00000ca [ 395.114496] EntryControls=0000d1ff ExitControls=002fefff [ 395.119969] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 395.126876] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 395.133583] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 395.140200] reason=80000021 qualification=0000000000000000 [ 395.146503] IDTVectoring: info=00000000 errcode=00000000 [ 395.151982] TSC Offset = 0xffffff2abeaed4a7 10:22:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x8000, 0x0) ioctl$VIDIOC_DQEVENT(r3, 0x80885659, &(0x7f0000000080)={0x0, @frame_sync}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="942d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000) 10:22:16 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:16 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x2}}) 10:22:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xe7ffffffffffffff, [], @raw_data}) 10:22:16 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x8000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 395.156324] EPT pointer = 0x00000001ba5f301e 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x100000000000000}}) [ 395.213450] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xe7ff, [], @raw_data}) 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x600, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 395.329620] QAT: Invalid ioctl 10:22:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x200000000000000}}) [ 395.418179] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 395.695799] QAT: Invalid ioctl 10:22:17 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0x6d, 0x1, 0x7fffffff, "38b841f31b6694132a0d54538c920216", "c14b79315879af7e6981b660f0e7e7a910705c6a4171a6fdd5bca40aa9b859af8d32a2fa1a2346b5cd00e4d8f13589d4b904f93db3adc7e4ed53af6fd28958974a509a59848fec10a7fe9049aed940d863d08c8734bf4cd5"}, 0x6d, 0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x200) 10:22:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xfdfdffff00000000, [], @raw_data}) 10:22:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x2000000}}) 10:22:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7400, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 395.823762] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xfdfdffffffffffff, [], @raw_data}) 10:22:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x1000000}}) [ 395.926523] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x100000) 10:22:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x200000000000000, [], @raw_data}) [ 396.038076] *** Guest State *** 10:22:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 396.060883] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x2000000}}) [ 396.109418] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 396.125945] CR3 = 0x0000000000000000 [ 396.130202] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 396.136378] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:22:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x1000000, [], @raw_data}) [ 396.153379] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 10:22:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x200000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 396.191967] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 396.227136] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) [ 396.259415] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.279066] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 396.287087] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.374133] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.396888] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 396.424117] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 396.433196] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 396.447679] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 396.461557] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 396.468016] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 396.475935] Interruptibility = 00000000 ActivityState = 00000000 [ 396.482710] *** Host State *** [ 396.486498] RIP = 0xffffffff81223c27 RSP = 0xffff8881c1f1f350 [ 396.493656] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 396.500252] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 396.508048] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 396.513998] CR0=0000000080050033 CR3=00000001be2b1000 CR4=00000000001426f0 [ 396.521328] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 396.527993] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 396.534234] *** Control State *** [ 396.537688] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 396.544389] EntryControls=0000d1ff ExitControls=002fefff [ 396.549934] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 396.556848] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 396.563573] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 396.570193] reason=80000021 qualification=0000000000000000 [ 396.576496] IDTVectoring: info=00000000 errcode=00000000 [ 396.582041] TSC Offset = 0xffffff29d0fbd0ba [ 396.586360] EPT pointer = 0x00000001cda6c01e [ 396.639260] *** Guest State *** [ 396.642791] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 396.652205] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 396.661131] CR3 = 0x0000000000000000 [ 396.664854] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 396.671130] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 396.677120] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 396.683860] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 396.691990] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.700022] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.708043] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 396.716087] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.724108] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 396.732136] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 396.740159] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 396.748134] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 396.756238] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 396.764266] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 396.770759] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 396.778199] Interruptibility = 00000000 ActivityState = 00000000 [ 396.784485] *** Host State *** [ 396.787679] RIP = 0xffffffff81223c27 RSP = 0xffff888186cc7350 [ 396.793714] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 396.800151] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 396.807943] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 396.813869] CR0=0000000080050033 CR3=00000001be2b1000 CR4=00000000001426f0 [ 396.821022] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 396.827679] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 396.833956] *** Control State *** 10:22:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x80000, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000080)={0x0, 0xfffffffffffffffc}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000100)={r4, @in6={{0xa, 0x4e23, 0x401, @loopback, 0x8}}, 0x6b11, 0x5b, 0xffffffff, 0xe293, 0x7}, &(0x7f00000001c0)=0x98) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc000000000000) 10:22:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xfdfdffff, [], @raw_data}) 10:22:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 396.837419] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 396.844125] EntryControls=0000d1ff ExitControls=002fefff [ 396.849608] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 396.856524] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 396.863241] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 396.869856] reason=80000021 qualification=0000000000000000 [ 396.876157] IDTVectoring: info=00000000 errcode=00000000 [ 396.881681] TSC Offset = 0xffffff29d0fbd0ba [ 396.886011] EPT pointer = 0x00000001cda6c01e 10:22:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xfdfd, [], @raw_data}) 10:22:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 397.104375] *** Guest State *** 10:22:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 397.129551] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 397.191582] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 397.216422] CR3 = 0x0000000000000000 [ 397.229013] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 397.235192] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 397.253136] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 397.260842] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 397.278902] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 397.292520] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 397.303426] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 397.318701] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 397.327012] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 397.336120] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 397.344192] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 397.352194] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 397.360211] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 397.368195] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 397.374780] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 397.382285] Interruptibility = 00000000 ActivityState = 00000000 [ 397.388593] *** Host State *** [ 397.391923] RIP = 0xffffffff81223c27 RSP = 0xffff888186cc7350 [ 397.397902] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 397.404393] FSBase=00007f5bb4337700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 397.412262] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 397.418146] CR0=0000000080050033 CR3=000000018888a000 CR4=00000000001426e0 [ 397.425227] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 397.431925] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 397.437984] *** Control State *** [ 397.441508] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 397.448170] EntryControls=0000d1ff ExitControls=002fefff 10:22:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xffe7, [], @raw_data}) 10:22:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe0) 10:22:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x40000, 0x0) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x0, 0x4) ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000140)) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000000000900080000000000000008000040000000000200000000070000"]) 10:22:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x500000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 397.453669] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 397.460629] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 397.467286] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 397.473917] reason=80000021 qualification=0000000000000000 [ 397.480261] IDTVectoring: info=00000000 errcode=00000000 [ 397.485717] TSC Offset = 0xffffff294337f4e8 [ 397.490116] EPT pointer = 0x00000001ba3eb01e 10:22:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xe7, [], @raw_data}) 10:22:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x1000000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x5) 