c6a4cccae5e74be424ebb26db626647ca730c66d72f784b16af2c1497c87892dfab62ab8af9ff812d810308fb2fd7311a32e3c3cc9f2d0a1073f7e1b0dc862a8e54bf85ffa6e95a10f705f095860471200290bafdc086fbc183f871fd8b52f6ba7644f0a76e587218058ea63a89513060ecac350775953f0e6136d0b7fd14786736833a8657f6dc83a851281ae677e38af66d4411bd2eb24e80407d6d4572ccd27d770dc8c37c6792843b521ec9cf91ea63e7674dce172ffe7e29edd2523246b8b55488d9dede3764ca03878bf2d2631a3e8eec7371dca8d4185fd8d3bdfbd58806732b72a0ed6e455ff05615d1568b46991a464204122f57732eae27a9ddc994918b5224e3af9f6ce96a165f668832d6bfc9cf13c5b261033449e30a848bc152be55303ff0d221abbfca7d57e2539dd681325ef11c3fc7bcdc91fe1f6573d1b0010e17933d9678e2c0810501234f807c405db5d7de9dd0e3416db966dc9c5cf93770cd53a0f4022a45cae017fac40664bd6a2ad4baf146539caa581ed5ee6c177f576ca1f619e6aab9bed1cc3e55c4a3898a2dbc815b79f7691cd33dcb9fd2251150474b085894641a28a9c34908c4420a68887ca3f6f1f3d0ffab9c69963834c3ceb310af2eaefae2b3f60463288d305e0445427745cdc2ca1c34a6bce19172b3bf95c0755a23ee507ee4438fba71c1500b21883d3c5cdb0fac44e31c533f6be26e8784c01a89da0b213c3d2ddc7540b8dc522c00efd44e73663c8d4dee693875ebd5f71207ccae72e5927b6eef5f4cc9479b63be4a65f8086a6de853e97b0b4e7aed8ccc267028538666a5edcd69348ead864f48fcf4002256721078b5bbebc80d0b144b9cdf1f9e67481bcd2366cf059d47fccbec0ab2565962a98f8ca4b1c668f523d33c1fc857a4a688f507089efa42240bce01295aa19a6fae5268e419620f89d3a6db6c70fd5ab15a423cc0d4b5cb4e08d20419175d8c25341640c23a86fa10f7d5150ef782763a35ee9af625e0f9d529a6ef3c1030b36af418dc90c4b4988a9c3954c97514f3371a1ea06c87e0f8d153ee28a9a32eceeb2ab65b8cee395dd3e405a4cee11761cb0db3ae3da25349bc569cef180803f8f38e7073942a9540b5300a37539f52faf22f5fb008a8c6615f46d3badce50e4bb95077447866c0f4ba3c512d90c4e95e7f3e3ede2f152694bdf29ffc7de45601ae0f83b761fac0e0d26affe868dd6b38b6d899aa8b7bb49821d1c6ad9f14698272cda78e75242436dd37ceed97c97cd3b144fc2c6325e3255a11639af8fb5955c40cfbc7b70aad12d661a247e4eadba69c92fdd3e4247618e6687077bfaeddb6c18ef69e36f744821feefdd42e5fe23da31ff91ca580a5b1cfcae91c69aaa2da950f235ab1757d4d9bcc428d99f6ce027fa849dd7f194ee1550cf8b24b3392e73102baf0c57dd72743d9ab838dc3ccd89135337b9d9757c1d977daf6979fe1c3fe35a4ebe20170065a6c844ae9fabbfafc57b7fea4f22fda822d76d7fa1ebc86a1ae10f022bc675b21d4a1f7a92c63f28f480ae805c871e27df878ad099f712d429c917e491183ae187e0c29d68905933fdbebf8f81ad6120dd35ad436dc43a8c503c702e20166898f33d8925b12f9fbfee1bc07db3f6cc0999b8234e5a034eabb042e7838b1a0d1b22738d3c34b81c0fbb1d964fc45b733611e5e964806414eb71448b9bead31822c320450965d1626d28eb15c6d3c948c7feadb078684b844e733ab9dcd6be89ad4a30708e4c04f48628b172bf9acb8a15969cd6ce73b903db0d2112ef6e128d8b4fbe86423488e4441733f7ac47a49253015ddc59bea4ff10da776f5b6249267b8ae8ce9ed1a151bf8edd09a10c3fb4630015bc15a1aad26ee153347c2588bba77bc81404d0e12f3a1bf4e7c7802b438ae10fd4b9bd8fb4f1d45a496d73e2545c6829c478f20003c3bf54acf209c5b3f04b56d2431da81f822af4f80238d5a8c42170aae7488d735d725b4cfaaa862c5d062eeb478695db34b7525356d9b3427fceac912f8cefeb329fae35e8d5e455dc35123b5b8194c2fcf7e693b5ebc268a9e6006c673b33ff72750bed43473455253f2dfa46400e088f3791c2781927271c44ed772d103586989e45f0ec3b09043ac373e00033e1613545e53cf35a6be8f02fbb1b156c3e12ccfaea6f6536cfa0f402573a71301ff4fd23811757109fd68142dea0b247d28f31006c31b765bd56132a2caf5948ff4ab2a1c4782108d109612728ef5b7291c2dcf38f2b3611139e0c66f6fcd74e0f544f65baf13fa502af8115a938a0e67b08d8450c1412d2e00febca17934e670e4ff72dfe02cd190a3b5ab88ff571fedd47e4fd9aef3735268ddbab9ef05cc300e78e4e816d68b1104849a725997e1db5cecfb555e2afddf7db21f7498d2b16afb4050bb782d70100c5edcd07afa3ebdad8b0bbb77615635ce345df8353ca3b65b04fbee53a1d59bfcd4862b853bb65efbde69b080f767ee520b0d4682bd1206ed146eb75c98c06381426ae40b014c85fe12c52ec34f15edda1fad6091f9b897119941176764a385ee264245760a052927d1de84957fb106967c53ef357190ddc21026bca391875ff6aa053aaaaeb6e3d857364248412ec82e6a00dfde76304766cd00e066e8958ae9eedcaed49216032437b835d5748e44755b0def202e755e58be35fa467766bf96b9ad498b664efc8bddec4279f1efccd7d3b707495a72cd13c3938321714bfe0cdf993cfa3d13df23af3833658ed9404ab39497bdf470dc2b7932a0ec356923254435bcbc27f3b2a73736"}}, &(0x7f00000012c0)) unshare(0x28020400) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001340)='cgroup.stat\x00', 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001380)={&(0x7f0000001300)='ppp1\x00', r0}, 0x10) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000180)={0x0, r2, 0x100000000401, 0x80000000000007, 0x7, 0x80054}) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) 12:20:01 executing program 4: 12:20:01 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x40000000000002, 0x0) socketpair(0xc, 0x5, 0x6, &(0x7f0000000140)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000fc0)='memory.stat\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001040)={0xf, 0x100, 0x2, 0xffffffff, 0x20, r1, 0xac}, 0x2c) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0xa, 0xfffffffffffffff8, 0x0, 0x464, 0x20, r2, 0x800}, 0x2c) r3 = openat$cgroup(0xffffffffffffff9c, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000f80)={r3, 0x1, 0x1, 0x0, 0x0}, 0x20) openat$cgroup_ro(r3, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000280)="fa0c000012008152915a655267d7d137ab2ff96e27bf28b285fe3903a44a6017edcaa3a2b4dade3baee72569b51366463fedf5e787c05b0cb5927a3a7edfb4d078e9ae1504d489e058be9fafaa633705b6d4bf6a01f2cd9ebf19724a1b0b9760612582bccd3983ce4474844c065e914dab8bbd52a45f431678bfe28633bf7c8dc83df809238ed87f1e393883ef750ce79c6f84e5e5de176e2f26024e4e3a3d8fbdaf3254022f265d8ccc5fd7205d9d9c2c407ec58162523082d81a39c43f782332ba8e82b4107a049cb82bba8b5edd80473844291437b8d22edca68047582e6be601e9df5e60a32c7cd202c5a30b8b606e43362739551cbb013b65e238f41cc00d7900140cf06b7bc9030f2563bcf9d4f4b7f48c79ec1a323d06276a0a3f8846b7c62b66f9709cabcaad234c53f3bc9b11165a6321f1db1057f076cfaebf8fbfa033fdc1dc2c3e314b36b3b3dd50425447da8bc5938ff7a17361100ab0b1ffeab7ac487411824224781eb9cdd4edef57ae91cd61f56a56c0599cfc3a491447207610f242da6cd6b030ae5f35e3181c44ae68665a023759b9ef4358db46107edc49194aed72b62600ec0ae4fc9065be059fc010cd6e6c9ea77c666b5e25693fbcf595e3e57113ff3a0e0c63d0604a16ea5adb8b7b54d47d4d8804612fde571863064528a49bf684d8a880a11afd819f186c177c49cac3ba1e9d1aa7ad0ff36b9e36d73c05b8abcaf96df0bacd2c9653f30ec29e1284af8749a9b2803c2727e992a6e65df192e1875c3e6d3553ffb7cb34ffee8f8ac0123c390454b42a0316952cbc9949376d9320ec207f77c2d5eb9e86d720cf8e9008a9a51932b45cd4cab21414c92d1c20f9e15e3fc16c7ce181e9ab19b01b70343934c823b1215e173405dd225233823cd4a604a77f06b14eb05b860e6cf8790335788c43abe9de1598e9952e5c7e6b2f8b17b1788ff3033e7d1635b008834bdf4054e6195e55000827c6202b227dde06f23ae21c00b371bdb6b7ea47b2e78844b52a77f9f0929790dcd7df2752e4af092d539c87c18751a5eb3eb4d38a2a0e070064b4ffaacff0543b115cc89f6c7e78f12147ebfcf1c80bac8f98deb59cbe670adb4cd1882a7e0ca4ba85ae9d445223ffb32301d46c0c9b05a830cbea0f72294ab3b539e4ed7cac2e22b235e8ceedeb643fb90b061a58368e76036ff3c1828d8a4e21288662afb6f2acab00d734db7ffc8373a928571819ce9ea6cb0956a6093b2b1f65662b76bc6ac8a171451714e1d0e4ff7647fe7551d3cf16f37cb5547317e4fef51e4fb471de6ffbb90c2dd4a64266c4c2f75fc62e58ec306fb92212fb262d8b138899a3b53e67cde2f97d94cd2265cc04d32b29edf77e75b1f88372495cb2937f183bfc8604d72efb3af5c1f41b665b25592676b0ad2185478eade7e663e743e0e09cce6224c787ce1d789dc4a9b350bfe3a75f551341b11dd96cdaea17989dad565b16324a69842dc29a0ed16744ea5935598ac8238e146139189927a14d3b2863044b63b468ae75f48fab68ad235c36daffebfe4b468fc9b13198b1a683dcd3b3b4294ba22caddbacf8792d5783bc12e2538e4609e6bb6e9eeab98a06452c252a657f400260458c29fae8879097698c9aba2b2d889fc78f00d0d8271e09e8542b71018be6ff8cb03cb423e79303047d6ce124a00f64461b899bbddc4fe87ff677533391e16c01fa9cd6420bdc856c4c7f057b249ee9817efd6ab2cd02eb887d2631435ef2d5a1c7e57ac046ef615a1285ca89ade18ae69af3b3f8f76ca8aa060e373c0f99424fe1c5fadc72fe145fd2d4e4da4b78597890516857de188fcdaf15e3b0871b346cd39ab772cc25fab49e60c818cde934b137144adfc4fbde3ddbeccce9679f02b66746e822c67b3ed5fdafb4a936a2683b39a002115ecd62220605ca542610a80f2e3530aa89d3ed6ed9c57bbfd5db3a0b62786a608309a355443c616032008f9458b2f10db93e29470192370084e9322c309c9b23333b46d04e79176659503ad4b05deebb3c67d715ee6e84a89002ea6f7f71bf41ad36b42c8ae01c97174dbb641e50641aba60c291a84e906c013087370a5043e07d36fcead378f6c1e6ed3f5ac695124b82b20261cf7c9b82172e09c81d7d39eed72aee5678613a3c671ddd44f2c7c75a3b5d316aa165d56594fccab20903d7f503a08928e76c779918b2463b720ee6367a43e494a1db3ed1a80690e665570c01ce7eb979cdd95d4e1ca51730eb2cd63ffb2a56049601627c9788254945142dce85adbe1eb5997d16cdfe2a3758b13dc6bb121e2206ae64206868c1c5e89a101bc121719ac435dcad093f5f67cefd863cc7c8f3fc8a9dc62a83c115f1ce714b18af067951aa06dd9bb4ed98a820bf4704d156977caa4e6415b2a0df0386e2f6a061bf44abc8a397cf4abdafc51b78ebec9831f3c60fde6e62a1fd082903080aef20ff8de8bc0dced06f627514600539ca7114a088848da4244a85b4cf5b976d3a698c9a568d417e276917baba05d1a02181db2e6cc35986da4ccc63f8cd8e85a4a923dd27e2f499664601fdc44fdf46e2d2880cd5a7ece89c370234c438dcc0b43865cc62bad21e9dc37da758cbe01752f02fd9cbfe98630a30a78bb1239e25cdaba3d45d13cd3e7216d9d8070f3ff1a0cd9a0c91f29974c98f2677ba88c1091bde4be0cd37ea5eeb3b9cd59560a00ddd40bbd60ffb8d4daa973ef0977c18dd4b38a605cee957872dca85787c37b6931293eddb77015faf143d1d28d24822d1a5d134799e8175a38b255aaf0e39b68c7f734e2e1e7044626daa84c9113e86d86ef63c863703703ea163319261dcf516c32d49478f7af30d52baa18ea6b0fc286c06b7e4ee019bf3fe74845a652d4a52aaa241a189c411e90e2953863a2bc4124e573607b94cdff19e280731824931a83f056cb5857672619b97ce38081592c0c319ce72e04e9eadce89775cfb5a4b2842663bc79bde565435cbcd46c4d505ceef7dde86512d39d4cb270deb7e79ebf8602bdc0d76c3e833d36ee08be10be634f44056c2f3fd6a328c7cd562e9c96ff7845fc3df81a876bb07f1cc833bed6ca1dc5cf935a4e959db6a4fae6edbc45357d8758faa9cd04cd41eb6efcfbd91658519bf520b90107f767d126854818485e98cb7ef56804de6950bf4e72098a949d14ea0e4e9f2534cf16cac0aeb970fc5c39f37e93910d5c99ac163792260d2280ec5c9a79bf295588ec23f524aae65f800f9c39e338f3d66b1a69e5488e04823eab36ae6ec6a2c5ce133ccd819a2b217b1ab7f4afd1697bb42929b3131358b5421c83f925571934442d0fd0ce3990d4e5d31d8b956f76df3c2f8533e46b892c88692ce009155dd5c7dbe4c86874b95762650f63e4b4aabb41320978b05b80cfe8fa2830904ef6b5c4f7ad46ca5dac151c9077c4d2c6adfe5066a8eb09a9bc6892330ea2b259a53c7137f8498254e1b04bf920c35c5333c4d640b11da60917ae921037b4aedbd6a0fbeeaf88ef6defc830552b4cbe3fe2a844806a48923dd428ea1c8d797bd8e6aabd1d1a8c97c8038b627120a77f4e47fa1f788aa9da268b0ec10fc453cb722685df76547dbf55a16663aa2b2a51e9c52456cccdf682592d1369dd12e3d3cb504e0f2d7004e62c297d5a25d0298045dae8fca8cb795ea57288b85a7e705820087d55ca6c42e920e2aa1174e128622cf64a197fd728cb2949536ba63e8bda8589261f1377caea37302e47228d3708a5666c66ba711d3c0b310a8c47e86d26597299d523c28c90e4feab43e950f398f7b61ccf7e6490d75ba6d8214e2d5ef2d7a088db490e1ebacf4e6eecc896cb1c704f0a8fcdf4ccb5dfa53eaf43d709287f36c10188c19fd59da7d73494de089c1b0a69ee22dcb847001c5317846a876bee1685d11c4db0673ec4c3a12008bb719650525b3c39e2b0469edda93830b3f1bde3e5b0b4637197866bb08c5858cf0d9876e3c7cad54169887bf9c80f9f4be362e1bc8c27f3434e9a918bac355c184bd899b9aebe6be20e70c0c69234342eb8b57aa9ffb7797a32df91cec2bbc90201658ca2297bf1fe68e65363867e1f6ad79b827f363d64fbd3b188d95307d011c4ce5bf4407908c058eeb97ec98dd0ebfdab6b348fa387f2a7573cac25344c983e8fd526c30ee6d59fe99a30c7d7e2864aa22bfa49df5f32da68309cab3ed9c2ce69b6ecb8508ce28a43ebd6c809b8afd07a4606e664965d316f3707a3abee9bcdc32a78031b0171fb565d90c16cd56e5792c0cf618b799715f32538e38f493d4e19ec76fc8a07576a13975706bfc2bb1516c2d18a4385cc37a206eac6c9fb8d073572ba2671d2198abf24fdd0c40d079ae44962c26743b4bf5950ac5ee34c5d7bd60b364ce670958112c37b9829bed7e1327356d6b94af3ba020c2337b2dba37d00af8a128a614390cdde62ce871f948427fb5c187df9a1540a5cc71da1a86144acbfd94bf433f744f0c4f2a675eba3ed251c5b11b08dfefc726c0394a9b75121d88467ed4b2cd69819dfe50693a4a4c8370d3af12f41c0067283bbb5a90044a340fc357a11081a6c13bb9c32d9caa448479fd5f0302b6729ca7233094540b14546d6bcc15771c2686279b34f9c0914f5306d0fabd5979266ea01a17a22507e560dbf904dd62c40e2bccb468710ee4c1caf4e786", 0xcfa}], 0x1}, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000003180)={&(0x7f0000003040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0xffffffffffffff25, &(0x7f0000003100), 0x0, &(0x7f0000003140)=""/29, 0x1d}, 0x0) recvmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000200)=@sco, 0x26c, &(0x7f0000002b80), 0x1e4, &(0x7f00000076c0)=""/156, 0xfffffffffffffe11}, 0x0) 12:20:01 executing program 0: 12:20:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000000)=""/10) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x9, 0x0, 0xfffffffffffffffd], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:20:01 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x0, 0x0) write$9p(r1, &(0x7f0000000040)="bd8041f048dd826a12193dbcde1968dc06cabe2e80d6323ac1b85ccd2931af1c5adcf26789b340ed7c7c32d6731d8267454f8f14f70b781b0b30e2c4d8927290bfd003b5ea5ea07d5d0c3b95646f78688ab8b44a551b440f870c672fc41a0690331e0a0d8d504c9218dfc97c6ac1c51e3dfaac17f23e7572280d5387d5c58c661e74b73d940b440f995fbb5d32bbabb05fb1434248820b68db038b", 0x9b) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000100)=""/253, &(0x7f0000000200)=0xfd) 12:20:01 executing program 0: 12:20:01 executing program 4: [ 603.466396] netlink: 3290 bytes leftover after parsing attributes in process `syz-executor2'. [ 603.475545] netlink: 3290 bytes leftover after parsing attributes in process `syz-executor2'. [ 603.510342] *** Guest State *** [ 603.513836] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 603.522812] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 603.531680] CR3 = 0x0000000000000000 [ 603.535522] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 603.541544] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 603.547664] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 603.554506] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 603.562625] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 603.570647] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 