10:22:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x2, [], @raw_data}) 10:22:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x2000000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xfffffffffffffdfd, [], @raw_data}) 10:22:20 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xf) 10:22:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl(r0, 0xffffffff, &(0x7f0000000080)="6644715a47cf295faabef6cfe8dadb7f9adb25fd339477663097c4e3373548223f07c2ec905b21e2b494317f3d2c315b7da02d7e3807044076c6213aa243caf9b6b944e8250a686f2903a8bdc59c95f3fd94972b2e7268d56afdafa3dc001aab9d4cd12ef591cb74b7310a62f599df33e2642d7b43f5df930ade7654d57edb6e83b372e82d99b5daa0ce6999cb15b7a51c55ab4870fc0eb27a4dd1a57d3af301c1e2284a8c72405942113a4ab5a52f65b390db86513046b38f7f0fa01b4c54a326efe03903e5136947466489ba67258d62afe743409e0f68c7b611a1") 10:22:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xfffff000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xffffffe7, [], @raw_data}) 10:22:20 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4c000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 398.386545] *** Guest State *** [ 398.390856] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 398.413134] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 398.460957] CR3 = 0x0000000000000000 10:22:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x2000000, [], @raw_data}) [ 398.481944] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 398.506548] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 398.523555] validate_nla: 9 callbacks suppressed 10:22:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x40000000000) 10:22:20 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 398.523566] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 398.525340] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 398.561131] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 10:22:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x60000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 398.601624] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 398.628395] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) [ 398.664624] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 398.685888] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 398.694723] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 398.739476] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 398.767717] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 398.777787] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 398.797523] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 398.819254] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 398.832843] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 398.839841] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 398.847300] Interruptibility = 00000000 ActivityState = 00000000 [ 398.853871] *** Host State *** [ 398.857087] RIP = 0xffffffff81223c27 RSP = 0xffff8881d2d7f350 [ 398.863142] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 398.869678] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 398.877496] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 398.884196] CR0=0000000080050033 CR3=00000001830f0000 CR4=00000000001426e0 [ 398.891281] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 398.897955] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 398.904120] *** Control State *** [ 398.907577] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 398.914473] EntryControls=0000d1ff ExitControls=002fefff [ 398.920021] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 398.926950] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 398.933681] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 398.940290] reason=80000021 qualification=0000000000000000 [ 398.946595] IDTVectoring: info=00000000 errcode=00000000 [ 398.952081] TSC Offset = 0xffffff288cd8aafd [ 398.956560] EPT pointer = 0x00000001b39fb01e [ 398.999133] *** Guest State *** [ 399.002561] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 399.014260] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 399.023231] CR3 = 0x0000000000000000 [ 399.026968] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 399.033002] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 399.039012] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 399.045673] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 399.053698] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.061728] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.069763] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 399.077738] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.085756] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.093766] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 399.101775] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 399.109840] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 399.117812] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 399.125853] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 399.132791] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 399.140282] Interruptibility = 00000000 ActivityState = 00000000 [ 399.146510] *** Host State *** [ 399.149747] RIP = 0xffffffff81223c27 RSP = 0xffff888186357350 [ 399.155729] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 399.162308] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 399.170129] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 399.176013] CR0=0000000080050033 CR3=00000001830f0000 CR4=00000000001426f0 [ 399.183080] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 399.189770] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 399.195807] *** Control State *** [ 399.199298] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 399.205970] EntryControls=0000d1ff ExitControls=002fefff [ 399.211466] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 399.218391] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 399.225104] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 399.231710] reason=80000021 qualification=0000000000000000 [ 399.238108] IDTVectoring: info=00000000 errcode=00000000 [ 399.243611] TSC Offset = 0xffffff288cd8aafd 10:22:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000040)=""/75, &(0x7f00000000c0)=0x4b) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:21 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0xe7ffffff, [], @raw_data}) 10:22:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7a000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 10:22:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 399.247942] EPT pointer = 0x00000001b39fb01e 10:22:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) [ 399.310211] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfdfdffff00000000], @raw_data}) 10:22:21 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) [ 399.480448] *** Guest State *** 10:22:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) [ 399.510567] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 399.535571] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 399.554934] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 399.583770] CR3 = 0x0000000000000000 [ 399.599752] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 399.618874] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 399.629335] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 399.636671] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 399.655705] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.679217] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.691696] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 399.700610] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.708804] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 399.717118] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 399.730540] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 399.740403] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 399.748511] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 399.756755] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 399.763456] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 399.770953] Interruptibility = 00000000 ActivityState = 00000000 [ 399.777183] *** Host State *** [ 399.780415] RIP = 0xffffffff81223c27 RSP = 0xffff88817e3ef350 [ 399.786398] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 399.793671] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 399.802125] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 399.808017] CR0=0000000080050033 CR3=00000001ccd6b000 CR4=00000000001426f0 [ 399.815130] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 399.821829] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 399.827888] *** Control State *** [ 399.831384] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 399.838069] EntryControls=0000d1ff ExitControls=002fefff [ 399.843590] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 399.850607] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 399.857280] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 399.863949] reason=80000021 qualification=0000000000000000 [ 399.870312] IDTVectoring: info=00000000 errcode=00000000 [ 399.875745] TSC Offset = 0xffffff27facb320e [ 399.880125] EPT pointer = 0x00000001c140601e [ 399.939151] *** Guest State *** [ 399.942472] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 399.951500] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 [ 399.960410] CR3 = 0x0000000000002000 [ 399.964139] PDPTR0 = 0x0000000080000000 PDPTR1 = 0x0000000000000000 [ 399.970949] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000100000001 [ 399.977453] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 399.983504] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 399.989524] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 399.996177] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 400.004214] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 400.012223] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 400.020245] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 400.028227] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 400.036252] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 400.044263] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 400.053464] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 400.061564] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 400.069694] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 400.077662] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 400.077675] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 400.077686] Interruptibility = 00000000 ActivityState = 00000000 [ 400.077694] *** Host State *** [ 400.091649] RIP = 0xffffffff81223c27 RSP = 0xffff88817c2e7350 [ 400.091671] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 400.091684] FSBase=00007f5bb4316700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 400.121335] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 400.127231] CR0=0000000080050033 CR3=00000001ccd6b000 CR4=00000000001426e0 [ 400.134344] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 400.141045] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 400.147210] *** Control State *** [ 400.150705] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 400.157382] EntryControls=0000d1ff ExitControls=002fefff [ 400.162878] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 400.169860] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 400.176519] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 400.183958] reason=80000021 qualification=0000000000000000 10:22:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000000)=0x4) 10:22:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x200000000000000], @raw_data}) 10:22:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:21 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6c00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) [ 400.190457] IDTVectoring: info=00000000 errcode=00000000 [ 400.195913] TSC Offset = 0xffffff27facb320e [ 400.200302] EPT pointer = 0x00000001c140601e [ 400.248956] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfdfd], @raw_data}) 10:22:22 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x48, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 10:22:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x200000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000080)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:22 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x2000000], @raw_data}) [ 400.491623] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf00000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x100000000000000], @raw_data}) 10:22:22 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff25f8ff68c205f8db773e51051a55b0569296dc579c370635f6af0100b82bc2521b9bc9471f606773f7cf698ae38d741a88b0ba3d9f47922a352bec30a7c6979d7c58a63c922157933547795d828d31b784ebeffc45a3788e48d0b23874ffbf16ab795eae19bb86"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 400.681982] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x40030000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe803) 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:22 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfdfdffffffffffff], @raw_data}) [ 400.909410] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:22 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4c00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x1000000], @raw_data}) 10:22:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x2000) [ 401.111223] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80000, 0x0) recvmmsg(r3, &(0x7f0000000bc0)=[{{&(0x7f0000000080), 0x80, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/119, 0x77}, {&(0x7f0000000180)=""/38, 0x26}], 0x2, &(0x7f0000000200)=""/178, 0xb2}, 0x1}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000440)=""/253, 0xfd}, {&(0x7f0000000380)=""/86, 0x56}, {&(0x7f0000000540)=""/120, 0x78}, {&(0x7f00000005c0)=""/211, 0xd3}], 0x4, &(0x7f0000000700)=""/92, 0x5c}, 0x3}, {{&(0x7f0000000780)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000900)=""/146, 0x92}, {&(0x7f00000009c0)=""/173, 0xad}, {&(0x7f0000000800)=""/83, 0x53}], 0x3, &(0x7f0000000ac0)=""/239, 0xef}, 0x7fffffff}], 0x3, 0x40000020, &(0x7f0000000c80)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) setsockopt$inet_group_source_req(r3, 0x0, 0x2f, &(0x7f0000000cc0)={0x5, {{0x2, 0x4e22, @loopback}}, {{0x2, 0x4e24, @multicast2}}}, 0x108) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r0, 0xae80, 0x0) 10:22:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xe7], @raw_data}) 10:22:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x60, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:23 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x6) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) [ 401.511188] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfffffdfd], @raw_data}) 10:22:23 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 10:22:23 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff2500ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x10, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfffffffffffffdfd], @raw_data}) 10:22:23 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6800000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xffffffffffffffe7], @raw_data}) 10:22:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x700) 10:22:23 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x48000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'veth1_to_bond\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="11fe55a4000000002d75a3fb2c46a68dfe613d3d2d92720d612698513d7db7c29455a6f5744533d79e2584149bcd58e6f4296e8e74f8dcb7af12aa91e800d2ee0632fc184000c9e6f5d3d9a0d3b7f3cdec33bc86e2fd17efdbb0dd7b052b7179929d6d4d4d5364afe467373f7ccd275eed2d633dd9e118deee7a3da3509ec8b10f65e39781d59835820c5efc02fd0916"]}) close(r4) close(0xffffffffffffffff) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xe7ffffffffffffff], @raw_data}) 10:22:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x74000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:24 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 10:22:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:24 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xffffffe7], @raw_data}) [ 402.595311] *** Guest State *** 10:22:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) [ 402.619224] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 402.652013] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 10:22:24 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 402.689177] CR3 = 0x0000000000000000 [ 402.693156] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 402.719457] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 402.750611] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 402.782723] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 402.816305] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 402.824611] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 402.840280] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 402.858679] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 402.869390] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 402.877651] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 402.885823] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 402.894025] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 402.902050] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 402.910156] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 402.916549] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 402.924060] Interruptibility = 00000000 ActivityState = 00000000 [ 402.930324] *** Host State *** [ 402.933508] RIP = 0xffffffff81223c27 RSP = 0xffff88817be77350 [ 402.939613] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 402.946022] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 402.953878] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 402.959821] CR0=0000000080050033 CR3=00000001ba4ae000 CR4=00000000001426f0 [ 402.966933] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 402.973788] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 402.979907] *** Control State *** [ 402.983353] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 402.990066] EntryControls=0000d1ff ExitControls=002fefff [ 402.995539] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 403.002614] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 403.009310] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 403.015895] reason=80000021 qualification=0000000000000000 [ 403.022267] IDTVectoring: info=00000000 errcode=00000000 [ 403.027718] TSC Offset = 0xffffff265172abe4 [ 403.032099] EPT pointer = 0x00000001b04e001e 10:22:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6c, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xfdfdffff], @raw_data}) 10:22:24 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000000)={0x4000, 0x3}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="882d31283e444c7da13d5580c86aa816fdff2557040d9120ef92cbd2543d432df874ea900100233fae11c71f4d730008000000000000611ec13c46f240b0224616083814200a42e108c7104388c81d7bf0207e31d9a8"], 0x1}}, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, 0x0}) r5 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x80, 0x101000) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd1b, 0xe3000000000000, 0x40, 0x6, 0x0, 0x7, 0x40842, 0xa, 0xffffffffffffff7f, 0x1, 0xff, 0x0, 0x7ff, 0xfffffffffffffffd, 0x7fff, 0x4, 0x3, 0x6, 0x401, 0x8000, 0x9, 0x7, 0x6, 0x8, 0x1, 0x8, 0x7fffffff, 0x7ff, 0x390, 0x7f, 0xfffffffffffffffb, 0xfffffffffffff398, 0x2, 0x3, 0x5, 0x8a53, 0x0, 0xffffffffffffffff, 0x7, @perf_config_ext={0x7fff, 0x875}, 0x10, 0x7, 0x80000000, 0x5, 0x8, 0x401, 0x6}, r4, 0xa, r5, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000000440)={"7aa87cbaf4f8e2dd206cda7d420f367c2a90d99201d496e8b5bd7be4fe9df217997db14a8f0333b0f261399c1c89c6e6f9a31ae1b9cef1b2fac6a56048fcb2b1c50fe0cc28f2e35f85f4ad6a0bd185f95250d14e9128fa85eb8ef52c4e785c51df9cbf11ae3be6e10cdeed2a31b57851b6398c48fe8b8682199b24969c227f7bc9eac1765763b42ab3e8348a9e4d06912f87949aa7dfdfde6713914e4515c3b39e4ecf25edf5a16e5e7ab86f9d320193d953381fb5ce6df67922af7b24dcd4620cf966df7f51d2da8d10e5eebb18d35346c0e1b0db6d139366e93a2b90317575f008c08ec42b4b8fc8a26ce6dc0a6c1b337de805cb7f72264aa053a7a5a12586a7e1f073ca23290d8209b710568ebcf8897d86d3780d8de983b5da311b25087722cc7282e83a0e307e02fdfb445aca22fb18a368469bf4a9a28857611749f19405163e4d2c79ab21eca26bdae081f4908411f977025f92ba0d263803b8ed8500e0b26af7e406f0dfd97c3e28097e59f7c6b76d823bfca9cbd536ee76e4fe8a5cb08b848425ce8fff8491878008b1a3d9bb10d1f13b330bb89e6bdb97b410a6b135b60c7e9266add72865ed67af6aaeb9e4b09acdcea2700d4e2885d497b16b835c8dfc1db0c3a2d6438a984de603d8653d8f285b05350dde57689c8863644788f8d935c47775d45d3ebf5b764f707424f42b5f2c1b14cc3e9e7287aa1a83b003cd7035a083e549b759c098bf02750fb19f390cdd95c04903b4f4f6a885bca7199c6078db091dfa39805ea743f580af2ca02fba0599f5f551a061e1fe5152f238a5e4624b0e9416d02f66fbc12153dcaa4b34942421b9334a3117915b9f8b2e6f3900cbee70e53db327e7a47b12ef69af91ba456bcb7befa69d55613dc6fc95f2757701fc866ead9c2d0fd20a00aae584ffcb6c3e5316818ac529f1cf7dbb6368e89bdcf9e31f9291ac4bd5e7693909f80207049da68cec99651d913cdf0cbb8e56a3c24909b5837cec3b53b689100321bce9d6fba93746bc726721356f657fa150ff0580bfba60c1c68bf33bd569f676108c73dda356543b71d00ea08b13231272c3514d22bd832bb856e225dd1c168a56058fea6ff1dcc2da093bbd9bd6d71cab06198b2f689bd7149ae3b1c1580fedda7e1153491db16022bb8a37756af59f3561bd7f30e485bdf30c48be09bd6e26b58eea2ecb80bb6071820ea16246d9848b3ba75f474bc7b553e928e8ea5c84b7ecbfd444fcfecec0680219bfa01a668b7c043d2da5daab6ea89a50a597911f900b18df48977b1850248570ea54f13fea9a3e1999b8fe386d2c3104d250714be779e213df5976daa0b8e54f8dd5ee3aeaab6cfee9a4976bc616a4459bba39048245c326fd46b28059b2dbb238b5136cb3ad416dfcca3936cb4ef9e729e6123e3ab221f041b3cb72fe2ca223a74b7b1b2b"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000) 10:22:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xe7ffffff], @raw_data}) 10:22:24 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xffffff7f00000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffffffffffff) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xffe7], @raw_data}) 10:22:25 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf0ffffffffffff, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) [ 