603.578795] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 603.586883] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 603.594992] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 603.603111] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 603.611135] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 603.619282] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 603.627387] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 603.629048] netlink: 3290 bytes leftover after parsing attributes in process `syz-executor2'. [ 603.635480] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 603.635510] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 603.635531] Interruptibility = 00000000 ActivityState = 00000000 [ 603.635541] *** Host State *** [ 603.635568] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f43ff380 [ 603.635610] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 603.635638] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 603.635663] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 603.635691] CR0=0000000080050033 CR3=000000020048e000 CR4=00000000001426f0 [ 603.635721] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 603.635745] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 603.635754] *** Control State *** [ 603.635775] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 603.635793] EntryControls=0000d1ff ExitControls=002fefff [ 603.635819] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 603.635839] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 603.635861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 603.635879] reason=80000021 qualification=0000000000000000 12:20:01 executing program 4: [ 603.635896] IDTVectoring: info=00000000 errcode=00000000 [ 603.635912] TSC Offset = 0xfffffeb8c5e350fc [ 603.635924] TPR Threshold = 0x00 [ 603.635941] EPT pointer = 0x0000000200b5001e 12:20:01 executing program 0: 12:20:01 executing program 4: r0 = socket$unix(0x1, 0x3, 0x0) bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x1}, 0x6e) 12:20:01 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7, 0x101000) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000040)={0x80000000, 0x1, 0x452e, 0x9, 0xc, 0x8000, 0x7, 0x5, 0x400, 0x202bc106, 0x48, 0x4}) 12:20:02 executing program 1: unshare(0x280203fc) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x6, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x1) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000180)="cb674117a2a2e2433aaeeccdf62cb689117de7ec573166b19135391274367ba6d7b9558f992a144f56e7941552f770caab477e8bac8a88f8fa44ac9d5269c4f915bdd23c21c95b773f1ff643a7b6f934c58a7f0062e94545fc00838efbe3fb8636828285dfd24e08096e1d0924190ae84760de04385b0e2722cc5b206aafcaf3e11a646922e1", 0x86}], 0x1) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x8, 0x100000001, 0x0, r0}, 0x2c) 12:20:02 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x200800000000004a) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x85a, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000001e80)=[{{&(0x7f0000000100)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0) 12:20:02 executing program 0: socketpair(0x1, 0x20001000000005, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) socket$kcm(0x2, 0xa, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8917, &(0x7f0000000200)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x02\x00\xdc\xff\xc0\x00\x80\x00\x00\x00\x02?\xfa\xf3W\x14\xf9\x92N2\xde\xf8\xff\tj\xf3\xb8\xb4\xd2\xaf\x99\x97r\xe1v\xb2]W\xe4\xc3\xd9\xa7\xa4 \x90\x87\xa4\x1c#\x14\xa2\xee\xd0\xe3vY\xbc1\xdff4\x93O\xc6`%P\\c\xe7`;V\xfc7\xec\xd9,[\xc2\xeaL\xceg&\x1e7\xb9,\xe4\xf79i\xe2\xad\xf9\xf2\x85Z\x85\x15\xd8I&\x9e}\xeb\xb1\xa6Zf\x11\xf6\x01y\xe2\xcb\xa6\x95R\xaa\xff-\xfcU\x1c\x85\x9f\x8d\xc17l\xa5\xb9\xca\x9ej\xcf\xeeW') 12:20:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x6, 0x101002) r2 = syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0x0, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x4) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:20:02 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt(r0, 0xff, 0x7, &(0x7f0000000000)='O', 0x1) 12:20:02 executing program 3: unshare(0x28020400) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x10000, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000100)={0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0xc, 0x0, &(0x7f0000000140)=[@free_buffer={0x40086303, r1}], 0xf3, 0x0, &(0x7f0000000180)="dce7933a61cd4f09e318de4325f2860bd3eea831bb6a0fa012c35c62aa7d572fc481a926370beea4595475c06c816d4b3f7c89152e52169f947d2915621bfedbed0487bd1f49f149cb942b43b196b4db8d13f84b3b6bde300f41745f537d488119ce02b06460360f9eaefafbbdfc7c63f13f237548d062eb11dc243754c6fa3ebe282bda7917a3e2b9c2cb7cdbf0b257fdcbfc412aaa7873c9b1cb86b34e7670e98ff3c41ceec4617344517b38bb277f06b8de0132df6d573dcc6fe7e54dc8c61903fbe9e4ae262edce6fd92af082a3e5540c804536aa4e155cd82f64e883e0955ee1616a3120c04c14c7fdd1285bb5f0a9ffd"}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r2, &(0x7f0000000100), 0x0}, 0x18) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='ppp0\x00'}, 0x30) sched_setaffinity(r3, 0x8, &(0x7f0000000080)=0x7db281bd) [ 604.431161] syz-executor0 uses obsolete (PF_INET,SOCK_PACKET) [ 604.528955] *** Guest State *** [ 604.532494] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 604.541581] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 604.550650] CR3 = 0x0000000000000000 [ 604.554470] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 604.561060] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 604.567168] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 604.574005] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 604.582168] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 604.590203] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 604.598340] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 604.606615] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 604.614769] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 604.622857] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 604.630887] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 604.638994] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 604.647130] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 604.655234] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 604.661684] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 604.669287] Interruptibility = 00000000 ActivityState = 00000000 [ 604.676089] *** Host State *** [ 604.679322] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f3faf380 [ 604.685449] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 604.691967] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 604.699820] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 604.705847] CR0=0000000080050033 CR3=00000001f2174000 CR4=00000000001426e0 [ 604.712975] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 604.719701] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 604.725890] *** Control State *** 12:20:02 executing program 2: clone(0x2102009ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x4) stat(0x0, 0x0) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) add_key(&(0x7f0000000240)='logon\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000140)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000600)='\xd1?\xf3\xd7v\xdc\xf2\x05\x11\x1c\x87B\xbd\xeb\xc90x0, 0x401}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r3, 0x1}, 0x8) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000000)=0x10000) 12:20:02 executing program 0: mkdir(&(0x7f0000000040)='./control\x00', 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000240)='./control\x00', 0x10) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') preadv(r1, &(0x7f0000000480), 0x100000000000012e, 0x0) 12:20:03 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002700)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg(r1, &(0x7f0000000080)={&(0x7f00000003c0)=@in={0x2, 0x0, @loopback}, 0x80, 0x0}, 0x20000000) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x3, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180000001000000000000000000000009500000000000000"], 0x0, 0x1, 0xfb, &(0x7f00000002c0)=""/251}, 0x48) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000180)={r1, r2}) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000000)={r1}) 12:20:03 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x80000) getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000200)={'broute\x00'}, &(0x7f0000000140)=0x78) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030629100000000000004c9e0000000200aa0802000000000000000000000105000600200000000a00000000000000000500e50000070000001f000000000000250000000000000200010000000000000000020000627c05000500000000000a00000000000000ff1700000000000000000000000001170000000000000000"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) [ 605.201806] *** Guest State *** [ 605.205489] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 605.214499] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 605.223439] CR3 = 0x0000000000000000 [ 605.227193] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 605.233344] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 605.239361] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 605.246145] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 605.254281] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 605.262441] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 605.270481] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 605.278610] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 605.286696] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 605.294816] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 605.302904] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 605.310920] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 605.319045] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 605.327119] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 605.333669] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 605.341159] Interruptibility = 00000000 ActivityState = 00000000 [ 605.347522] *** Host State *** [ 605.350764] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f2c3f380 [ 605.356857] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 605.363404] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 605.371252] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 605.377273] CR0=0000000080050033 CR3=00000001f2174000 CR4=00000000001426e0 [ 605.384407] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 605.391129] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 605.397292] *** Control State *** [ 605.400797] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 605.407562] EntryControls=0000d1ff ExitControls=002fefff [ 605.413154] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 605.420119] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 605.426892] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 605.433578] reason=80000021 qualification=0000000000000000 [ 605.439926] IDTVectoring: info=00000000 errcode=00000000 [ 605.445463] TSC Offset = 0xfffffeb7e9ded4da [ 605.449811] EPT pointer = 0x00000001f401001e 12:20:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) sysfs$3(0x3) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) r4 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0xfff, 0x400) ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r4, 0xc0845658, &(0x7f00000001c0)={0x0, @reserved}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:20:03 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000300)={0xd, 0x9, 0x4, 0x8001, 0x1a, r0}, 0x21f) r2 = syz_open_dev$cec(&(0x7f0000000200)='/dev/cec#\x00', 0x0, 0x2) recvfrom$inet6(r2, &(0x7f0000000240)=""/131, 0x83, 0x2101, 0x0, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000340)="f3d24e9c01b54c4d19abb0b886ae1ab4", 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000000c0)={r0, &(0x7f0000000180)="8b595b10bbe6307b05495d4e1408007abe698b216eae7925688a9c1cc8e726030626f502ce9bddf84175f352ae6a62c924bc2d48ea5cfbc3616fcb0c6c74bb81239b20714241dc4fe05cd5a4545f464a2e56972bb4df9faa116b48d9fa22cf2b71153f9f23b59e5c9008b62801413803", &(0x7f0000000000)=""/20}, 0x18) 12:20:03 executing program 2: clone(0x2102009ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x4) stat(0x0, 0x0) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) add_key(&(0x7f0000000240)='logon\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000140)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f0000000600)='\xd1?\xf3\xd7v\xdc\xf2\x05\x11\x1c\x87B\xbd\xeb\xc90xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x5, 0x20100) getsockopt$inet_sctp_SCTP_NODELAY(r4, 0x84, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4) r5 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r5, &(0x7f0000000100)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r5, 0x1) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='/exe\x00\x00\x00\x00\x00\x005\xab\xe1\xe8\r\x90>\rqz\xc1\x88\x9aE\xe5\x81\xc9\xe1J\\\x8f\x95\xf5\xd2\x96\x8a\xe8\xc7g\xe9\xd1\x8f\xd6\x9a') mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r6, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000000), &(0x7f0000000080)=0x8) write$FUSE_NOTIFY_POLL(r6, &(0x7f0000000280)={0x18, 0x1, 0x0, {0x7}}, 0x18) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000140)=0x10000) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:20:03 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'nr0\x01\x00', 0x4006}) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) socketpair$unix(0x1, 0x10200000000001, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000140)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) 12:20:04 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r0, &(0x7f00000003c0), 0x0}, 0x18) 12:20:04 executing program 3: unshare(0x28020400) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x880) getpeername$netlink(r0, &(0x7f0000000040), &(0x7f00000000c0)=0xc) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080), &(0x7f0000000100)=0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0xd, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) 12:20:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x20000, 0x0) ioctl$EVIOCSCLOCKID(r4, 0x400445a0, &(0x7f00000001c0)=0x2) 12:20:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f00007af000)=[{&(0x7f0000000180)="480000001400190fffffff7fffffff5602113b850e1de0974881000000fe58a2bc4a03049164643ef2a27c028c8fca0c398fe7f46589720000de213ee23ffbf510040041feff5aff", 0x48}], 0x1) [ 606.386201] *** Guest State *** [ 606.389622] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 606.398821] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 606.407848] CR3 = 0x0000000000000000 [ 606.411623] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 606.417739] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 606.423879] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 606.430695] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 606.438920] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.447075] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.455246] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.463424] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.471501] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.479678] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 606.487834] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 606.496032] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 606.504186] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 606.512438] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 606.518920] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 606.526582] Interruptibility = 00000000 ActivityState = 00000000 [ 606.532953] *** Host State *** [ 606.536210] RIP = 0xffffffff812b0dfc RSP = 0xffff8882029cf380 [ 606.542863] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 606.549351] FSBase=00007f3a33aab700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 606.557361] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 606.563418] CR0=0000000080050033 CR3=00000001f41d0000 CR4=00000000001426f0 [ 606.570527] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 606.577414] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 606.583645] *** Control State *** [ 606.587178] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 606.594046] EntryControls=0000d1ff ExitControls=002fefff [ 606.599596] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 606.606730] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 606.613562] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 606.620209] reason=80000021 qualification=0000000000000000 [ 606.626724] IDTVectoring: info=00000000 errcode=00000000 [ 606.632295] TSC Offset = 0xfffffeb73a1ef992 [ 606.636655] TPR Threshold = 0x00 [ 606.640066] EPT pointer = 0x00000001f383701e [ 606.845429] *** Guest State *** [ 606.848940] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 606.858053] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 606.867141] CR3 = 0x0000000000000000 [ 606.870932] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 606.877163] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 606.883384] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 606.890137] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 606.898410] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.906566] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.914810] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.923039] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.931077] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 606.939284] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 606.947520] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 606.955718] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 606.963817] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 606.971955] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 606.978424] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 606.986033] Interruptibility = 00000000 ActivityState = 00000000 [ 606.992431] *** Host State *** [ 606.995676] RIP = 0xffffffff812b0dfc RSP = 0xffff8882029cf380 [ 607.001679] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 607.008274] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 607.016203] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 607.022304] CR0=0000000080050033 CR3=00000001f41d0000 CR4=00000000001426e0 [ 607.029374] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 607.036260] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 607.042447] *** Control State *** [ 607.045933] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 607.052775] EntryControls=0000d1ff ExitControls=002fefff [ 607.058289] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 607.065403] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 607.072288] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 607.078925] reason=80000021 qualification=0000000000000000 [ 607.085425] IDTVectoring: info=00000000 errcode=00000000 [ 607.090949] TSC Offset = 0xfffffeb6f853c29b [ 607.095421] EPT pointer = 0x00000001f33a701e 12:20:14 executing program 1: unshare(0x28020400) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x400040, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) write(r1, &(0x7f0000000000)="16918c08ee9c22b25f20e8b870e9c69ae463e33b8dbabafd58425c8394b53a7fe3641686cffe5a666341c3d5312b271c5c81c66ed32bdcc5de73", 0x3a) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x40202, 0x0) ioctl$SG_SET_COMMAND_Q(r3, 0x2271, &(0x7f0000000180)=0x1) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000000240)={0x2, 0x0, 0x2080, {0xd000, 0x2000}, [], "59bf4ddd1e8dcb8430c234968a77168e134ae2ac64c2b61078b6cae09d09b4452690a44c8d28d43c31e2234e7570a6d5a06bb84ab5d347ae8a891e5308d93e414a68758fd4ff96b8f7ab8c388a38795966c12e4a3ab594e284df107502b65aebcc65938697fd5079b50705aefbdad14b92849e3519f52a1dfd24fb342845a842797987f2bfd3b8ad43ab85b9623ee7aad157fbb7b82174f46d5bfba06906dfa0fb1e3a21c1b14d0f201352d340701dbdf31e7c9a8e0fccf3b9aec6e7fda2b556ca40312b1fecb072c9bfa52740ea736fbaad1659091182071364331beb1cf5b5b7ef5876ef695059a6a7d09471e3f6430c225dea066c21c8846d5f93d91e24d2f049146d3521edb3ab3a2d2ddcffd853cac98b594a92494ca7cce3a5d8cc53666f70208601c308013ecf4df5947ca85f5691d87e47b0f7ffae4722c2722a0f0265a821e14cf70b4b91f89e000075adc70ba60124880b264f7d702cdf350e637ddb3521b9a53c0628e0085baf7a7de90875b4889978ed8041f96ca5c43bba6376a8b3ccf0802e6d1227b782966dc0a6c2081cf7f80cac8ff6c5a262ca619f65228f0c42f4505a154742095db1ecb7208a50b4a4e93c76d8aa09e987d99ab97b23d62e340e2797fe68156c0ee6d0b6139f1d6424940e5b7a6a2dc618e783c37f28aa39907a708fe080617ac875dec14d21dcd34cd93d5d3c7c366c8544fd2b86f634dcee12a972378b06387f238dd46f8bddafa6f51815f2010e052f6ceafdd67aefe58ee6ffe11b5424b2fc196a127ef961974b81d7e0ab4746b1d18373b11f401f25cf5e790b2e3e693f52a5084cd9e3247f30d86c367e8a4b76ea41dd90dd0787588320b2538f5712b106b7574c9c76c8bde2857b5b4c7fdeabe9f8b82fc30f98190015c14d2ab2241dba1a34e18f03e161fe82c3c7ddf89c450b8a70ab01f12b7eacccf7a26486a251dbec02daf8cce4be577daae43d9926527f606746a2edefe33a3ce68cef8db20f9783b36c040ea775634e0351b4fb8d11a1362c78f98d18a457e468c708be16b27f7a266b6e5180a6f0489be4844ddb5d1a327cbd61493f17f40d8b8a6d5c90883fc6b41ae87a15b1767d217665f03acc207dc6422b39cb0edbc6e2c888bbc1b32d70575d6d9027053e97f781e82fb958cde7355fc735e9b90d3aeb283951ef174642676af52c637d10d6ca9bd3b2abc9d22cc32d1ec92c39ed66fa59e929c479a3c640b5e4a7d012b2ceb3fba03723f557df83aab20be7e843e348845c8b4e2ba17d74608e19a1709748c5b94cd8f946df2d4444e4f4ac03424a79cf126ff03a460b001d720d972ca234d71ef2e2f7ce3110fa6558d3010577fcb9b00c1ea18201fade504f17a1787db32967cee9f957d3d23d17e2acc27465e37d7064dbb310a70ef6d23b01a90f9c6391f7bece60787ce1198b8efd5dc29b40a3b02cc657390e07e99c48b2fde4003084633576451762da7f303ebfa84abf9e1420df7b5c48b3f034d9e1489ef0a3e9225c33b582d99bb034d68617cab880ae27d7024aaa81cdaca88280a40836934b9827a46fbd745b436eee612908518fb9480227daeb2bed600132b8fc79d32e057cec5bf82ff4e58dc4172fd38c5ef9b2afcf50c5ea1f0ec1f101a413a3326a1ac3f4cba33c1faf142f94a1ae3f71ce1053f4f7b6174cece8791d270874dcdbae80f7595ee5db7c239bde24f9651b4c548767750494fd86885d97dc2091e38bf358062feac98b7ab929a160e730a28e3e005419f206b47108b4cc1ac40ec0f729aa5b680021be9b17b9f8c4668055dc9305f57e60203c657ebc115772bcb53f4525e14a5318d799764e8b8938963820e7bc73f0e785dd9b1646843fe5340b98c2efc91c6d8dfd7fdf692d67faedf5d40bb12a1a4a670153c11ca22806bdba011c93ab25dea8c4b3496a0accc0bcfc431ed5058434f7fd3a105e576876da7fcfb130aef261a70ca9b3a22c6b830b549910ce04a81cab5d653ceb31a757d9cbf6f03498fe091db8074421b9378eccb16d5543fc46baba8362177f24c1052b4f4799ab27a7a380ea78af1598e754416143d6086a211ed789a1bcd97f86f40c17e90050289e99faebdc0a330fa3c309d4c7d377b4927e166a08ef1ab8bb0258c7ea54f84d2c1339e6e1b64c99c1c6c7500a71f8bdca593a68ca9b352c055b92228ab3b1f8d8752f514d60e414e5597733b2f9f631ffecd519d177c79da32bb013eb4a4e8b5cea3f58b0d82d2930015a9aee163353a5cf7d350b76b2a42f110a895866036ff97bc3e4e36d4daaa086c959fba4cdbf717d17b7cc9de6b2bcc9a5bc2dc8810a7cca4c5ad7ba419d1610c1991de4d10f2a4faa5afddd8d83750974af3ebb6d02ba2af5460d99137249710f597a1ec836e2a88beb64afc6a15e3fc45ffc057de76c042f16c7d105e04ec957bb09909cd30192ce6d4a79e1ce9460277067bfc263625113bd1766d40953125305ca99cfa0ed89b908adce0cd72246f673ef8ac84357cf9dc67f3884bc66fa7327d83d48ef03435f25ce5ad474a135a3a2ff8b69521bb034b68b667959256b76df77121a27fc6c72b5d9aaf7c034763d02260a00261cc97750d3fa192785d3cd3f52eb9e677d639eb06064a448ed3ec151c399719b54c78e184dc56e760bb066e61d5e5c81cf19b828629f7fa51c5c3b099e208617138a54b12d1b2970ea5201c5a4ea3b72f202a8e7701e3e80834a1c595c0caded7cb74d293a670bf47e62ff49baefe6884c222c4908293b3b79072c10760dc9ee148a6d3e34cfb993621a3c087ed10b021c64016a2726286d572848266c393f8f34a89f7720eca64d529fb5c08036c46b7f0eae79fa02987c602cde49f6fe31cda90a41c04cce874366eff763c932870efe125200ddfe5d45c19249bbc18465ef92842dd7d5e4f2bcc8e397e67807f68a71f339d67364e6004e328360dfc73ab9c0f6584fbf0db99a843d4b04d69ebe92a43334803feeb3d429dd9bb7934a38cb7ab7498067adfd660fb48fccc3bc573cf58f2f59b482f174d19dd2f199cf5634f7fe6b058946b364fe948fed0395528603e8a42529f4b8cc9c9b65ed10f275985c315b58bf9e486f81dde50b708f6052bdfaec59a0ec0b3b0588ec58afbd5fe00410060fb655d3dbc1426028b544cd3b6b2c413adc1b81755c07d769d000dc88cd68bed82568c33e7e18c2660a3e496adedf039d55ad701c57c64ef37cee387e957555bc120d75e2ee70865867bf34137634f6a66f1370e6822b4ff369471af3122e2819d1e2dfab0f194d524c5d57668261f17751b7b3871cef53ffa63b6b59dc85b0513c476e3912a1384df9ae68274279ff061dcbe4dce07ab13b8f9ee2166142f9b3b8c4ab19ce9d0573f5db393c0edadd18da3c229f9cb2578e582c0f72ed2945babf2edb17df487d4a03b4f653a16ab445af8007e7db3b96b6f803bb6f4f7a387720421b3ea069dab7d8af5af2fcfbe2bcbd64e636ae432fa8a5e22bb4194b133a1e0e6217eb6c6e09b60b3f2ef9bc3969ae36faf038fd4cff483b5be0c6bfdd6f55058c6cc85ecd7b530c72ce8a76502ef763e846889b721f72b72bc6222c083d0460a2ee7f560f09e3637685a1c2bf5de64e49eee91a81fc6631ad489ee4732a7529a6d200bf34cdc5754a365713994f40f95036d4583fba8c8cec8c0f22d91264f8040527d1b0d4356aa7ea678bfeaa54d5c4ce65f1eb2e4b2a7c113284394bd4a50f4bcbd8dd7a6e16ade128b443d7b2160a6dac1858c6f75acbccc03cb2b2fdcdf8ea833399d0964fb781662700b91fa52e2a4962a95d123d6eb649fab97452681b8b2527406d55b7955fa284fb7866d316451b3c216d02107ad5aa457b4a69bbcaf5ea3d0ff265fc1f214348a5c8bc0f8234b5be5d07d90d3f362d65c1c2b0619af984c7eb4f949bc15fc86ae406630ed228072e4bde6ec8a5cfffe6ce0fcc3fd369246da6e2aed30ae9c10f85a82a109ca7766caebfc742437a95a8d176b3ba290b304a423741336d1874e01e5046f69f03dad82805cea1fd179e16ecbeb70338ce4e97be4af8d6f6cb6b13bf2ec0d4145ccc76c52dc26ee93c60bd4810b8c9b7b23fec4953ee7f3ef346282aa95f458b92761bcb46c2880abf0f50ce14b991c21986fa6ba5244fc14e2eb1b40369b05515dad6333f0c01a8930616783d018ddf41cb81afa20c7a65b0304800d73f3745fb05d662cf0c38cdf7a29c38b33d11ede5e221af17493b4d89af875e56868b5b66a842cc681e756f0c4a890364f69827627d320860bccf60e1a1e2aa7142b84976341b7ee3524f0a11da01e205497f4c7392e2e6248dc8bba1cbe2a28c74b37581ac53164bc5da882335d449a3b78d278714e47565ca07713d36ce1180acadaa61097c4a8b729c1433d8524f7455d3636762a7547c12406f888eee44e421a04ac06ac0b63102239c18f77451c48f62c394b2dc80a89038f38aff1f1b2e5e01b7a1ccc0e9b0859cc8dcd7ba539fd306188c51abe990bc0cbe62d3a8a00e0e0ac79672c6b4f83110dbd17007c418fb6eb67ce78aab69aab3eb101f04c0cc12c55c4533b7b0fbcd898b98346994d57c4f8211d3e351d1e6b919f5abe573eac9477e99fe3be7a77115080dc6613a5b247f76de9a411362b7d6f6d5334b43230a25c270c427901a9e2a86aadc5a56fdda5d436f9d7588d49ae8afad95d57a48d960c568afb450e835089d66e7462c0c483ea860bfbc467c48e4fbcc6cda9c05b33ac2dc4571ec4f730a3d9ea2f890c2e247a62e29f4ccde2634fcdd9ebd59b28228fc6b95ae85c245b7106f6e5dfe1124f5096e2e10a365050c0c5d287c1d7bd42b0a3900619b47ead4b38932d095cee8880de8eb0ff82ae3f2b53dbdf60a9a967209f2657ab0b732b9245d78bf66581146d9162e3010acce28dc46e4303684ec10ca82f2acb76dd794f04ccd67157995c9779c317c0a9f7a0b7cd2c15e13f41b08e1f92c9f2a1359f079284679f92d7c8c61049369e10bf6326336bf7a65a30b799450b5cd8120635f69fcebac8845b1e9678ef274c99c9403dbb6f3dc3296341f5949450045950c68df5149cd89b759c645a8895fcb9a2482924ded469db298a3a550a38b2464f1b7f146566f3e939eda9c3f0f4ed2a91ed3ecde804d69d37a2bbddb49a8d81e2e3146d6de80c2a232cf9b8f4d7cd2138a0059db5110e972c59976b6c1455c69408d3041327120d408fcb31e1e75c7664e5b11ea584450417c93ea1665359b6bc7f7268d900c6a606ef9da6c9ab9f6c2f8a141b24cbda488f85c0743d7e56113d06b41d4ba35f4c5e7afa47d5e725548a6cb1fef6ce895747b4d6a445d1b2c8f3b43e8548d15