403.548447] validate_nla: 8 callbacks suppressed [ 403.548456] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x2, 0x2) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x21000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r3, 0x14, 0x70bd2b, 0x25dfdbfc, {{}, 0x0, 0x4109, 0x0, {0x14, 0x18, {0x1, @bearer=@l2={'ib', 0x3a, 'erspan0\x00'}}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0xc0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) bind$vsock_dgram(r2, &(0x7f0000000200)={0x28, 0x0, 0xa4e6f9c687ee3ef0, @hyper}, 0x10) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="8804acf88ac9c5756e64eeddaeb9854bfc320f"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:22:25 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x2], @raw_data}) 10:22:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x18000000) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4000000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0xe7ff], @raw_data}) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:25 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) [ 403.919125] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:25 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x2000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) [ 404.124174] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x400000101200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff7ff8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) socket$inet6(0xa, 0x3, 0x6) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000800)=ANY=[@ANYBLOB="47beacd6eaffe1a74f69669fc2cffaa20a94b112c7ebc976c74442c72e5a9f9c3bb2206101cd5344885b5784fba7744ecd822b62653a408b134036df9c9457f696ab1807e792e62714e7e0605d7c16208a5438e300a94a8e003a9a440f4520ea83dbe9d71faf70a8a2549d7ef081d01b07349564fbc88b52cc3a07f58e9de6feccda24b93bfd8ae9bbb450e2532c52be150a4b11d7c2f52537d3faf9fa7df8fe2c2ea4d6694026960ab967ddc0a20a0d507f352793f891c8bc8c76b950caddd04f222b19aab3d8d38508e5e62822581c726c940ad87c19a069f12682801fd360010fa5d583fd14a92f91eadc2f53dd586f4c5038f221d3f75340"]) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8) r3 = syz_open_dev$sndpcmp(&(0x7f0000000580)='/dev/snd/pcmC#D#p\x00', 0x0, 0x42000) ioctl$TCGETS(r3, 0x5401, &(0x7f0000000640)) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f00000004c0), 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x80000, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x80e85411, &(0x7f00000005c0)=""/98) sched_setaffinity(0x0, 0xffffffffffffffd9, &(0x7f0000000280)) socket$xdp(0x2c, 0x3, 0x0) r5 = socket$inet6(0xa, 0x400000000001, 0x0) close(r5) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000380)={@dev}, &(0x7f0000000540)=0x14) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x80, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x5002}) ioctl$BLKGETSIZE(r7, 0x1260, &(0x7f0000000500)) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000100)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="2800000010005fba000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="03000000000000000800650400000000"], 0x28}}, 0x0) r9 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r9, 0x2007fff) ioctl$TIOCSPGRP(r6, 0x5410, &(0x7f0000000000)) 10:22:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xe7ffffffffffffff], @raw_data}) 10:22:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) 10:22:26 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x1000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) [ 404.537568] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0x1000000], @raw_data}) 10:22:26 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 10:22:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf0ffffff, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) [ 404.773960] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xff, 0x208040) write$P9_RMKDIR(r3, &(0x7f0000000080)={0x14, 0x49, 0x2, {0x0, 0x2, 0x1}}, 0x14) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={0xffffffffffffffff}, 0x106, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r3, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {&(0x7f00000000c0), r4, 0x2}}, 0x18) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000240)={0x3, r3}) 10:22:26 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xe7ff], @raw_data}) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffff) 10:22:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x74, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xffffffffffffffe7], @raw_data}) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:26 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) [ 405.043899] *** Guest State *** [ 405.074401] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 405.093023] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0x100000000000000], @raw_data}) [ 405.132713] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 405.149898] CR3 = 0x0000000000000000 [ 405.165616] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 10:22:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xfffffffffffff000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) [ 405.197021] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 405.207653] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 405.257435] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 405.270509] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 405.291522] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.334272] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.349071] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 405.357100] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.405199] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.416581] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 405.424827] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 405.433402] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 405.441611] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 405.450364] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 405.456904] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 405.464552] Interruptibility = 00000000 ActivityState = 00000000 [ 405.471089] *** Host State *** [ 405.474405] RIP = 0xffffffff81223c27 RSP = 0xffff88817c0bf350 [ 405.480591] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 405.487122] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 405.495236] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 405.501326] CR0=0000000080050033 CR3=00000001ccd72000 CR4=00000000001426f0 [ 405.508462] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 405.515282] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 405.521515] *** Control State *** [ 405.525093] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 405.531912] EntryControls=0000d1ff ExitControls=002fefff [ 405.537485] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 405.544586] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 405.551429] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 405.558128] reason=80000021 qualification=0000000000000000 [ 405.564610] IDTVectoring: info=00000000 errcode=00000000 [ 405.570230] TSC Offset = 0xffffff250073cfc2 [ 405.574769] EPT pointer = 0x00000001b9b1501e [ 405.587877] *** Guest State *** [ 405.591333] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 405.600213] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 405.609141] CR3 = 0x0000000000000000 [ 405.612858] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 405.618893] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 405.624900] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 405.632990] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 405.641070] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.649226] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.657343] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 405.665383] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.673389] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 405.681396] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 405.689492] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 405.697453] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 405.705501] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 405.713601] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 405.720059] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 405.727516] Interruptibility = 00000000 ActivityState = 00000000 [ 405.733795] *** Host State *** [ 405.736989] RIP = 0xffffffff81223c27 RSP = 0xffff88817c0bf350 [ 405.743037] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 405.749484] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 405.757267] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 405.763195] CR0=0000000080050033 CR3=00000001ccd72000 CR4=00000000001426f0 [ 405.770359] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 405.777015] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 405.783129] *** Control State *** [ 405.786577] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 405.793287] EntryControls=0000d1ff ExitControls=002fefff [ 405.798793] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 10:22:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x1, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f00000000c0)={0x29, &(0x7f0000000080)="afa1dc3773cb38ad0ea04032380d9afa4bf8ed29f8b9d4bf0e3e3cd24261e87d18a48b77de1fcc5d6a"}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="882d3116fdff25f8ff2486747f885123033a77e1f6e584ebaeaa1338d3125be8bd4661e2b18102760478d93b82efa5081fbb12f6514938dccb899b0f7a8b5d20a2476982cdb043a7ac2fc70cd5d81bd09073bfdf04af3cd4964ce7e45b4a0878034f32e09aecc4bbe377a149b05b51c5eb8551dab74219d05bd2713d0c1603667c56a5f7c76c0674ccfb947a6aad6b40ada5620ed2062409b53eaebb9e6f97b7b6193ada6e330c743d6e7166fc0c9e19e7e31162fc7ff3870712"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:27 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc0000) 10:22:27 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xe7], @raw_data}) 10:22:27 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:27 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x300, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 405.805715] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 405.812423] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 405.819037] reason=80000021 qualification=0000000000000000 [ 405.825343] IDTVectoring: info=00000000 errcode=00000000 [ 405.830827] TSC Offset = 0xffffff250073cfc2 [ 405.835154] EPT pointer = 0x00000001b9b1501e 10:22:27 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:27 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfdfdffff], @raw_data}) 10:22:27 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) [ 405.916666] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 405.927671] Unknown ioctl 1074816016 10:22:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xffffffffffffffe0) 10:22:27 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x500, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:27 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) [ 406.155478] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 406.418333] Unknown ioctl 1074816016 