fee6fb339532a51530e61f18534cd1e78708374322d3ca4861121cd103d43d83926011c1f57cdb60372cd44f6f8901ac789a0a0d2e9a45a36f9725209c102088b2aee5b7302d2d96d12b4f255e8b37bcb853fed76043e471063caf2c8f58ae27a1c1310e813f92b7eedc3ae78c2591999348b9604b61669f6970d3a47ec839d74a4331be9a5b51d27c7307dededcab58c89b02f7374a439d64071c286741227d1c31b16dfa367307c2a44d3b5a9c1ccf77d40fcad8f98f0ac53a718cfab4e2e906328823c1140b3114c19fc3d4c54ae9bfed896a64701a207b3b7a0811b00f4bcec87d02ca36537a4a6620ddc86950d8b0c9f1f1e9a4dffaba3f1c595551c001b77efd8836565455451082f080a54a97b094590526faac55cd62a04476cb0c373f994f105a5103db", "f918e80574087f71dc44e82992ce0ec0c49c3df017250e6482aa60175043eaa3a1f35e6e347dcdb7c6b15ccd57aa2b1cc84ea40530ea34df5fdcf4adc57dfd6f13634ed213cbad3ac65f370d13d7523ca4e477d119df443220ef3ed6303bfe74ae5b71a56b6d7e628a07e05c966889dbe63027aa340f2162489fc1aa0e378889af755587bf30b4d556be9ec2986cb35c3f82b00c5a6215afac0ae74862b3e30e5d6b7b014bbc815e46ff0bbce35043f2e699b3450d8bf1bc24fab1ecec34063cd3e363c1f9be9361f4b88c7cb0e48af4501ffbda71adb8c5a510071aa661099b2d44ad9611433311e79f9b8cefc00c08a97e10b2b5f81e8d3371c0b3a317c504e2f6c388b0c038f65653313665efc49b7ccdd31df93af02f1559a35b7edb74d9dfb40826868ca05ccec7077b44e07e2d8bf680736d1a78014cf95672fd3eca446f151f8c8c3921780232a63c0fd89acf73e8a1d26574dd6e2f433a97443faba1ac2ee6244ab4e95260ba35e245c8611f11bf7bf9571a523693b835772ec1b7ae397267e462870ef9c28c8333b04be7b51908247c288062c357965055b074a79be864134a9fa31c76fb0d7186b1d287888c25a4524b8fee3ff9a250de39575722d1c3450b0ea98ee9f46f3d4f50f4512fa31505e0dd2b6f015c2a2c943e5532c64eed3bca5245bc839d9ea012dfe1d29595e126979d43cc57d3fcaacda0b160cfdc6ec9fa71a28189f1a38be02fde91cd1592060e57783e3ac08da7ac81cc0fa164e61eabcec22be218ba399d15bef7ce2e31740add05892992241b5cc054626fae3140182401747d2746a6ab3f5fde0ebb3a2157cb268831d2533682303f1393e75bed15dbe4e6b9b3186ccd6553ff703ee91ffd4959186cfcc0d285252f6b02126f2daf7625d119e7ef858c215ade80fcde7798ce97666dd5b73949b0aebbfa1867db3748d6ba29228ea4642d02b04c8060362d29e4d53c663ae3a2c2b04636e3feca10bfcaf27846d9fee647c2333e52f86d791b2f0bd789b6194c86d87d00a4f89cc4119200c6c0faecc400f2b17148fffa952d67f5688d85e702c6c3f02f0011e372541ea21356dfb88e1de4a3466990b4d686635ea684a38f7814351b65b07853ffcdebda33f34c0958900bc060c05fc18f588788d1f220d4e0ff1e592412dcc7854d111670c92db00b1ccd5d0cedbfe3f511438ea7eee7fa49c30463c0047ec3d217031cdf8504899b72f5db9061ba79e64fcb13fb135673eaa8da2ddf24460fa589eab5e733033c1666a45df6f993e39acaef261e123d6282caeb9e4d951b6a04d2ef0f68a07cf349214b7d2ee2b93a40ac2544ea6c5d26e8a4d9a45c7a668481e2133636f79b1c296a23cf57f55ff8222a110085317c512ca8fe716db0baddd0012929ce630ce9ca976e8d9608c875c5457356585c11509d38a88d99d65b4a9a3949def076ff0c98d44d4b7d55a5632f01425d9bb5a6bef2e67406740aae9bc27f144c5316c1f3df6c6664bf7ab659312a3cec375e1fe047adc2d20f4efc2a13d5140a26709232b4c1d1b4ef06397364c91a68ea6c74fb51bc7d9d397bb7b9559892cd804a79c8292855d179520b8d1a4a563edd6c2cb00a6881973f767f6647a97bad2cb64cf489a89fa95c109850edaa1314470b4f5ffc6bc9130b2839ac079c3e6c4d65b9e9a1e2a9fa5988b672362b5a21e2bcd7ff248934de658acfce152492dff802d82a8c3ca449e2469a64cedafa7f32f7c9214259d526e2c7230e6f47fc2be874b6087386877e6d4b2752ac686797fe859d569a795268a6fee300be9b009c79e601767da0e9f50df90c89737e0f85442a5aa1ce491b842e7b1fb623f9f3bba475b38d05b519b2596d7728b7f28bebd509300e7ab8ea6609b7177b6bc42b03ad314be4e13a5f341a0f4991577bca7d98ab5795f977b200b500eaabc7826b2dbec9250218365fc307c92f8d3fb8f6395124daf2dd5f43ba82f2a60a5a05258932297584411628e2589f370fbece314c9f4d8b2cf3a702c4bc38d71e9efec184dd75bc5a7ccac8d501cb0c2fbd4a2ae55a345f02ada64669ffd84b898a3a483aa6e74573711964c43f2004b61ee0388ef24e76c2d26769836e29563fedb88fe1b33533e087e6b6cc1f76aabed95e6d1a3d26d639d35f25d51489b62c249c77d0387b78e677e5f6814b5f3924ade3e0ea09d60dea1a56444670747d8d6b87b4457ddf47830bf11873798e7341e135fa78ec20c7e03603268663134b4829e11b594fe2f2faa5e846806fd22dddc0df1a8360be82e81c8ac7f80a7659e3cba059bbf397b7f06946c22f565b6419ad09e007e2658718e88d3dd4cdb565f20d54044a4f1217ba5e43c30235394cd73597f25ce7510abd3204e8383054c94ae4d3d958bd327f3feec45cf1cbf6ac3ce7b866abf151700e16f9670251b88461c75017ab30d4fd882b0278bfbb0a6665d4e07925a6d39850dbf2b0a33bbf864b60998d65453f42ff6b7210c594077943ea00cdd7ed0295304c50fac2f45922b15a17caba7ff610781c7c597f5dcbfced577fbd5a8c0f7a9c6fabc35c0c1b2e4e4940c3d8ede1009926bfa0278c0ad84c686607e63d470089dce018fb3a9d9ce289dd60e3eda3293a67bd8294d28a66f7b091791adeec388c74f850ec7f53d3eb79c07b936a6134ff88067fd5f216ffcd62da269de54d38863985cbf1aa75118713a0c4847d96f38cce023f964245dd1de4993fda537f20917348aaccba4cb4b79b609b9f8e3235ecf7913803477ae520c6af50710314c778b6a0c511f2b5a173bf53e525751654894576bd6ecc8146c41abe8968cf0bc6dae76ebdfbb26214c16bf969ab4f1c57d96703d5084272ce441a92e62db2d06b36a76d37cdfe6b251741ac84ab4daa5d11fb1426fc8d0188dffc85fd24efdff9bd1e62e65857a95486289fb96441d282ebb6d370037c10d24c2f81ceb52763a4d3008f430e50e24ac604f847ba1c7128886f93ac3771e55b7540f6f89e09c4ddfd998c92961d89b68a932861b19556d3af716b7a9c4cb97780cf59ab856a774b4f56cd4cef4a70a46b541620a47d2cd1437852f9457f1eb7f2bc0e19b1a545772990f488a2a98d8d06fe00f28fbd467ac67abac9199fe82a7596b6e3fb5e101a5276bf894279a05db1c11f6a4409bb0531bf79cf1b6c56cf4e7d9f5bc88bfd2f3d16824b8b24327354181f08d97be7c5241dab71f234fe394a595d5650fd59d98ade503b065d0cbdb217f4eaa35f320f5afb035f02c3aaa80dcfa85875fdbdb9730b621777b51263502f14302ef8ed6724bf9622a162be0f2866a1c45f37d9235dde6777abc2035c32e5bde613f56a630f461155d715c92635c7d2cf35bdb1a174d86a55a1909397b68d0bb178951a3cf979f20bf06119760e0a5182edc10ff3435b35c786b77b07c0c0923299666b11710ff7f4d9fa22bc0cd15bfd5eeb7eb6ad24904d34e21c0040cf1cf10654ce7fdee713895b2d0f853e98771ad17bf5d2eebfcaa6496d72d4a335124a4e5d9310a359f6957c59796dbf8ce8bd4f9141413eb78b6a7a917ddde2ef4224d95f7e89fd4055188dd1024f57ed58f95c599c78396dc7782c3fe9b6d5aaf4fce4823246d11b16538380432d83616866eeb727aac5fac01451b8651d6761b5cdcd8c5146feeac8d1e3f8fbd77d0fb97d0039bfc74f937c91d403777f7a21d04c137b8fb38a61b370ba1e914777c5cbea99e360a00a7d7ddf53433be167e14c7d1ce01ac29c89ff66e3a21973943b8a2fa1578ed75b5c5f4b639ab6a09eadc3b5c4c043faaa17cc39449789c737428f485afd0a3f1101520545bc44e8c104191619cf14062641d0c8bf193e924137c8bafbca32cb196a7aaaa6e4e49a1866f929af284fa544593a67f302e5f2a4fde197b4c5a8e26670a6e5dfedfde5c2d6ac8c3a7c6385b991b0d0ea9849709af008f3c91ed6a81af2c8f8c21b5e094e57e0e7b6a2d462f2f336e11714695e4d8b8eef5af49d85bc90a559cd24def4eea3ccac6fa9bc586a3fcadc81a887b49a07bc7e58cabc8f5c813553f6156b50ef9c1893f8e7ffe4e5fb046fc6d33dc1d8d77720496d551991db9db9cdc6db435f6baf6e49cbf3ba9b0ddc7fa3fdeb48b11039c27ada998ecdffa0761bf6066aa3a86cb9288ebfb397f27e01ad22aade06407223ed9ee3a1d9118e78fc47f3bcadf429a33dc4601a852357291b0fe27aaf94d44ed3ca7188df9096725952b0f51f4de9404f15072c450c756b0cc05bf2a469e9e7eabe1b92017a21c11e6e09a6b337307afe20d61af25d6580e001a90ab61ed40a78b83210a94adee4b207998a40b7e20e48979eb48f2e7b2426d2a09da1c572b163ac75c322bd9a7f4f89e80c945fd6dc4ced0440dfb22621b347929e80d6601c3eb1eafb0ff5a9446eff866aa3dc2b96ded754bacfb299c224f864c33e479674ec95603851ad7330aeaf89126ccdd45ca37cb42634a82e203a10f35fa5c7d19d267076b8b55c222e38081b53aa67dd064fcc21987896d1836f17cd847a5c266cf2e8560e461484530525a12400d68c869f7c516d038c8249968d8f6a8179dec2879e646a970202aa6d57f04a5bfb11f12eee8d0e11def77a1573c54431aa7d8a97deec6388a457d905c260faa0681fada72eb9c6a9ceb46558a83640e8427f8a77095fe81c4463aa3c25ea6b0ecf34edda8cbf58517a129efdf199dbc10871ddd97a63b81f09d822080a6cb9039aef21d9b251b91d5c258d81347c8c0a75f78ba2f5d06bb18598050eb02c54742d639b98a136a48cbfc594dcb76f205aabd0f5b4b47f6fad98ab5cde8301b21b1e2f4d16c1f8532c878f8a45180dd69efabd2f50400270b7da02fc441804e20271744146e3c9e0f77f39a4d6bfbdb55b66e536d10b5c7e19adeac798da68bc2092ef1f54f2cc3b094b834a2643e77afc78f7d6f3f496e348a0464f0f72d1eed631e8288e7a5900787482a5a858a0a15a95bd8ccbc87d5b0eb15513711bdd68ed9d63a6195691845507a605fbafa1673a128b0c4c8bd092d73846b0ac4c64e33412e5bd4ed723e40b736e7fba1e9f99ffe21e08b84b149fe9e8ed6bf0aee6b828aa49c1f2e1a6a8c49475e4e264fd1123ed82dae0f54553343e1d44fc8bda2fc33af0f6ab790fc2c916057807b8bbe2724937dc53cbb2e0ee6ba3789b7542afd73cba188c53690f9d28bcd12e7f21a2788dd092f98b841a11c606de142d25a13675d7091d5581e123ddfbb543d6b685b9638db2f231dfd8d6a1c3a8a35d2a609286fdc40d25c62c31b3700ec0fd9ea604b707dcb4b42b1de97d7c32f9b0555348d1d49b52a81bcb8c77c1815f03d177b6a8ce0e9904330f5d9ba3bbaec3ac4a09379c0c59ed60f6f1df34c42b3e9f57c5130a568e7065d898d95aac2b9dd4a13ec6982a899ef8d31f5981dd3e3cb7e65c13d56d5cb342bbe70e1edbd7aa69fb9510d34df7465a267de06302deb6f21763a535e09fdf442f4d1c6e7aa7435e9d79429b29099abbef21e8a476ec32ccc37243c467ff0a612c072dc1429ef123c9b2a73612681324045b0109a16a355003b7491a9393f00b8819754ac5dc9b39243d68afa9454b45a1773654881291ba2f172e0079ffedc03267bbe30a66702b2bb21dfe265329d56c989c36a060127d850c637cb2788d9473c5dc0f4f92c2b0bac533041e9dac0857a47808c14a0787f44e050025dc5418d3a58e74069964e5d4e82ae915f262e52b8e963f7a7b6c7907b1ee6e6d18b66c79a3dba7cd9f93"}) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r1}, 0x2c) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000200)=0x8) 12:20:14 executing program 4: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000580)={'nr0\x01\x00\x00\x00t\xca\x1bq\x032-x\x00', 0x802}) 12:20:14 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb904021965000b007c05e87c55a11200e1730000000000000000000000000000812fa80005001b4163e3e53db14ca0508ac1799d58f030035c3b61c1d67f6faf7d71341e2cfbe06bbace801705000000e5a7cef4c02631631fb794643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683e4f6dd457765c4f8ae2cdefffb798262f3d40fad95667e04adcdf634c1f215ca8076b6383c37b35ce80ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954bff030e9703db0de796ac5abeb3a79dd14678", 0xd8}], 0x1}, 0x0) 12:20:14 executing program 2: r0 = socket(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB="e8000000000000001d0100000800000060b79f16ef80a76052e490292cb6c65430b4511320c91925d6c86363dc206e7b858430a9c11fda1ac2516b55009bb624f8517948945ce7837c64babfa2fc0af76c6037016e62f295733db310710451ebc4bb59dd8d1b62e401ddf51496e8ec02424d6ed207d91fcb52077688a5de0c811751791e838f11d89251dcb723e8cea9e862dd3b9dec135111f5a2148e8d2e283b2498456e93c2a4b74c968c398d7df0f44fad6ccc70e23b97cd3ec44837ef59daf32cb35fd4ff8a96f235240114f4918009c2c456a607946142fb8783b5731c8960c39677310ad368000000000000000e0100007b4600006a93ba68ffeaf1a47502de707f0cec95e109b54fbe109d489d57c138dd0e9b917d4bd39dc2cac4cc918a589f4dbfc681fe492482b8819bdf3ace7846e7e883437877e16ad3fe3c8d7fe9e59a63f55ef95f0100000000000000000000000000003b00000000000000"], 0x160}, 0x0) 12:20:14 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x1, 0x8, 0xfffffffffffffff9, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000040)) 12:20:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = dup3(r3, r2, 0x80000) ioctl$IMCTRLREQ(r4, 0x80044945, &(0x7f0000000140)={0x4084, 0x35, 0xdeea}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r5, 0xae80, 0x0) getsockopt$MISDN_TIME_STAMP(r4, 0x0, 0x1, &(0x7f00000001c0), &(0x7f0000000200)=0x4) [ 616.830202] netlink: 'syz-executor0': attribute type 5 has an invalid length. 12:20:15 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) recvmsg$kcm(r1, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x10080, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001040)={0xffffffffffffffff, r0, 0x0, 0xd, &(0x7f0000000140)='/dev/net/tun\x00'}, 0x30) perf_event_open(&(0x7f0000000fc0)={0x0, 0x70, 0x80000000, 0x100, 0x80, 0x0, 0x0, 0x3, 0x9800, 0x0, 0x2, 0x4, 0x5, 0x8000, 0x6, 0x7, 0x3, 0x1c2, 0x1ff, 0xf4c, 0x312aff51, 0x3, 0x72c, 0x0, 0x122, 0x0, 0x10001, 0x6, 0x0, 0x8, 0x20, 0xdd, 0xff, 0x800, 0x3, 0x2, 0x7ff, 0x81, 0x0, 0x0, 0x0, @perf_config_ext={0xd0}, 0x28, 0x0, 0x5, 0x7, 0x40, 0x4de, 0x8}, r6, 0x6, r3, 0x8) write$cgroup_pid(r5, &(0x7f0000000100), 0xda4fff08) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000001280)={r1}) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000f80)=0x81) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x28, &(0x7f0000000040)}, 0x10) perf_event_open(&(0x7f0000000680)={0x0, 0x70, 0x3, 0x0, 0xc7c2, 0x1ff, 0x0, 0x7, 0x8084, 0xb400b2bc16037242, 0x0, 0x8, 0x0, 0x800, 0x9, 0x0, 0x400, 0x0, 0x8, 0x20, 0x9, 0xfff, 0x6, 0x9, 0xb240000000000000, 0x3, 0xa4e, 0x7, 0x0, 0xad36, 0x80, 0x7, 0x100, 0x1, 0x9, 0x57, 0x26, 0x20000, 0x0, 0xb56b, 0x0, @perf_bp={&(0x7f0000000440), 0x1}, 0x8000, 0x10000, 0x800000000, 0x5, 0x800, 0x20}, 0x0, 0x0, r4, 0x9) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) r7 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000300)=ANY=[]) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r5, 0x660c, 0x1701) perf_event_open(&(0x7f0000000600)={0x5, 0x70, 0x2, 0xb2, 0x0, 0x2, 0x0, 0x6, 0x1, 0x9, 0x36, 0x41b, 0x49, 0x3, 0x2, 0x4, 0xd59, 0x2, 0xffff, 0x80000001, 0x4898000000, 0x3, 0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x6, 0x0, 0x3f, 0x5e17458b, 0xdaa, 0xe7f, 0x11, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000380)}, 0x20, 0x1, 0x9, 0x7, 0x8, 0x2}, 0x0, 0x10, r7, 0x0) ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f00000002c0)) recvmsg(r1, &(0x7f0000003d40)={&(0x7f0000003c00)=@can={0x1d, 0x0}, 0x80, &(0x7f0000003d00)=[{&(0x7f0000003c80)=""/78, 0x4e}], 0x1}, 0x10000) bpf$PROG_LOAD(0x5, &(0x7f0000003d80)={0x7, 0x9, &(0x7f0000001200)=ANY=[@ANYBLOB="180000006600000000000000f8ffffff180000000300000000000000800000000373080009000000850000000e0000009500000000000000377831002b1f36709500000000000000"], 0x0, 0x645c7a32, 0xbe, &(0x7f0000001100)=""/190, 0x41100, 0x253cd64ea211fc65, [], r8, 0x1}, 0x48) socketpair(0x0, 0x0, 0x4, &(0x7f0000000540)) 12:20:15 executing program 2: 12:20:15 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000040)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x20) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:20:15 executing program 4: 