10:22:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x10880, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000080), r2, 0x0, 0x1, 0x4}}, 0x20) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = semget$private(0x0, 0x0, 0x48c) semop(r5, &(0x7f0000000180)=[{0x4, 0x9, 0x1000}, {0x1}, {0x4, 0x1, 0x1000}, {0x5, 0x3c, 0x800}, {0x3, 0x9, 0x1000}, {0x1, 0x4}], 0x6) 10:22:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfdfd], @raw_data}) 10:22:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:28 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x9effffff00000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x18) [ 406.516013] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0x2], @raw_data}) 10:22:28 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x600000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 406.663454] *** Guest State *** 10:22:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x3) 10:22:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfffffffffffffdfd], @raw_data}) [ 406.694412] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 406.729027] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 406.768311] CR3 = 0x0000000000000000 [ 406.795546] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 406.811601] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 406.817969] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 406.836528] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 406.844877] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 406.864912] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 406.883886] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 406.896417] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 406.905118] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 406.913980] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 406.927360] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 406.935599] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 406.943859] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 406.952100] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 406.962433] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 406.970080] Interruptibility = 00000000 ActivityState = 00000000 [ 406.976429] *** Host State *** [ 406.979785] RIP = 0xffffffff81223c27 RSP = 0xffff888180057350 [ 406.985810] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 406.992278] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 407.000120] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 407.006080] CR0=0000000080050033 CR3=00000001baa70000 CR4=00000000001426e0 [ 407.013137] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 407.019857] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 407.025901] *** Control State *** [ 407.029399] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 407.036178] EntryControls=0000d1ff ExitControls=002fefff 10:22:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="03003116fdff250400e06b7db4e5d0b541263604153197c0552342c42167736cf2b95820c6a608eb54329f51ce84fbf6649c95b4af87f9108d6779f06933b7c430e0a08ff66eab7e97938a1f87b4dc1ce4ffa974d5"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:28 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfdfdffff00000000], @raw_data}) 10:22:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x11) [ 407.041699] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 407.048627] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 407.055336] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 407.061980] reason=80000021 qualification=0000000000000000 [ 407.068395] IDTVectoring: info=00000000 errcode=00000000 [ 407.074000] TSC Offset = 0xffffff2424e0f09f [ 407.078320] EPT pointer = 0x00000001c39af01e 10:22:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xffffffe7], @raw_data}) 10:22:28 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6c000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:29 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400900) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r3, 0x534, 0x70bd2b, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x5, 0x9, 0x0, 0x70}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4001}, 0x40001) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000100)=""/72) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000440)={0x200, "f09cdd59d3e450061d40d1a3b17a642058936ff61b78ea7b55ff5b67944fdfac", 0x22, 0xa9a, 0x9, 0x10}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x800, 0x4) sendmsg$TIPC_NL_BEARER_DISABLE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="f9279cd1da150000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) splice(r1, &(0x7f0000000000), r4, &(0x7f0000000080), 0x400, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:22:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0x2000000], @raw_data}) 10:22:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) 10:22:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x400300, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:29 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xffe7], @raw_data}) 10:22:29 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xffffff7f, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 407.846846] *** Guest State *** [ 407.883959] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000) 10:22:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfffffdfd], @raw_data}) [ 407.954694] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 408.007728] CR3 = 0x0000000000000000 [ 408.032277] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 408.057235] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 408.074805] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 408.086976] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 408.117137] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.136314] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.147617] ES: sel=0x002b, attr=0x000f1, limit=0x0000ffff, base=0x0000000000000000 [ 408.161351] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.171019] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.179689] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 408.187838] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 408.196315] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 408.205097] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 408.213523] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 408.220367] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 408.227939] Interruptibility = 00000000 ActivityState = 00000000 [ 408.234634] *** Host State *** [ 408.238154] RIP = 0xffffffff81223c27 RSP = 0xffff888186cc7350 [ 408.244619] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 408.251442] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 408.259575] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 408.265580] CR0=0000000080050033 CR3=00000001c2dc8000 CR4=00000000001426f0 [ 408.273093] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 408.280256] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 408.286447] *** Control State *** [ 408.290654] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 408.297431] EntryControls=0000d1ff ExitControls=002fefff [ 408.303277] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 408.310721] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 408.317539] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 408.324476] reason=80000021 qualification=0000000000000000 [ 408.331204] IDTVectoring: info=00000000 errcode=00000000 10:22:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x3e3, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x400) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:30 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0x200000000000000], @raw_data}) 10:22:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) [ 408.336885] TSC Offset = 0xffffff237df30318 [ 408.341639] EPT pointer = 0x00000001c508701e 10:22:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xfdfdffffffffffff], @raw_data}) 10:22:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:30 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 408.492092] *** Guest State *** [ 408.505968] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 408.569949] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 408.602295] CR3 = 0x0000000000000000 [ 408.614451] validate_nla: 7 callbacks suppressed 10:22:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 10:22:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) [ 408.614459] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 408.628966] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 408.636965] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 408.678816] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 408.713498] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 408.744932] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.762737] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.784591] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 408.792873] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.821321] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 408.832404] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 408.841723] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 408.853837] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 408.862390] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 408.870721] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 408.877311] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 408.885183] Interruptibility = 00000000 ActivityState = 00000000 [ 408.891459] *** Host State *** [ 408.894673] RIP = 0xffffffff81223c27 RSP = 0xffff8881b334f350 [ 408.900806] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 408.907216] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 408.915075] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 408.921009] CR0=0000000080050033 CR3=00000001c2dc8000 CR4=00000000001426e0 [ 408.928011] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 408.935440] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 408.941869] *** Control State *** [ 408.945327] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 408.952053] EntryControls=0000d1ff ExitControls=002fefff [ 408.957622] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 408.964601] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 408.971323] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 408.978004] reason=80000021 qualification=0000000000000000 [ 408.984358] IDTVectoring: info=00000000 errcode=00000000 [ 408.989867] TSC Offset = 0xffffff2325298f3b [ 408.994209] EPT pointer = 0x00000001b2de201e [ 409.051924] *** Guest State *** [ 409.056138] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 409.065224] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 409.074157] CR3 = 0x0000000000000000 [ 409.077901] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 409.083934] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 409.089960] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 409.096640] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 409.104670] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 409.112710] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 