12:20:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000580)=0x2fff) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f00000001c0)=""/121) accept$alg(r3, 0x0, 0x0) bind$bt_rfcomm(r1, &(0x7f0000000240)={0x1f, {0x4, 0x2, 0x7, 0x3, 0x10001, 0x38ee}, 0x40}, 0xa) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:20:15 executing program 2: 12:20:15 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000380)=[@in={0x2, 0x4e20, @empty}], 0x10) r2 = syz_open_dev$usbmon(&(0x7f0000000300)='/dev/usbmon#\x00', 0xf16, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000340)=ANY=[@ANYBLOB="0800b2"], 0x3) r3 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x9, 0x200001) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) ioctl$VIDIOC_G_FMT(r3, 0xc0d05604, &(0x7f0000000200)={0xf, @pix_mp={0x20, 0x7ff, 0x7f774f7b, 0xf, 0x3, [{0x6, 0x1000}, {0x328, 0x1ff}, {0x4, 0x2}, {0x5, 0x4dc0000}, {0x2, 0xffffffff7fffffff}, {0x20c, 0x800}, {0x3}, {0x3, 0x9}], 0x1000, 0x6, 0x3, 0x3, 0x5}}) ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f0000000000)) 12:20:15 executing program 4: 12:20:15 executing program 2: 12:20:15 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = semget(0x2, 0x3, 0x80) semctl$GETZCNT(r1, 0x1, 0xf, &(0x7f0000000000)=""/121) mq_open(&(0x7f0000000080)='\x00', 0x2, 0x30, &(0x7f00000000c0)={0xffffffffa6ae2bf9, 0xfffffffffffffff8, 0x3, 0x53, 0x81, 0x4, 0x20, 0x3f}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:20:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x1, 0x1) ioctl$DRM_IOCTL_DROP_MASTER(r3, 0x641f) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x2, 0x0) r6 = fcntl$getown(r4, 0x9) process_vm_readv(r6, &(0x7f0000000500)=[{&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000000400)=""/198, 0xc6}], 0x2, &(0x7f0000000540)=[{&(0x7f00000005c0)=""/194, 0xc2}, {&(0x7f00000006c0)=""/104, 0x68}, {&(0x7f0000000740)=""/235, 0xeb}], 0x3, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r5, 0x84, 0x74, &(0x7f0000000200)=""/218, &(0x7f0000000300)=0xda) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0xfff) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:20:15 executing program 4: [ 617.974719] *** Guest State *** [ 617.978267] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 617.987402] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 617.996536] CR3 = 0x0000000000000000 [ 618.000390] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 618.006573] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 618.012765] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 618.019549] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 618.027804] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.036031] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.044211] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.052417] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.060470] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.068672] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.076881] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 618.085071] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.093409] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 618.101452] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 618.108072] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 618.115704] Interruptibility = 00000000 ActivityState = 00000000 [ 618.122118] *** Host State *** [ 618.125367] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f0e7f380 [ 618.131411] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 618.138075] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 618.146064] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 618.152173] CR0=0000000080050033 CR3=00000001f27c9000 CR4=00000000001426e0 [ 618.159331] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 618.166280] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 618.172506] *** Control State *** [ 618.176035] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 618.182889] EntryControls=0000d1ff ExitControls=002fefff [ 618.188409] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 618.195535] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 618.202356] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 618.209018] reason=80000021 qualification=0000000000000000 [ 618.215553] IDTVectoring: info=00000000 errcode=00000000 [ 618.221064] TSC Offset = 0xfffffeb1077fe722 [ 618.225621] TPR Threshold = 0x00 [ 618.229070] EPT pointer = 0x00000001f0b6e01e 12:20:16 executing program 0: 12:20:16 executing program 2: 12:20:16 executing program 4: 12:20:16 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, &(0x7f0000000340)={0x4, 0xa, 0x8000, 0x39, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}) r1 = dup3(r0, r0, 0x80000) write$UHID_CREATE2(r1, &(0x7f00000003c0)={0xb, 'syz1\x00', 'syz0\x00', 'syz0\x00', 0x50, 0x7, 0x80000001, 0xaa, 0x1, 0x8, "52659f29d2df5d0fa434b4e9084b03a49d680c85c368b4083f7efd543986e2d88f43f77b77c690ea8ffb327c767ff404c3b750c4757441b04011e94ed9642d74944f1504892abac49ba967eaa5f43ae1"}, 0x168) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x83, 0x0, 0x9, 0x8000, 0x3}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:20:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x4502, 0x0) ioctl$VHOST_SET_LOG_BASE(r3, 0x4008af04, &(0x7f0000000200)=&(0x7f00000001c0)) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:20:16 executing program 4: [ 618.657069] *** Guest State *** [ 618.660578] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 618.669890] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 618.679464] CR3 = 0x0000000000000000 [ 618.683416] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 618.689482] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 618.696079] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 618.703038] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 618.711147] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.719456] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.727679] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.735914] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.744127] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.752353] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.760416] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 618.768755] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.777005] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 618.785252] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 618.791761] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 618.799512] Interruptibility = 00000000 ActivityState = 00000000 [ 618.805918] *** Host State *** [ 618.809182] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f406f380 [ 618.815454] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 618.822154] FSBase=00007f3a33aab700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 618.830049] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 618.836296] CR0=0000000080050033 CR3=00000001f0f13000 CR4=00000000001426e0 [ 618.843580] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 618.850323] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 618.856606] *** Control State *** [ 618.860134] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 618.867052] EntryControls=0000d1ff ExitControls=002fefff [ 618.872686] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 618.879677] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 618.886571] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 618.893398] reason=80000021 qualification=0000000000000000 [ 618.899782] IDTVectoring: info=00000000 errcode=00000000 [ 618.905467] TSC Offset = 0xfffffeb0a628d98c [ 618.909870] TPR Threshold = 0x00 [ 618.913486] EPT pointer = 0x00000001f0ccd01e [ 619.112296] *** Guest State *** [ 619.115810] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 619.125019] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 619.134087] CR3 = 0x0000000000000000 [ 619.137844] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 619.143944] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 619.149979] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 619.156856] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 619.165042] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 619.173276] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 619.181330] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 619.189500] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 619.197684] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 619.205868] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 619.214071] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 619.222293] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 619.230348] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 619.238495] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 619.245072] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 619.252749] Interruptibility = 00000000 ActivityState = 00000000 [ 619.259029] *** Host State *** [ 619.262429] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f14ef380 [ 619.268489] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 619.275091] FSBase=00007f3a33a8a700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 619.283045] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 619.288984] CR0=0000000080050033 CR3=00000001f0f13000 CR4=00000000001426e0 [ 619.296132] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 619.302954] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 619.309050] *** Control State *** [ 619.312681] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 619.319399] EntryControls=0000d1ff ExitControls=002fefff [ 619.325012] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 619.332123] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 619.338861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 619.345609] reason=80000021 qualification=0000000000000000 [ 619.352098] IDTVectoring: info=00000000 errcode=00000000 [ 619.357600] TSC Offset = 0xfffffeb0a628d98c [ 619.362094] TPR Threshold = 0x00 [ 619.365528] EPT pointer = 0x00000001f0ccd01e 12:20:27 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) readv(r2, &(0x7f0000001440)=[{&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000000)=""/26, 0x1a}, {&(0x7f0000000200)=""/86, 0x56}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/194, 0xc2}, {&(0x7f00000000c0)=""/44, 0x2c}, {&(0x7f0000001380)=""/141, 0x8d}], 0x7) 12:20:27 executing program 2: 12:20:27 executing program 0: 12:20:27 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f00000001c0)={0x0, 0x0, 0x0}) 12:20:27 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000040)={0x1, 0x6, 0x27, "78a796636fb394e317cfe226050fb486c551ea06380cf1a5f252f427b17f48827b81f401ff8a7f7103df599b4062cb6aedfc71841e132a3303a9c255", 0x4, "56c36f07b157f80eb756748a5494616ab94747205a74333adafe8ac35a8573b8d7aa3d832fa0849a9b7747bd5a747a54206ccabf534d517b2e05daf1", 0x20}) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0x18) 12:20:27 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x0, 0x0) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f00000001c0)='veth0_to_bridge\x00') r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x8) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ftruncate(r0, 0x100) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$TCSBRK(r0, 0x5409, 0xffffffff) 12:20:27 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) io_setup(0x80000000000, 0x0) ioctl$EVIOCGBITSW(r0, 0x80404525, &(0x7f0000001ac0)=""/29) 12:20:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(r0) request_key(&(0x7f0000000180)='trusted\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)=']{,\x00', 0xfffffffffffffffb) mknod(&(0x7f0000000480)='./file0\x00', 0x1043, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)="eeed3972f78ad75a9264779dab658814901fd8532d40d82d740a7375300978794082a6f41244706c478cef159a2f823f79a3321be8822a207ee13d7fc464efc867a79f", 0x43}], 0x1, 0x0) openat$ion(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 629.761760] *** Guest State *** [ 629.765386] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 629.774420] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 629.783421] CR3 = 0x0000000000000000 [ 629.787165] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 629.793283] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 629.799297] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 629.806108] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 629.814221] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 629.822341] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 629.830363] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 629.838490] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 629.846632] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 629.854761] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 629.862891] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 629.870912] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 629.879106] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 629.887205] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 629.893790] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 629.901273] Interruptibility = 00000000 ActivityState = 00000000 [ 629.907612] *** Host State *** 12:20:28 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc0\x00', 0x80, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000003c0)={0x7, &(0x7f0000000380)=[{0x7, 0x7, 0x100000000, 0x656}, {0x0, 0x100, 0x100000001, 0x1f}, {0x0, 0x5, 0x9}, {0xffffffffffffff80, 0x1, 0xe2, 0x5}, {0x4, 0x27, 0x2, 0x6}, {0x10000, 0x1, 0x7fffffff, 0x4}, {0x10001, 0x8, 0x100000001, 0x9}]}, 