409.120767] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 409.128792] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 409.136757] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 409.144773] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 409.152801] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 409.160891] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 409.168945] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 409.176913] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 409.183489] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 409.191091] Interruptibility = 00000000 ActivityState = 00000000 [ 409.197300] *** Host State *** [ 409.200659] RIP = 0xffffffff81223c27 RSP = 0xffff8881be6cf350 [ 409.206647] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 409.213331] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 409.221195] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 409.227071] CR0=0000000080050033 CR3=00000001c2dc8000 CR4=00000000001426f0 [ 409.234158] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 409.241004] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 409.247056] *** Control State *** [ 409.250547] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 409.257316] EntryControls=0000d1ff ExitControls=002fefff [ 409.262815] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 409.269905] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 409.276641] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 409.283380] reason=80000021 qualification=0000000000000000 [ 409.289737] IDTVectoring: info=00000000 errcode=00000000 [ 409.295179] TSC Offset = 0xffffff2325298f3b 10:22:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x1e) fstat(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000280)={0x8000, 0x1, 0x3, 0x6ce414f3, 0x0, 0x200}) r5 = getgid() mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='fuse\x00', 0x240400, &(0x7f00000001c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xf000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@allow_other='allow_other'}], [{@permit_directio='permit_directio'}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0) 10:22:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [0x0, 0xe7ffffff], @raw_data}) 10:22:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6c00000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:31 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x500) [ 409.299572] EPT pointer = 0x00000001b2de201e [ 409.343250] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4c00000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:31 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfdfdffff]}) 10:22:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x10) 10:22:31 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 409.553429] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 409.610836] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff21f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x2000000]}) 10:22:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x10000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe0ff) 10:22:31 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000]}}) 10:22:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfdfd]}) 10:22:31 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) [ 410.001975] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xfec00) 10:22:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) [ 410.169390] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="8c2d3100fdffd0a45812da43b1c5167a9277010000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) lseek(r1, 0x0, 0x0) 10:22:32 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xffe7]}) [ 410.239750] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000]}}) 10:22:32 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:22:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xe7]}) [ 410.427382] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) 10:22:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {r1, 0x3c, 0x0, @ib={0x1b, 0x3, 0x3, {"5a74645e6c885d69c615f4fab2631fe8"}, 0xffffffffffff8000, 0x1, 0xd87}}}, 0x90) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)) 10:22:32 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:22:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x3, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfffffdfd]}) [ 410.625362] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 410.694795] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="892d3116fdfd25f0ff3f4b1a837fd230d74882c7646d7f0b8e1f4e0ef70b946546e62caecd832db13c77e94a4cfe2f8ce124d3f1fdaf8ae42cf5da3714e982b8806bf70d0311fb525942791d8ad309133922ac548be811d97ffa8ed7e7bc7de979dcdf664a3c50410344c4dbbbdd9dca35c0cf735720d1ebaf479a67b9f35b910b7dc00c6910b91fb5c09f683b1d2cf7d6793bddf43c1666ed6019e206824b4725bf158e64f905603c64282714d07ed7e6594d89cafec25589f68e5b030785999b3c69fbe847698b459a7445fab7958f7a0af0beafabf2da726b76e41e7d2047ec829659709b6b39"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:32 executing program 2: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000180)={0x0, @reserved}) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000280)={0x0, @reserved}) setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000240)=0x128, 0x4) ioctl$EVIOCGABS0(r0, 0x80184540, &(0x7f0000000240)) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000000)={'IDLETIMER\x00'}, &(0x7f0000000080)=0x1e) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xffffffffffffffe7]}) 10:22:32 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:22:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc) 10:22:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x3fd, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:32 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfdfdffffffffffff]}) 10:22:32 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:22:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x3000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x2]}) 10:22:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0101002d8925230000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 10:22:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x4800, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:33 executing program 2: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f0000000180)={0x0, 0x1, @raw_data=[0x2, 0x186, 0x8, 0x3, 0x400, 0x0, 0x7fff, 0x8, 0xfff, 0xffffffff, 0x2, 0x8000, 0xffffffffffffff63, 0x0, 0xd72, 0x2e6]}) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) fadvise64(r1, 0x0, 0x6, 0x3) 10:22:33 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:22:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x100000000000000]}) 10:22:33 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x2]}}) 10:22:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfdfdffff00000000]}) 10:22:33 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000180)={0x0, 0x5b, 0x0, 0x4, 0x401, 0x1, 0xfff, 0xffffffffffff4062, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x9}}, 0x2, 0x9, 0x4, 0x3, 0x8}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000280)={0xffffffffffffff37, 0x0, 0x7, 0x8, r1}, 0x10) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x0, 0x7530}, {0x77359400}}) getsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000400), &(0x7f0000000440)=0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) lsetxattr$security_smack_transmute(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000340)='TRUE', 0x4, 0x3) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000380)=@assoc_id=r1, &(0x7f00000003c0)=0x4) 10:22:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7a00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000) 10:22:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xe7ffffffffffffff]}) 10:22:33 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r1, 0xae80, 0x0) 10:22:33 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x100000000000000]}}) 10:22:33 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x300000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xffffffe7]}) 10:22:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xffffffe0) 10:22:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) mq_open(&(0x7f0000000000)='/dev/vbi#\x00', 0x80, 0x80, &(0x7f0000000080)={0x5, 0x1000, 0x8, 0xffffffff, 0x8, 0x8, 0x9, 0x1}) 10:22:34 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x200000000000000]}}) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xfffffffffffffdfd]}) 10:22:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7a, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x1ee, 0x0, 0x0, 0x0) r3 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0x1, 0x2) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="88ff25f8ff0d000000"], 0x1}}, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f0000000180)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000001c0)={r4}) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0x23, "1ac53d3352d2700e1e13e13a93b52bf883b40eb62bc2c4ed8c8fb98c974c34f17d6ec7"}, &(0x7f00000000c0)=0x2b) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000000100)={r6, 0x1ff}, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000000)={0xfd, "29e36725700ea63396296fc641a764242e22e96688ce7e6d29f8965150be98e1", 0x3, 0x1}) 10:22:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x7) 10:22:34 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x1000000]}}) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x200000000000000]}) 10:22:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x2, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:34 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1000, 0x101000) ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000040)) r1 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xe7ffffff]}) 10:22:34 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x2000000]}}) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x1000000]}) 10:22:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xffffff9e, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x4) 10:22:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000080)={0x100, 0x5459, 0x7, {0x6, @pix={0x6, 0x100, 0x4745504d, 0x8, 0x6, 0x1, 0xb, 0x2, 0x0, 0x0, 0x1}}}) r3 = dup(r2) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f00000003c0)={&(0x7f0000000180), 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0xa0, r4, 0x310, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x4c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xff51}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8000}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb537}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x63}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0xe4ca8c3ed62e5582}, 0x2000c090) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f0000000000)=[@flags={0x3, 0x1000}, @cr0], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:34 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x100000000000000]}}) 10:22:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) write$P9_RATTACH(r0, &(0x7f0000000000)={0x14, 0x69, 0x2, {0x0, 0x1, 0x7}}, 