0x10) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = add_key(&(0x7f0000000100)='asymmetric\x00\xfa\xb0\xdc_\xef~\x19\xb6\xed\f^\xb7\xc2O]V$@\xb2\xa5?t\x847\xb0\x9d\xfc_\xb6\xf1\x02\xd8/\xe0h@\xe4\xd2xY\x11\x98\xf2=\x98\xa6Z\axL&\t\xf1\xd2*\xb6\x8c\x83\xde\xebh0x0, 0x2}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000380)={r3, 0x5, 0x10}, &(0x7f00000003c0)=0xc) [ 630.205801] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 630.214039] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 630.222130] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 630.230157] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 630.238220] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 630.244752] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 630.252307] Interruptibility = 00000000 ActivityState = 00000000 [ 630.258593] *** Host State *** [ 630.261943] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f238f380 [ 630.267972] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 630.274511] FSBase=00007f3a33a69700 GSBase=ffff88812fc00000 TRBase=fffffe0000003000 [ 630.282404] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 630.288364] CR0=0000000080050033 CR3=000000003a3b9000 CR4=00000000001426f0 [ 630.295510] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae015f0 [ 630.302287] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 630.308381] *** Control State *** [ 630.311932] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3 [ 630.318709] EntryControls=0000d1ff ExitControls=002fefff [ 630.324257] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 630.331222] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 630.338071] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 630.344758] reason=80000021 qualification=0000000000000000 [ 630.351119] IDTVectoring: info=00000000 errcode=00000000 [ 630.356719] TSC Offset = 0xfffffeaab95a92c6 [ 630.361075] TPR Threshold = 0x00 [ 630.364570] EPT pointer = 0x000000005c1ca01e 12:20:28 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:20:28 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f0000000700)='configfs\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) close(r1) 12:20:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x284002, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x10000}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000280)={r4, 0x3, 0x9, 0xfffffffffffffff7}, &(0x7f00000002c0)=0x10) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) time(&(0x7f0000000140)) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r3, 0x28, 0x6, &(0x7f0000000180), 0x10) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, 0x20600}) 12:20:28 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000180)) 12:20:28 executing program 3: unshare(0x28020400) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x100, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f0000000040)={0x0, @local}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x101}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r1, &(0x7f0000000100), 0x0}, 0x18) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000080)={0x6000, 0x4000}) 12:20:28 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x40, 0x0) getpgid(0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000001840)=[{&(0x7f0000000240)=""/184, 0xb8}], 0x1, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000340)={'HL\x00'}, &(0x7f00000003c0)=0x1e) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000380)={0x0, &(0x7f0000000340)}) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xe840334da1b2585a, 0x1) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000140)={0x3, 0x0, 0x10000}, 0x10) ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 12:20:28 executing program 4: r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xd6ee}) 12:20:28 executing program 0: socket$inet6(0xa, 0x80001, 0x61) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000540)=@generic) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) creat(0x0, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000580)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, 0x0) write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x7c774aac) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r3, 0x28, &(0x7f0000000380)}, 0x10) creat(0x0, 0x20) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x800003, 0x8012, r3, 0x0) ioctl$EVIOCGEFFECTS(0xffffffffffffffff, 0x80044584, &(0x7f0000000140)=""/219) ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000340)) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, 0x0) 12:20:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$usb(&(0x7f0000000240)='/dev/bus/usb/00#/00#\x00', 0x7, 0x50040) ioctl$RTC_VL_READ(r4, 0x80047013, &(0x7f0000000280)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000100)) r6 = perf_event_open$cgroup(&(0x7f00000001c0)={0x4, 0x70, 0x3, 0x7fff, 0x5, 0xfffffffffffffffc, 0x0, 0xcb, 0x88080, 0x1, 0x400, 0xfffffffffffffeff, 0x4, 0x9, 0x15c6, 0x7, 0x5, 0x8, 0x8000, 0x1, 0xaea2, 0x1f, 0x2, 0x1f, 0x1, 0x4, 0x800, 0x8, 0x100, 0xffffffffffffffff, 0x60c1, 0x4, 0x1, 0x0, 0x8, 0xa5, 0x4, 0x9, 0x0, 0x7, 0x0, @perf_config_ext={0x3, 0x3}, 0x60, 0xff, 0x1, 0x1, 0x80000001, 0x3, 0x1}, r2, 0x2, 0xffffffffffffff9c, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x8) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r7 = dup3(r5, r1, 0x80000) write$P9_RRENAME(r7, &(0x7f0000000140)={0x7, 0x15, 0x2}, 0x7) ioctl$KVM_RUN(r5, 0xae80, 0x0) 12:20:28 executing program 3: unshare(0x220000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x5, 0x7, 0x9}, 0x2c) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000000c0)={r0, &(0x7f0000000040)="e6d3f22d38d5efe0ff4b3b9003eef91f2f1494ed45de5f921c4289f7bbe912bb861f4bb049a683648754495e05b03e00f258d84da3a6602b9beb9efa28a46531bfa03799e87d92f712e107134e17283ec5bf5936f456f04c03f18a10219018242aafd9b5da8cf630e2de9db158c1", 0x0}, 0x18) 12:20:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) clock_adjtime(0x0, 0x0) r2 = syz_open_pts(r0, 0x200000000000) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17}) 12:20:29 executing program 4: getgroups(0x6, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xee01, 0xee01, 0xffffffffffffffff]) setfsgid(r0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0xc2000, 0x0) r2 = openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0) ioctl$KDDELIO(r1, 0x4b35, 0x5) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0xfe) r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r4, &(0x7f0000000480)=ANY=[], 0x2e7) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) sched_setaffinity(r5, 0x8, &(0x7f0000000200)=0x9) fcntl$setflags(r2, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="72aaf7e74a130dc67c873b068613596188b3fe869b8cbdc49a89", 0x1a) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000380)=""/147) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f00001a2000/0xc00000)=nil, 0xc00000, 0x0) ioctl$FICLONE(r2, 0x40049409, r3) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000340)=0x7e) getsockopt$packet_int(r1, 0x107, 0x1f, &(0x7f0000000100), &(0x7f00000001c0)=0x4) setxattr$security_selinux(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='security.selinux\x00', &(0x7f00000002c0)='system_u:object_r:cert_t:s0\x00', 0x1c, 0x0) ioctl(r1, 0x0, 0x0) sendfile(r4, r4, &(0x7f00000000c0), 0xa198) clone(0x1000000, &(0x7f0000b6b000), 0x0, 0x0, &(0x7f00000005c0)="9007df8bbdbd1cd168999a51f9ffc5eaf61ba46a0a3d2a864d03cc173bf664a2f57eb8fd0c6cf8c615d80d8242") [ 631.153773] *** Guest State *** [ 631.157302] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 631.166330] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 631.175297] CR3 = 0x0000000000000000 [ 631.179047] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 631.185171] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 631.191262] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 631.198107] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 631.206220] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 631.214435] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 631.222565] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 631.230580] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 631.238708] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 631.246818] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 631.254982] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 631.263138] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 631.271167] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 631.279290] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 631.285819] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 631.293427] Interruptibility = 00000000 ActivityState = 00000000 [ 631.299690] *** Host State *** [ 631.303049] RIP = 0xffffffff812b0dfc RSP = 0xffff8881f09df380 [ 631.309086] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 631.315696] FSBase=00007f3a33aac700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 631.323639] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 631.329583] CR0=0000000080050033 CR3=0000000076b08000 CR4=00000000001426e0 [ 631.336811] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 631.343605] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 631.349689] *** Control State *** [ 631.353295] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 631.359995] EntryControls=0000d1ff ExitControls=002fefff [ 631.365604] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 631.372640] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 631.379353] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 631.386087] reason=80000021 qualification=0000000000000000 [ 631.392583] IDTVectoring: info=00000000 errcode=00000000 [ 631.398067] TSC Offset = 0xfffffea9f951cbf1 [ 631.402526] EPT pointer = 0x00000001f0fda01e 12:20:29 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e23, @loopback}, {0x2, 0x4e22, @local}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x12}}, 0x100, 0x0, 0x0, 0x0, 0x1f, 0x0, 0xfffffffffffffff8, 0x1f, 0x8}) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) ioctl$VIDIOC_G_PRIORITY(r1, 0x80045643, 0x1) 12:20:29 executing program 3: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setfsgid(r1) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r0, &(0x7f0000000100), 0x0}, 0xfffffffffffffe68) 12:20:29 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r2 = syz_open_pts(r0, 0x0) poll(&(0x7f00000000c0)=[{r2}, {r2, 0x8006}], 0x2, 0xc00) 12:20:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x102000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) r4 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x80000001, 0x400200) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0, 0x1}, &(0x7f00000001c0)=0xc) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r4, 0x84, 0x19, &(0x7f0000000200)={r5}, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:20:29 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x1ff, 0x4, 0x100000001, 0x0, r0}, 0x21) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r1, &(0x7f00000001c0), 0x0}, 0x20) 12:20:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$VIDIOC_G_OUTPUT(r3, 0x8004562e, &(0x7f00000001c0)) ioctl$VIDIOC_S_JPEGCOMP(r3, 0x408c563e, &(0x7f0000000200)={0x0, 0xb, 0x37, "b9b524ea48ba23a0e681e48a8d613570150102eca6e9bbbcb3d7cab4f85ad75744fe9f89a53cdf989396daa42e0ee09f477c9c6b4bb8fc95c134ddff", 0x23, "c27a5a3ebeb78228f686c9f6c92a110a48c101b058da5b437d4a003b369062c081d3fb7ce0da6832984f9da5b4a0b82bfc379586b3461885198330ad", 0xd8}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 12:20:30 executing program 4: getgroups(0x6, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xee01, 0xee01, 0xffffffffffffffff]) setfsgid(r0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0xc2000, 0x0) r2 = openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0) ioctl$KDDELIO(r1, 0x4b35, 0x5) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0xfe) r4 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r4, &(0x7f0000000480)=ANY=[], 0x2e7) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0xc) sched_setaffinity(r5, 0x8, &(0x7f0000000200)=0x9) fcntl$setflags(r2, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="72aaf7e74a130dc67c873b068613596188b3fe869b8cbdc49a89", 0x1a) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000380)=""/147) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f00001a2000/0xc00000)=nil, 0xc00000, 0x0) ioctl$FICLONE(r2, 0x40049409, r3) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000340)=0x7e) getsockopt$packet_int(r1, 0x107, 0x1f, &(0x7f0000000100), &(0x7f00000001c0)=0x4) setxattr$security_selinux(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='security.selinux\x00', &(0x7f00000002c0)='system_u:object_r:cert_t:s0\x00', 0x1c, 0x0) ioctl(r1, 0x0, 0x0) sendfile(r4, r4, &(0x7f00000000c0), 0xa198) clone(0x1000000, &(0x7f0000b6b000), 0x0, 0x0, &(0x7f00000005c0)="9007df8bbdbd1cd168999a51f9ffc5eaf61ba46a0a3d2a864d03cc173bf664a2f57eb8fd0c6cf8c615d80d8242") 12:20:30 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x10000000e) 12:20:30 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x0, 0x0) pread64(r0, 0x0, 0x272, 0x0) 12:20:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x0, 0x0) pread64(r1, 0x0, 0xd9, 0x0) 12:20:30 executing program 0: r0 = socket(0x2, 0x2, 0x0) connect$unix(r0, &(0x7f0000000000)=@file={0xbd5699bc1ec0282, './file0\x00'}, 