0x14) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000180)={0x0, 0x0, [], @bt={0x100000001, 0x0, 0x60, 0x101, 0xe172, 0xcbd, 0x1, 0x4}}) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0xe7ff]}) 10:22:34 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000080)) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0xfffffffffffffffd, @bt={0xffff, 0x9, 0x1, 0x2, 0x1ff, 0x4, 0xffffffff, 0x5, 0x1, 0xf8, 0x0, 0x8001, 0x8ca, 0x5, 0x8, 0x9}}) 10:22:34 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x200000000000000]}}) 10:22:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xfffffff0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xffffffffffffffe7]}) 10:22:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 10:22:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfdfd]}) 10:22:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:35 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x1000000]}}) 10:22:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff25f8fffe666353297ae85b6bf0913822060ec6a9e4d797a5b8e7ded5df0a2d0e05b59088668cc572988038b76590260092d28ab332d9d604e738b833fe1784b0a0481cc81788e5869a8a3300000000000000000000000000000000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) 10:22:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_S_EDID(r0, 0xc0285629, &(0x7f0000000180)={0x0, 0x100, 0x2, [], &(0x7f0000000080)=0x8}) getuid() fcntl$setsig(r0, 0xa, 0x28) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000000)={0x7, 0x3, 0x6, 0x400, 'syz1\x00', 0xffffffffed7f48cb}) 10:22:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7a00000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xe7ff]}) 10:22:35 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x2000000]}}) 10:22:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], 0x8, 0x5, 0x5, 0x2}) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000240)={0xa, {0x5, 0x8, 0x6, 0x7}}) 10:22:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x2]}) 10:22:35 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x2]}}) [ 413.630656] validate_nla: 12 callbacks suppressed [ 413.630666] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:35 executing program 2: socket$vsock_stream(0x28, 0x1, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x80000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000040)={0x51b, 0x0, 0xfffffffffffffff8, 0x2334, 0x0}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000180)={r1, 0x6502, 0x7, 0x9, 0x7f, 0x9}, &(0x7f00000001c0)=0x14) prctl$PR_SET_UNALIGN(0x6, 0x3) 10:22:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf0ffffff00000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) [ 413.854282] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xacb, 0x1) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000080)={0x4, 0x0, 0x2, 0x5}) ioctl$DRM_IOCTL_SG_FREE(r3, 0x40106439, &(0x7f00000000c0)={0x3f, r4}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xe7ffffff]}) 10:22:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:35 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x2]}}) 10:22:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 10:22:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x3, 0x2) ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000040)={0x4, 0x2, 0x7}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 414.251929] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:36 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x100000000000000]}}) 10:22:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xe7ffffffffffffff]}) 10:22:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) accept4$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000080)=0x10, 0x80800) ioctl$sock_proto_private(r0, 0x89e2, &(0x7f0000000180)="d4a8a992d93226409ec134b05b0866851ed9e5e5e5d39735f91ebdf66cc36633b4d3bff800fd4b1b03c7e63f45ef656e3c95e22a44cc1928bc1095878be4dd79b22e3b4b1142f406a90a018132338b5464573c150cff2542a6e089bf40a9edfe3547f7b0e706e555abd50da6fc440be1") ioctl$KDSETLED(r0, 0x4b32, 0x31) [ 414.365617] *** Guest State *** [ 414.375994] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 414.403713] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 10:22:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0xf0ffff, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 414.440650] CR3 = 0x0000000000000000 [ 414.459879] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 10:22:36 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x200000000000000]}}) [ 414.480890] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 414.483469] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 414.500644] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 414.507688] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 414.560728] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.582291] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.594753] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 414.641522] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.653802] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.662130] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 414.670143] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 414.678104] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 414.686905] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 414.695071] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 414.701659] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 414.709140] Interruptibility = 00000000 ActivityState = 00000000 [ 414.715507] *** Host State *** [ 414.718687] RIP = 0xffffffff81223c27 RSP = 0xffff8881d2977350 [ 414.724743] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 414.731179] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 414.739008] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 414.744895] CR0=0000000080050033 CR3=00000001cb50f000 CR4=00000000001426f0 [ 414.752150] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 414.758841] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 414.764897] *** Control State *** [ 414.768349] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 414.775058] EntryControls=0000d1ff ExitControls=002fefff [ 414.780634] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 414.787544] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 414.794373] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 414.800976] reason=80000021 qualification=0000000000000000 [ 414.807286] IDTVectoring: info=00000000 errcode=00000000 [ 414.813626] TSC Offset = 0xffffff2002faf141 [ 414.817940] EPT pointer = 0x00000001b8b4901e [ 414.835409] *** Guest State *** [ 414.838858] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 414.847707] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 414.856621] CR3 = 0x0000000000000000 [ 414.860390] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 414.866350] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 414.872373] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 414.879077] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 414.887039] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.895077] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.903080] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 414.911098] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.919103] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 414.927108] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 414.935121] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 414.943759] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 414.951807] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 414.959890] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 414.966293] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 414.973862] Interruptibility = 00000000 ActivityState = 00000000 [ 414.980114] *** Host State *** [ 414.983339] RIP = 0xffffffff81223c27 RSP = 0xffff8881d2977350 [ 414.989392] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 414.995808] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 415.003635] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 415.009558] CR0=0000000080050033 CR3=00000001cb50f000 CR4=00000000001426e0 [ 415.016575] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 415.023272] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 415.029474] *** Control State *** [ 415.032916] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 10:22:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xe8030000) 10:22:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x200000000000000]}) 10:22:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, 0xffffffffffffffff, 0xfffffffffffffca8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @reserved}) 10:22:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x3f00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000180)="0f18910a000000400f0866b8a9000f00d864111530bfe4fab9d80800000f320f2211410f01d166ba420066ed400fc71c90430fde8d4b760f38"}], 0xc54, 0x63, &(0x7f0000000140)=[@efer], 0xa0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:36 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x1000000]}}) [ 415.039614] EntryControls=0000d1ff ExitControls=002fefff [ 415.045068] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 415.052036] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 415.058776] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 415.065349] reason=80000021 qualification=0000000000000000 [ 415.072426] IDTVectoring: info=00000000 errcode=00000000 [ 415.077877] TSC Offset = 0xffffff2002faf141 [ 415.082255] EPT pointer = 0x00000001b8b4901e 10:22:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfdfdffff00000000]}) [ 415.146671] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x3, @bt={0x0, 0xffff}}) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x400, 0x10001}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x9) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000080)={0x7fffffff, 0xff, 0x8, 0x0, 0x0, 0x2}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000001c0)={0x0}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={r2, 0x30, &(0x7f0000000240)=[@in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e24, @empty}, @in={0x2, 0x4e22}]}, &(0x7f00000002c0)=0x10) 10:22:36 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x2000000]}}) 10:22:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6800, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x40000) 10:22:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xffffffe7]}) [ 415.310953] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:37 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x2]}}) 10:22:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x700000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x1000000]}) 10:22:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) membarrier(0x9, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x2, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000180)={0x8, @pix={0x3, 0x10000, 0x7c777e7e, 0x3, 0x3, 0x4, 0xc, 0x3456, 0x1, 0x3, 0x1, 0x1}}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x9) write$binfmt_script(r0, &(0x7f0000000280)={'#! ', './file0', [{0x20, 'ppp0-&vmnet1em0-^*bdev&!em1'}, {0x20, '/dev/vbi#\x00'}, {0x20, '%em0.