0x10) writev(r0, &(0x7f00000025c0)=[{&(0x7f0000001340)="ac403fc1834a7f080160ffc1007dbe7213c86f2a6ffea4cea3881a33a6677477f8a0b24c479ad0183df91e0f7bd902c3d9427d564aaff2566ed16c8b8089c02c317d233ed052656e29889ecf2e8e252cececdc39d132b9a2ecb3ab555285f3af503509f93b82a2b992db7091ac00621a0e5bde2b08bb9128b161e9deb1848772e45661eb5d47fd35a02d09c2381753a1a39fc3efa1734fe44f3ee81d32497b8ef79436862332da47aed43d6d3a3e56efcfe90336ea6fcff5d4a05e8ea6e63945aae5de58b544fb98c7715a2dcdfdf115f480183282323327569fdd1fa5668fb1ce2e7da6ff1191743d5dc11c1e81dcd03f26b50e75be6646671bdaece5161a3c7b5ffb7257e3b8e1c2e4745847b14f21a8a4e655a4074e0bdcd020cb53da2a1186910be2c1125c7da799db145187fda07ccec8cf0a34b09bc1ca0560f7ac37fd8525f94fac81618b8994cb98014cffc364687afc16ed0c488d4eadb8dd2e9c3c507040897fba33e795c12083712837021235673e48abe5aa9c6e7af413b126a12eb66d22edfb144e154a85d093a16ecbf7e399a4a4afb597bc0622f3c125823aef6ab266d288c89d1c6e7a9aa1162cae0e01fcfa3723f8818cf212a21b0f43c654428be076907355baddd117c3cf55f79a0eb2f91a19f5b703feb2834027dc4a8368510295c5161113e7d75b98082242689abe063beeec7360d7f64554896109725a622b6dc8feccd48d1aee6858ea07a9cf990e0fd9f8fdf2c0c6fa879a17c3b360c362abbd177c0c593a11e7054ef9c8ff2789672fb585b6f8ae39f5dab5798c38781ca20301a8ab8633f7dcd322e033a8d090067f3a2c172ba5a41ce12eac03a32afe4795f60da88d10ad359ca0b005c09bb0882488d66faff5c6ebe5a030a2c482afd819c322a3bb7ef5ce1574ffe3ac0db8d1e051822081d6055a53cd9f491a2269f6091edf1f5ad55081e7516f26cba383988b2bb450c8c3cc2094c57de317fa387ddadd8a5cfd84bfa27d2a5221336e939b08b924b7a3bc829b4b423a4dfcf90f40174e96e40cc1ea9b93c87fe94757f276e5a96650fb050aa513961ad69f21e23815359a479e443183aa7931f276904c9b3dbed26c321bc0d5a29e94ed87284e530b71bf6e4dee93f879af0b43cb934695dfe46d1cea78df7776b61d2745a5279af9a3f2e37815cdbad2abf59f4247eedb084968c48572190ef70f9d3f2f1a2774be61fc108b83ec566c02d751eaf9ce0595a0d3dec95963875fae274111a35cc3e4a1306f4bc4464ee8861cff6b938ce389b485eda91b75a20513f925dcfbba39336cdb17eb19d75159173208c41738570252ab2ecd13b37f1e24a2e06754233dcc73c075704c34f45896d8b34b5543e3628479f9d6f19770c91f58098f555c8faf56ce6e3c744f240a16391de6a09ebff5af0b9c0700820f1eceb7e99bad297b3e82c6d4ca96a720d2c1a41bd29a58053096c28c5a406041c770cd737d5607dd0e9278b03e4ade902b9938a39f80426849c274be20d02ebad4c3337495ce290babf0f855f44510e79ab81fb8e64be015866d04cad9bd69561cdb1d50016db4b6d9d51df5de74da71f8ffb86dd93e29006cbb53bdd7860b866d2fb637144ca48c1c12ad2c18da4068d6587626699a0a8c786a57291e84b921046113557887368fe431600b20a1f849c4e647a2f56d013a735f8306bc9036b880051ad532c25ecd4d10fa393e7b484f1fce29637b18dc48c6a3e26f6a36371a9589399d35fb2e5da785283577ccbface5c902041747273ce13277504541cfa3f2a95f543f5096a8ddd4ce6572578269618df5838d1f46b5a6f2d28e9796b73be64fa5bc160b1733e3bbf2bf1019e3de6b199201e111f20f9733491c6cc1e629d265e7359cafc05ab7dfa7817f0b6cc28354ac7acb87450eb51141f35bfeeb247eb48ebed9c884f54b20b5a30f0a4114cf4dcd94e14e09f274ac4150119f4a7d0f8ded4095289235722c2aa0ab6a7f8435797382cb5be284718a2f97a5f752b61ff480bccb903504306b4dcf3eec3f8bccf901559c66633fd94df6e57d3aaff059622677bc1ce1c09b70700f8aa9e6a2bb575604ce01c7f46e20efc492a103a8fe46103b06d8dbc1e9f6132e34b18420a0b188a430c1deb7122c72d250ec6ec5c0dfeedfffd1815aa8bc4a63691c9228ba24b1236b77a799fa89029c7926d6a08d046d5cd7b15c1328676842dbcc8b0fd2be02f11159ef7ab85cb4c9b1a88aacfdc32322563ea1a16666a18691bbe5f0400c82ced53b6eb609c27cae81021b8a903b3d4828f50384907be50c8a021ebde623d0615832ceb58c0dad0fe36f4b08849dc14beae82c1885ed5c809af030751648308dc1d891dbf8e7ea4a71da25544769ee0851f4668d7569df23ddb6dfed6f3eac6608aca6bb713436268da8435b66e94a03c2511d3d14f743d45a58aca8ef12cf00b5e61d4e7bef2d4795962f54d2728f6b51738de4061b4d089fd20ad900746d79d61164542b412032b2edd28882b307012c6751c3e972379373493633ac0781e44c010cf4ba2cc307f3a0d5122ed4fae4e5c945f5aaf5c24117c176f66fb767e875b4f923b60bd6d37913e621980b5b37ec3fb796ffe0912c957154707500c83a697d7a82d4ddb6e6c7605ed7999f60c11e6ce34c8bd828ef06036b7c1885becb686eabaa77630a7ca2413e050d8be0e66c7065b1707fcdbe29c74eb622179ea25cdcf8c34bcf0ac841801a03dafd7dcd3c813248bb9f686a55dd9ca8a8f4e3b99097021b9eb65d3a21c8da5ea1fefd862f8ca2f1dc26d84531cebc13a8347e2b52cc4492e956485474a4d5bc35dc526528481b8f7aa590d9b2141a65ce45f55ac633f7ff6e35b3f200f28929ce8131380a0b1594c079115e1ef1799e828408a4688fa62b10df58b5ce22398f96d27e3e012ec1a7642b3b4db0da42916a85d9c8e5adbeb3169ab954e21a69743d7ff36dc15076e21ac9390a84fe3387d321af8cf9caf7c9c372b3e2190436144f64dfc80cebd8233f1e4020035a8918fc4bc3cc39c606ddd68e74a115dda4f98085e2967cc582d411e0a5e5482e5010c30f7df1405bea1d0e25487e66b4734b7a4539f5e0fd7e5e29ed559b8426715a0f5dcc5308ab383b0b384eea6c70682de3e63c0cae941b939683c2e73d4086c082716056b9fd422eff8a36bbb57cd741b0697f68147ee4c98046d6e245a419ec046669133db924137664f001b3d76862cfbc4d474f2dc16c684d5990a9e0dff9687be839e5b0c787c9f69f9e07614ddf88cd87cbf585ccbb2354b4b20e7acb29a166d233241e7c3d979273d1e3df2f1403faf12b3c7392c4cf64a25927ecf46ae9aaf9c97e25a5a2243afcecf85787b63bda23dbf34b8ee03bfb06262c4f37e21cd1482cc918e0924f022534c0d96db7edf630a9967ebcb0d298cf8c638bd313b0e86e574b75e838e0e8b31ff82f50e91c1f476931f7f2eafea051deefbb25e94b4280a3725b80533bdfd31cfce2fe0bfa701eeabfecf8c314332754edd8ed80b3a1b1a57b5a3e93f6a00065297b45934c6257cdc71faeb3aecc495f830333fa594f0cdb450c412f988b0e17635fa7f4ea8234a6957002dfb3dfcf45df507f1156b276dede52495f23c5887a59833e80f7650117c687a2a3ada13bd06dc474f61306f9d9973918b6116ba82857e4360006f4cbfb7c40adf6e3276c25e6fe45fd5af955b85f337200fa8256a24bb016c2eb1ae303d493b9651b35991ade71f50a3a447e8b6b9a769ebf94b1d44965dfcdb59a0f495b8bc045be8b50d60f026ad73dc6bf16575432d34a8cedb2a7ccff1192a3552fa8c15802021af3381e2cb6230bcbab413428c0b65db1826ae226d0754d2b0a8c8e4a7ebf717cffd77685fbfb57be3c58b1c6c9ce5188d53c3191d16e0596382d6afd2e50739c8649947a8c09a3ca549829b13dbcd8f64baf14f64ead409244edd9c46a6a1ced27923ed5b9b751b6d63d52cdac0d1701c93bb6477e63f793be2572fae6e0e3e5adc6bbdf44c1f258bcbb1408b5a12ee45df04d4506255f926f0d577c0399fce84eedcd71d03b67700809b4a054245bd32920fd4f6014baa840a4e520a0db4e541200822aaa7e3dd353c8b49b1a825bbbd4a07c2b507ed7c10f741138559af27346bf4e148e813387ce3468d7c857d7315c34b63e176ed12ef2fc89e9190237ede5159e9b36e9bc8c6cd3544d637d3cff06eb8fa5e2f1fd2ea79f8cc309fcb164d8afba1a09ec469657d4a46eddcdc297b0bfb0e33ce8f28767d3d66e779c67201538c805a4825674ee83a352360e3826bc7e78e463a828eb34868f1c9c3c5d2ad53a6b39df9af0c036b7485a17a64af00a23753ce0b42770a196294a90c0413f56b713a3c83105a838397fb18ddc81e44bd641007391244a2583dac3bb636e7744e0f381405f756c6eb41a99ab9b240bffb24d7565babd9b169d7ab77f07032a1908707d60b7c730861ff72f80c3a0d7ce6b83c1aba1e43fea1950563fc823978c4265f1216484d09ba7ae29ee67059b9c9ea485159475ff824a7415ceab7f43574332fb3b716727e6522ffce914848e8f31c6b55e2203a08f41670eb37fb2d619e45d84b01c357cb9133a0362c8906338211499e8be8656e0b25f64b39b59126ec0c21bbb7aafb19dbe280941c12855d2bc04c8173726aca49644fc5538282c5edaab2f076f74d42d68af50d2faeee095b8613cae2dc5fb4cc402c71a892249c880a87038377264c8525cf219e249167c8748e512cec73dd6a237ad010079072edf51ce0a175c78e24f351880945ab92758d6422e80f1b95a48788504c8894b9d3d87072cb77194d8696b26c49709cc66cf50eee0584a8655f919dd0f64a94e9d894bc8829efaa0faff2205f86dac8188d9876b1781f7f3def323b1c2ea4f5389690f75c07c047d0937eac93a2a7fa86354929310f519a7cbcc72d0d73868978e125c70339bf6576944dc82910e3a87779610ad0287de45f0ca4b8f9d553cd7238736a31a1c46548a488a27bc8bcdb64724fed9898da8a1ad26a8410b78af0d6a71573bb1d3c3927ff8e4a87a92372f17ed808d20059d1c74b92bb84c845ec68f4fd26a28f5c41dcff033df95dc21d3097864e5582abeda379fc0d38e80025e4e448ded676842b5c07af56dbc3a273586a6c4b576330290fe726bd154ddbe30f49392b6dd1f402770a3a28f2b4eb8936e137a67bb5327122a01b4fce605d65f837a731820e50082c0d4aaa7ba9048f425df8abf5aa6e92023d5c3dd6966e5f1617c5bc7ca8ced65a8f88ccf4ce7f54e06d6df74307e171b1b83ee6ad03d5499b1d4d1f34ad8269fc7c2fbf393780f", 0xed6}], 0x1) 12:20:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f00000001c0)=""/157) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000100)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x20600}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 632.640916] *** Guest State *** [ 632.644413] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 632.653444] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 632.662426] CR3 = 0x0000000000000000 [ 632.666176] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 632.672864] RFLAGS=0x00020602 DR7 = 0x0000000000000400 [ 632.678895] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 632.685775] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 632.693910] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 632.702276] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 632.710301] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 632.718481] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 632.726592] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 632.734718] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 632.742876] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 632.750881] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 632.759028] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 632.767118] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 632.773715] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 632.781188] Interruptibility = 00000000 ActivityState = 00000000 [ 632.787507] *** Host State *** [ 632.790740] RIP = 0xffffffff812b0dfc RSP = 0xffff888077f9f380 [ 632.796821] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 632.803329] FSBase=00007f3a33acd700 GSBase=ffff88812fd00000 TRBase=fffffe000003d000 [ 632.811131] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 632.817132] CR0=0000000080050033 CR3=00000001f2eb7000 CR4=00000000001426e0 [ 632.824299] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8ae015f0 [ 632.830976] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 632.837159] *** Control State *** [ 632.840683] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 632.847428] EntryControls=0000d1ff ExitControls=002fefff [ 632.853015] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 632.859996] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 632.866804] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 632.873451] reason=80000021 qualification=0000000000000000 [ 632.879771] IDTVectoring: info=00000000 errcode=00000000 [ 632.885321] TSC Offset = 0xfffffea9251c5ced [ 632.889684] EPT pointer = 0x00000000aa04101e 12:20:41 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x72, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_script(r0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="2321202e2f66696c65300aea205486396972100d97c042b2cd925268e43cc84ee8a5606e6635f7ee806b5f917ba77a9d73c005f1d65ab06dcefc57551c9d41fbc241e44552829a60768e93d001671f3effb1f1ef21e12e108339e01432fb49132d56cd027b2e1c17a9f416e5f982e0e6a5627c7c8622d30435d28ff9ac41074a89eb0a605441116a309995c5280c53b4ba8527106e72752b7b1b7dfc2e916adc640c7a441cb0d319c93a8c46bf6b74171178be3dc9d4069c5000000000000000a6524126f1fdaf7dd82c4e83ec0d0ebe5be42ed339023388576a9a57c7b628ccf45e9602e1d2ea4470ece86713678f239e277019b6c7620b36940af961f0ccc0989b5d907ae86b75c3b9f26fcd4e9cdf9a941f3d3a5335b5cfa5697cbd85e5092ccf5a054450daf8a436f2ad8a00076381db30872f54d3d8be1c803cd3f0a3134ec8b4977cdb1f95e90d0294f2d9d53b70c425e0c0b175ffdb8a43ee659f31793971ee7b56b2141f1ea0da7f7bebc0a221234c5cf78bf9edae73082e8c2d16d443d7b0b515d7015bf19b844c202cb510ffff2158bc5e7a51432573c5d5842504bd6ac17200535a53ff3b2c8f6d88eca4a2644a5cea8a413ecc5580361a19e9606bdaa3892320d499b2a82743d51374c501d8d0cbfa078883e070404db9f62b570ccce8c97b4734affa8da72fe3927026094ddaa41ee7b840ea941c99f795cef5e0b1d1168c2fa632a4105eaf445d0e0cd5248bad0bf5b73a8e2d53df88e5494f982d8fe9ccba0ea6b54d397195ba248b5c4090b82857dc1f69d92a7714dc0383e2bb157d0e31cff09c2b98f55761c08cf6d32c9cdb98494d7c56187514597f7bbc438ce3b55fb08d6437746343ebd89aec4a7f863c9865e2b27008bfbc4439a8478292b291ef7979590e0583d607cb899548c98610c645cf5848f1a1ea61277852e44473db56bff0dfd6f6752cf5c30600000000000000de8ce0505e8ab69b19fa7067c68a06a1eb32e23a79b9fa008fc3e75729acf724096b42a1d484dc5efdb00c39240c0b71b81c7636695a0caae6dd34dc573cf173afcb7889d5c14e6ed5338492f654f201817a77dadb046bace06e9eee9bea92cb87abcd83c41b2db3b45f174a7daaba729067ddb040ed96a4a533c600c8eb0042651150a50028bd8618e9f243728b129c4c0b52403edfa4ffa2aa53d4cc45703c0585a625f9e5242159275364a684460d0c076ec6e5c3b0381a10dc81c637eb157f32cdb431e829f405694750c3d616910918a51e93bfc3a7bb847709c20765c73895d94ad8747a1a1a5249e045622f5b2edd5adde47abf9d973c77c5042550559b7b23c55b145d6ffd96a42ab095684e827e675fcb4a4b58bd3d46cc5e5183f4505f3b112cc361b44366739d6c01ad5316a5f08ec1003aed5dfcd165f583875cb5de8f3b0ced801068509ea6dcaa964473eaf708f65eadf211397de17c809630aed7faaef4f5eecc17ba112812bbbe2c7e2fd31158d88ff2b58d30e24585333e5300a72a6a3719eeb1711c907c101faf3df3b980899298e49066c396615a4352"], 0x457) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @broadcast, @multicast1}, &(0x7f0000000140)=0xfffffffffffffdfb) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0xda9, 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) socket$inet_udp(0x2, 0x2, 0x0) 12:20:41 executing program 1: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x6}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000001c0)={r3, 0x0, 0xf61, 0xef}, 0x10) getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f0000000280), &(0x7f0000000300)=0x60) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) 12:20:41 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) unshare(0x40600) creat(&(0x7f0000000100)='./file0/bus\x00', 0x0) 12:20:41 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) dup2(r0, r1) 12:20:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x13}) 12:20:41 executing program 5: mmap$binder(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2, 0x100000002132, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) futex(&(0x7f0000000100), 0x86, 0x0, 0x0, 0x0, 0x0) 12:20:41 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x48) r0 = socket$kcm(0xa, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x3, 0x3}, 0xfffffffffffffdaf) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 12:20:41 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x48) r0 = socket$kcm(0xa, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xf, 0x3}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 12:20:41 executing program 4: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200)}, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1007, 0x5, 0xffffffffffffffe0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000100)) r3 = socket$kcm(0xa, 0x2, 0x0) r4 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x0, &(0x7f0000001fe8)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x4, 0xc3, &(0x7f0000009f3d)=""/195, 0x3, 0x800}, 0x48) recvmsg$kcm(r4, &(0x7f00000004c0)={&(0x7f0000000380)=@rc, 0x80, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/233, 0xe9}, {&(0x7f0000004000)=""/4096, 0x127f}], 0x2, &(0x7f0000000440)=""/10, 0xa, 0x3}, 0x40) r5 = openat$cgroup(0xffffffffffffff9c, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) openat$cgroup(r5, &(0x7f00000007c0)='syz0\x00', 0x200002, 0x0) recvmsg$kcm(r2, &(0x7f00000017c0)={&(0x7f0000001700)=@xdp, 0x80, &(0x7f0000001780)=[{&(0x7f0000000a80)=""/218, 0xda}, {&(0x7f0000001940)=""/248, 0xf8}], 0xfffff97, &(0x7f0000001a40)=""/216, 0xd8, 0xcd}, 0x12100) recvmsg(r3, &(0x7f0000003f80)={&(0x7f0000000840)=@xdp={0x2c, 0x0, 0x0}, 0x44f, &(0x7f0000005340)=[{&(0x7f0000005000)=""/135, 0x87}, {&(0x7f00000050c0)=""/198, 0xc6}, {&(0x7f0000003f40)=""/55, 0xfffffffffffffd16}, {&(0x7f00000008c0)=""/100, 0x64}, {&(0x7f0000005240)=""/251, 0xa8}], 0x4, &(0x7f0000000740)=""/116, 0xffffffffffffffa8, 0x4}, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xf, 0x59, &(0x7f0000000ec0)=ANY=[@ANYBLOB="09af1224980ccb13ff539459a691a10a64ba8904cceeb71a4f0f1fe65d25742497663aed4b45a7ecc89db0417a6bbe4dc9ff0c6a809647f5e9004801c0bca8e1b3b4483b23cc88247bd78c176502f1cb475404000000000000002d580b66fca8be71765630fae0ee57490a7bb3292fc2267e07ce396dc625ace4ef12e547807e91985eea3ba846a61ab62aac2537a83cc74f415a98bef27aaf69b1bf4aecda2c5138d0cacd3485e50ab4d76af28a1fcd491818589150c29387c531acafae01d9248b28278e080054c93ad84141be3ded4c56756791581b46bc1e2e9b5be69eec684a0d78d4b2fdc1afd7a21d4b7cd301085f3c7902ee2be9af547f8a2fda5647c1b712a54b17d31d00000000000020e634e5d65e04c5c0517727e75183b8b2894029dac3ec45eeb09fbdd98794b58e60f56005eefde646b11f12300a446e62e6b2141436d2b68d32980fb56d4e29c9fe440ddd4de4dc058fe20543313540e175d8f3e7ebf93971b9d1f4ef839c78fdf9213a5b7926507f0131b0579da6aa33759a1ef140e7f5b0319d80fdd69a40ef1bd7dcb51491a06102e1010f225318767b84bf4fb8ef4812c3e9af40bb46a2000000000000f85c6bcb0000000000007048b46528962fa082122265dfc32f42c5ecea78e5783dd6509147d79daf961a910fa4c5a32e280b5b76d10411c9aafec73d60f9477a35ab2c074e50bc597109e66e7721c1bce59f09a7876819282f82a12b17a71a051e87657a4ae70500000000000000b77f480e727baebfe66293cd121ab31e907f180c7a6660a483b20b79238bcc0800000000000000ca739fb9c94dcf8bba9f1146c1e5ca0876a717105b43e49b522871379d48eb6ee72df7f5503329d9c00f0babcc5c1eb10949db0e55acafbf28fdce0071a0c60e55b7632b7cbcdc3d6bf29ade83663d0e03593fa878491b7debbf956f71b1579f9d2eafa12e44e8b51654c7c08040df37a6fc4b788a48011be82c30670e7339", @ANYRES32], 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffffe, [], r6, 0x1fffff}, 0x48) r7 = socket$kcm(0xa, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xf, 0x3}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x890b, &(0x7f0000000000)={r7}) openat$cgroup(0xffffffffffffffff, &(0x7f0000000500)='syz0\x00', 0x200002, 0x0) r8 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3, 0x0, 0x0, 0x0, 0x1cf}, 0x0, 0x0, r4, 0x0) close(r3) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r8, 0x4008240b, &(0x7f0000000040)={0x0, 0x70, 0x6d, 0x0, 0x0, 0x5, 0x0, 0x0, 0x80808, 0x8, 0x7, 0x8000, 0x1, 0x1, 0x391a, 0x40, 0x3c, 0xfffffffffffffff8, 0x0, 0x80000000, 0x80000000, 0xd3c, 0x8001, 0x7, 0x10001, 0x9, 0xffffffffffff7fff, 0xffffffffffffff4b, 0x0, 0x26d0676, 0x86, 0xe8, 0x7, 0xffffffffffffc75b, 0x7f, 0x7, 0x390, 0x7fff, 0x0, 0x4, 0x2, @perf_config_ext={0xffff, 0xfffffffffffffffd}, 0x100, 0xcc, 0x0, 0x7, 0x7, 0x10000, 0xfff}) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x8953, &(0x7f00000011c0)=0x5) unlink(&(0x7f0000000540)='./file0\x00') ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x42) r9 = getpid() setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000b80), 0x4) r10 = perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x3, 0x7, 0x4, 0x3, 0x0, 0xd00d, 0x20, 0x1, 0x6, 0x5, 0x1, 0x10000, 0x80000001, 0x2, 0x6, 0xffffffffffffff7f, 0x4, 0x7ff, 0x2, 0x0, 0x1000, 0x8, 0x1, 0x0, 0x10001, 0x9, 0x5, 0x5, 0x0, 0x0, 0x1ff, 0x5, 0x81, 0xa11, 0x68, 0x4, 0x0, 0xfffffffffffffe28, 0x1, @perf_bp={&(0x7f0000000280), 0xf}, 0x12, 0xfffffffffffffe01, 0x7f, 0x0, 0x0, 0x9, 0x4}, r9, 0x4, r8, 0x8) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40286608, 0x1) r11 = socket$kcm(0x2, 0x3, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='/\x02roup.stap\x00'}, 0x10) ioctl$PERF_EVENT_IOC_ID(r10, 0x80082407, &(0x7f0000000580)) ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000700)={'team0\x00\x00\x00\x00\x00\x00\x00\xf7\x00', @broadcast}) 12:20:41 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0xe}, 0x2c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r0, 0x28, &(0x7f0000000080)}, 0x10) r1 = socket$kcm(0xa, 0x2, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, 0x0, 0x0}, 0x20) setsockopt$sock_attach_bpf(r1, 0x29, 0x14, &(0x7f0000000080), 0x301) 12:20:41 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x26e, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f000000ac80), 0x400000000000302, 0x4008800) ptrace$setregset(0x4205, 0x0, 0x205, &(0x7f0000000240)={&(0x7f0000000200)}) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f00000001c0)) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f00000003c0)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x0, 0x0, 0xff}, 0x20) 12:20:41 executing program 3: timer_create(0x0, 0x0, &(0x7f0000000500)) timer_delete(0x0) [ 643.434849] device team0 entered promiscuous mode [ 643.439799] device team_slave_0 entered promiscuous mode [ 643.445737] device team_slave_1 entered promiscuous mode 12:20:41 executing program 0: 12:20:42 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x24200, 0x0) execveat(r0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000300)='/proc/capi/capi20ncci\x00', &(0x7f0000000340)='/dev/vhci\x00', &(0x7f0000000380)='\x00'], &(0x7f0000000500)=[&(0x7f0000000400)='.\xe7\x00', &(0x7f0000000440)='^trustedcgroup\x00', &(0x7f0000000480)='/proc/capi/capi20ncci\x00', &(0x7f00000004c0)='/dev/vhci\x00'], 0x1100) unshare(0x4000000) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) getresuid(&(0x7f00000000c0), &(0x7f0000000200), &(0x7f0000000240)) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r1}, 0x2c) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x20200, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f0000000180)={'mangle\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 12:20:42 executing program 4: 12:20:42 executing program 2: 12:20:42 executing program 3: 12:20:42 executing program 0: 12:20:42 executing program 3: 12:20:42 executing program 4: 12:20:42 executing program 0: 12:20:42 executing program 2: 12:20:42 executing program 5: 12:20:42 executing program 3: 12:20:42 executing program 4: 12:20:42 executing program 1: setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180), 0x4) r0 = shmat(0xffffffffffffffff, &(0x7f0000ffb000/0x2000)=nil, 0x6000) shmdt(r0) unshare(0x28020400) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/autofs\x00', 0x800, 0x0) write$P9_RRENAMEAT(r3, &(0x7f00000002c0)={0x7, 0x4b, 0x2}, 0x7) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/103, 0x67}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r1}, 0x2c) r4 = socket$caif_stream(0x25, 0x1, 0x3) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000240)={r5, 0x26, 0x6}, 0x8) r6 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f00000000c0)=0xea30b21b86efd0db, 0x4) 12:20:42 executing program 2: 12:20:42 executing program 0: 12:20:42 executing program 3: 12:20:42 executing program 4: 12:20:42 executing program 5: 12:20:43 executing program 4: 12:20:43 executing program 3: 12:20:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000180)={{}, {0x20000000304, @link_local}, 0x4, {0x2, 0x0, @local}, '\x00\x00\x00\x00\x01\x00\x00\x01\x00'}) 12:20:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x1c, r2, 0x5, 0x0, 0x0, {{}, 0x0, 0x4102}}, 0x1c}}, 0x0) 12:20:43 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 12:20:43 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000007, 0x11, r1, 0x0) ftruncate(0xffffffffffffffff, 0x0) madvise(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x9) [ 645.283318] ================================================================== [ 645.290749] BUG: KMSAN: uninit-value in tipc_nl_compat_doit+0x5b3/0xaf0 [ 645.297531] CPU: 0 PID: 21216 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #2 [ 645.304726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.314094] Call Trace: [ 645.316709] dump_stack+0x173/0x1d0 [ 645.320379] kmsan_report+0x12e/0x2a0 [ 645.324219] __msan_warning+0x82/0xf0 [ 645.328067] tipc_nl_compat_doit+0x5b3/0xaf0 [ 645.332572] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 645.338065] ? ns_capable+0x132/0x1d0 [ 645.341918] tipc_nl_compat_recv+0x14d7/0x2760 [ 645.346559] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 645.351965] ? tipc_nl_bearer_get+0xa10/0xa10 [ 645.356486] ? tipc_nl_compat_doit+0xaf0/0xaf0 [ 645.361112] ? tipc_netlink_compat_stop+0x40/0x40 [ 645.365986] genl_rcv_msg+0x185f/0x1a60 [ 645.370032] ? __msan_poison_alloca+0x1f0/0x2a0 [ 645.374747] netlink_rcv_skb+0x444/0x640 [ 645.378836] ? genl_unbind+0x390/0x390 [ 645.382767] genl_rcv+0x63/0x80 [ 645.386129] netlink_unicast+0xf40/0x1020 [ 645.390350] netlink_sendmsg+0x127f/0x1300 [ 645.394655] ___sys_sendmsg+0xdb9/0x11b0 [ 645.398759] ? netlink_getsockopt+0x1460/0x1460 [ 645.403482] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 645.408898] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 645.414290] ? __fget_light+0x6e1/0x750 [ 645.418339] __se_sys_sendmsg+0x305/0x460 [ 645.422559] __x64_sys_sendmsg+0x4a/0x70 [ 645.426647] do_syscall_64+0xbc/0xf0 [ 645.430416] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 645.435628] RIP: 0033:0x457ec9 [ 645.438842] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 645.457764] RSP: 002b:00007feb364fbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 645.465495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457ec9 [ 645.472800] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 645.480089] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 645.487376] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb364fc6d4 [ 645.494663] R13: 00000000004c4ecc R14: 00000000004d8680 R15: 00000000ffffffff [ 645.501998] [ 645.503636] Uninit was created at: [ 645.507198] kmsan_internal_poison_shadow+0x92/0x150 [ 645.512324] kmsan_kmalloc+0xa6/0x130 [ 645.516137] kmsan_slab_alloc+0xe/0x10 [ 645.520062] __kmalloc_node_track_caller+0xe18/0x1030 [ 645.525282] __alloc_skb+0x309/0xa20 [ 645.529015] netlink_sendmsg+0xb82/0x1300 [ 645.533187] ___sys_sendmsg+0xdb9/0x11b0 [ 645.537279] __se_sys_sendmsg+0x305/0x460 [ 645.541480] __x64_sys_sendmsg+0x4a/0x70 [ 645.545597] do_syscall_64+0xbc/0xf0 [ 645.549332] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 645.554536] ================================================================== [ 645.561902] Disabling lock debugging due to kernel taint [ 645.567365] Kernel panic - not syncing: panic_on_warn set ... [ 645.573281] CPU: 0 PID: 21216 Comm: syz-executor0 Tainted: G B 4.20.0-rc7+ #2 [ 645.581870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.591266] Call Trace: [ 645.593884] dump_stack+0x173/0x1d0 [ 645.597561] panic+0x3ce/0x961 [ 645.600835] kmsan_report+0x293/0x2a0 [ 645.604704] __msan_warning+0x82/0xf0 [ 645.608559] tipc_nl_compat_doit+0x5b3/0xaf0 [ 645.613007] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 645.618489] ? ns_capable+0x132/0x1d0 [ 645.622365] tipc_nl_compat_recv+0x14d7/0x2760 [ 645.626999] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 645.632400] ? tipc_nl_bearer_get+0xa10/0xa10 [ 645.636926] ? tipc_nl_compat_doit+0xaf0/0xaf0 [ 645.641578] ? tipc_netlink_compat_stop+0x40/0x40 [ 645.646477] genl_rcv_msg+0x185f/0x1a60 [ 645.650527] ? __msan_poison_alloca+0x1f0/0x2a0 [ 645.655259] netlink_rcv_skb+0x444/0x640 [ 645.659353] ? genl_unbind+0x390/0x390 [ 645.663291] genl_rcv+0x63/0x80 [ 645.666603] netlink_unicast+0xf40/0x1020 [ 645.670924] netlink_sendmsg+0x127f/0x1300 [ 645.675177] ___sys_sendmsg+0xdb9/0x11b0 [ 645.679257] ? netlink_getsockopt+0x1460/0x1460 [ 645.683938] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 645.689324] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 645.694701] ? __fget_light+0x6e1/0x750 [ 645.698701] __se_sys_sendmsg+0x305/0x460 [ 645.702866] __x64_sys_sendmsg+0x4a/0x70 [ 645.706936] do_syscall_64+0xbc/0xf0 [ 645.710678] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 645.715858] RIP: 0033:0x457ec9 [ 645.719042] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 645.737959] RSP: 002b:00007feb364fbc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 645.745710] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457ec9 [ 645.752984] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 645.760255] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 645.767528] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb364fc6d4 [ 645.774798] R13: 00000000004c4ecc R14: 00000000004d8680 R15: 00000000ffffffff [ 645.783018] Kernel Offset: disabled [ 645.786646] Rebooting in 86400 seconds..