}GPL'}, {0x20, '/dev/vbi#\x00'}, {0x20, 'loGPLposix_acl_accessem0GPL{\xff$'}, {0x20, '/dev/vbi#\x00'}, {0x20, '/dev/vbi#\x00'}, {0x20, '/dev/vbi#\x00'}], 0xa, "a2334c42345ed8b6951766c373a4f9bbe84783f86a828549fe10a0bf498a831871e8c313a7824368a4b7fa079ca36c9a3b9bd771b97cdf7608636b1fd453db180a1caed6b4d820140d28b6b218ee851c68f87523bcce260688f9bcdf1299f987860dfd96dbc06230f0f401a3c951e0dcc25a499e20812d0fc71abe1fa0ab32a2b6a5c9530d52b823027395477f94cc9d067f49bbfec711f29282f71c34b71398"}, 0x127) 10:22:37 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x100000000000000]}}) [ 415.554120] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xffe7]}) 10:22:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xffffffffffffffff) [ 415.689235] *** Guest State *** 10:22:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x5000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfffffffffffffdfd]}) [ 415.716205] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:37 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200000000000000]}}) [ 415.775479] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 415.800520] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 415.814879] CR3 = 0x0000000000000000 10:22:37 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x6, 0x1) syz_open_dev$sndpcmp(&(0x7f0000000300)='/dev/snd/pcmC#D#p\x00', 0x4, 0x202000) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000080)={0xd, 0x0, 0xa9}) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f00000002c0)=0x3) syz_open_dev$dspn(&(0x7f0000000380)='/dev/dsp#\x00', 0x7, 0x40000) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x40000, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f0000000180)={0x2, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}}, {{0x2, 0x4e24, @multicast1}}}, 0x108) 10:22:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x100000000000000]}) [ 415.831322] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 415.861766] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:22:37 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x1000000]}}) [ 415.886548] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 415.917117] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 415.917140] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 415.995186] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 416.027341] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 416.051052] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 416.066504] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 416.079105] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 416.087235] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 416.108370] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 416.116876] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 416.125228] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 416.131950] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 416.139441] Interruptibility = 00000000 ActivityState = 00000000 [ 416.145660] *** Host State *** [ 416.148920] RIP = 0xffffffff81223c27 RSP = 0xffff888182a37350 [ 416.154899] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 416.161367] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 416.169219] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 416.175098] CR0=0000000080050033 CR3=00000001b78f4000 CR4=00000000001426e0 [ 416.182206] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 416.188932] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 416.194972] *** Control State *** [ 416.198416] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 10:22:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xffffffffffffffe0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="9fc8a40403f01255ff"], 0x1}}, 0x4000040) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1000, 0x1018, 0x4, {"f4c41c692f2afae841b6d89bfe21079ac2592087ce6c63ec1cff7e784238e16813e7e5e1414f30f17d9f7a8f722f6d9e23900c8541a2f473e1d0ec50c1c2036fe6898cc77786e8791691ed282e9fa5caffb2f00fad18c4f09f0b84e45715079b6a6fd15e632f2b39fb6b8570bf75126283f35ca0bdfb7f652a3671fbbcdfa900ce0906b51f1bd2be74558e970acfdea7855e8151ec713a0497526ed63a75d60f5b50c1c5d856a8e1d9f296f72efbfa3ebcc6b984e7176f9b21566e26467b383430eae13396eb258d5407641847eac86d64e4b4b94e28d8051af04e0ce8f2da128cf44cf264ba2c396df836c4e74ad8f231e55ee662f405b1fca101d667cb1779e643e72004b2ec1109771761613ad54f33f9d89a4de8c25b80b1bed8ec6976c956eaaca609762fb543efc3444869eb98ce1487d5509f2ac0f3ff92c049e33057e29c10797dcba957c33cf8585e896be06c2a49c54140f2464d147fdd87d277e0b8d64aa83f5643393bfd520393103605bba018348be1e364051da1a47189e6c4a13cf728d336c39401688c569c569bdd35a1869c5551b3fc19dbc207fe6e51a4ab84cde23036f5110782b9dcee9cf0ec2f406702da30c25f7a17f21875511fcd861ade5684186576697695c996d85f43d482b6d38b6c030f2b59d811f1e0a97d0bde39803b6be15595e6fdb4dd42bea26ec4f1cd903842621a53309e8b1a04d321aa0803bd7cdca5ba92c17c7cc9714d283f03cd5e594dc0770a3a50898681f0ec65627ad9c8cf67dddcd6f853c35dc5ef591796eddd9b9045fdb2baa86121ddb814d2ab74ae732f546e875f9b7f1604e368cd31362b860e51430da0c7e86460a4889378f03c2833fd26b07eff8e6d3939d85e1914a3436039b976953c75794aeda1815a84bbd261037fad13d3df270954aec239cac8aaa564eeb84d19a0c58266c268fd223dcbc98d0704f0a7a43950579b937bfbf526951c8c6610f1f6375b5c009fca31056abdcbff87b18e87b4a3c1e3ba9b52047d8fadda7252a93fd82e4cda37d5ef5e2b7864b9f1e2e0cf882edc8d2f26f1767079a804bc3729b45219f32f8aca24391a1c54b14b5f9a8558c09adb2eef1a2d17fefb29b908f8b4fda1380a7399b984e7a1c7dc23823a51f4e6d4a01eb0a3b1ceea572ce8beeb2dd6eaba3c4c7c511a1608887bc19904815453c216fb349f7a5f6fd15545ee2ab2f9fc47ca88d1e3223c8f8668a56edb9d3898597d23e161b398a8e5bcfe9de87558c323e67f67904459864ffdfdbfff270d475e7477d2f9ae7bc560963ff6f703360aa665273f0474206de15d4617d7848031acaf87aa3d148319de0de48bc31e84f127a243d3d23f2f61936f90f92128fbf3fb74352aab156a6fda6ca4f83a744b55e0b80b8ed115987ff839310fa8451d0ecfd2768c26a25a455427c0f051327433b3aa705f5ce78878fb61e0abd41aa0815a5a3164fae698943346c9c0b0ba53dfda7831b30880a3817491f34fe158f8d123eeddfe06bc9313fba0ed1462e4cfffc40e205a1c850763d055e0c501a9cf44afac0addb5937c315cb91a4db4085476fdcb19b9b07c1f1a0293d2c2b79b00223c4a98e72b30e3b499c1b82ff55c8e24fdbcf8fcaa311b7584bbb45160463b481d3b7c6d452bd49e8302b7a5212004c65c3020eb806ddecf34e8f5da760d07197274965e6b8a8271b1eefe0e003ce425ba402877e66648813f8f8ce41a3058beca85bc5877159f681a0905cc6f9a72e8947dcfb9e57e766dee878077d7627ea003a2f2d5567bbbfd6db0874aaf6ec783d038d099c9f26ce84d581767948b83cccf47256b55837ca5056172d2a10b76fc82f924636a65a46394baf85848645d14c3951383b78510505be7e39c8fba8644ab5ac3cd5d3235f8ccec83cee4eb13ab8df33412d18cfeaf678d8c0a7a53c3c37439762f16cfafd1e3a719b4d30dc9ee512cbb34e6c87a1b43bb9ccb77b53d392cafe4516b13d2ab91bd43f380ea4362c41c6d9bae781b73a16d79a07f3630f58569b7cd875c345d19459cbb267573c7dc5864c066e0dcaf257ad6208d6f0a4fe4fb467980a81909da565dd9ac38d53ea3de22892b7e0e2d3d3e2c745973f37ca44aed4d9cd09bef6518c904f37de1d15d0b4fc9676144d7042e7e787b0e6c25052be2f64976e99d5ab4c85ece2fa0733357e20eae4d0b4bf632e4db86197caa6f121af7ab84e40f14955b93fb9dff7271b723d078d4d47ed038b332cd94ba3ecdce24e599500508898df68be2acc8561722e7ea6fb778891f8ddcd501591ec655fd5391f95904f911473961251ad51d1da69d7115ae64e218ad68ca6e27eca46783e0c3b48a49efac360b7d246f8660270aaeeb0eff26cd4c7ed2a6d750ea0771e5778920b6dbecc882337b4a4f7bdfa18f466c61048d9017349350c47beb7192f611153c86fadf42f83c8ebc8e9147997ce271aa645cb3ca928553363a5dd3fa9bdbccbb46f393e8f2908cbb94bc11b721b83279716f1ff11cbdea25f8433d017ef7d036453079bffa08f4858328df999c894e80cce89a8c59c3c89ab3555bb45bcfc874f6cf4bda8216ff0bded847302c6a920c4aecff191a62cb2d6d8694f04071094fef42c30650b08b944b34bee0bfa47a61554d72b910d7a5faa930988ee8bcb0dcdca0c6e137f471608426ed0e7b68a91475fe095b831adb6c9b175817420908d6ba12f89d1005b12fcc3bb03a7a079749c4daa4d78fd39b37aab432baebd70b1e43f7f3b9cf4db691ebfb77fba5f748161e66437a558dadce0d12ef1918be5d3b10d6703831e9665d8e693d9e4d2af8ddb7a13d9bdec3b343f9c7bdf67ece4d857c10ed710d86063d799d22ef67378945d6b9950062930fc3eb8a417a6fef408eadce89658ed8e46099bf2095663e5eb013f556f3961a966390d20cdadf160af69ad5c2f1e9326f006ff1f839d6e5fa4782230c8906f76f72ff5b7d911e790763a8395117e21e55480e3ee4a04009d86a93c646f185c82b9901713ae9c3b6eef14af2a826816fa6d59a1d63f071f66afee82796f8c5127b8add2f95002873142df985139fb71715786c0e89103b1282dcab39e2315043d245e90a097e5e60a1e84ecc6432cd1bb5470000cc54a2d647c396cd178095a44f10b0b251744f37f1a11a18778bb3b6b2c8a42b2f95b789d40ba0f3ef1ea0fb578d4a32d0c07e10df8226a74e74a65ce822ca59eec7a469dc4cac495c6c43b45e5628810e0767f1574021c3811733dddd5f3fcb2cd1c1db50441c3de6bdf8de9c604b0a5116a77b7be4aaf2384e2f25d724f4d76c89bd51c16f534ea055773d69a95d43eb9414a3a0403a160cff1993b2042f10139e4a50f378d2c82b6dd5cd444e8b4c40629810401e9b0c8540fa794eaec1e10ad7731136bbd9e57e02e9490a592bf6d1bfbf396b60cd3301180ec51e5963245fc26bbb805e19f99e2d01824483ff01fec9814462711e6e3f33e1dbd71e7aa8ebc923d8c1f636c085750973165e77988fb41052b223635cae4e750605d3369dc0cdddf84c67a02474fba58e234ee0fd42729fbf608f1e99900023512b24c9fa6d4bc71559a35dcb7edd47419492d6fc14da9fb08720449f022cbaf94549529f7cb4ffaf0776a6643dd6a5e1acea712ee544901e17601b8d7617a65f3c2bca88a89e419f583285e88d1612e268d0ecb2ceea570ad63d7f41bfaddb7d7ae346803253cb9ee877f9cf166f9229579e8e708b828d8adfa0475b2eb946ba2ddd0dabe2a6a1f6c05314f1ff1c5b90ddde80cdbce9ed7e08d1919bd6683458497a4b232fa7a5ba80ee84dabc08107e371db5e0b67e3b721e29986b10814c57ca53c2e4a13ed35aaff538655fc4fb0d75d98fb492af7f12ca0be8dee706e4b048b17bdb8900ab7b519b4bfa557461f091e202cc9ee840f12545ecb3c42b12bb078f5d690d7e85219c0bc801cae143f597152fd379cbac69fea76fc2fd4bf9fd899493a351b6b0e6741eed5b2098d10909f5fba414ccebf051218f1eeff18c57aa5115a1c49cce652ab7540aab1613feed875e9a4926ae21227fdad35c3473fa05332ada79725433578387dcad026139d4a26454879a4422de093b7be74a4d6f889669bb424c5edecffbde2e182798e31a78e85ec289221cda6b454c402f4132b5d2b5ed56793baeed5b1f31f14da59e02a7bd36b8434a46fbbb0491dad69cc282662ec87f00ce2eebf0f1c3d9e64e90a556a00246394f13794a02bda5593e49bb36ba998c05c0b6cda3f067e0d14fee0a73a74d9b483a16db1fce4d1363397f4af406628e09a4c0503f3f8ae1c5ad573e06905b338ec3e793ba7a0734acbd1a1411bd1a9c9da46d5f3467f53707be0f5b012d22576209630ad87b9caa959fd6dd4093bb71f1c43757f1460319947fb0a68a4e5813635c2ef44950e50ace683e22b782cbe6113c08c4804a58b1a376078ddc2f3eb51923dc549b238a0868fba7832742e10886494b99856d78528c2cfa5afac54fffd26a763eea885445be86d40ee40190fd04297b4f6053d3625211aa03a18483d8ae8311ec6d9cdedfcccb20814927f08983e133bef48b1a006c00f36011d7b94b0d8aaecf334c207d1fa07b6db20182a9e82f0f678d3c02da01ea1c283c0476837984c9875e3fc7d0152a99695597d6f44103bb0460f98a5523e1719dffd5bde0ca7bc2e9e8aa4f0c2d1c78ab00eb329a07e972ddcb1fd9cc2fb932f4a3c64fc91caf6e7948134ffb1cb807c0d7ddb62302dd5afe55d2d0100b8630b8df0c31a4b1e3e97d43a50a2e2c50863f03f45cd79985f83abc4a1bc64ec4ff53518afb97927a3aaf344248a3aba1009b207f80f565ff97fb41f64322d972059d7fcb56adf4769a6d28a35d69dfe4d64b709c89ebcd37952d93f5346b59bd745c6c7f4bb7ac254cfa2933af07d54d17dd2d7cfef62ce2db9573494ae04106a0c3e69daf8acea6c03cf97073654edc888acacc1905a9eb5aaaad6164471502baf45611c40ccb040a7bacd97c311b349feedd295befbe287224a690301476b32c40268c4f1a3f87fe7609f1d461f1e664d8cbc855beaff867b3dbac83355abec2ce4c03326be91a62bddf89c5330b797569ae3d52558ad27d126ab0f3204b0bc27b682579ff5d19b879cca3e5344a8bd025bf429a3a48713329bcce87d0db848e8dd05f27ea9a8019b2b4c47fc78468d810106c27993b00da6f17297a4f62bafc01c843d6e2fec90a6f77dda1d9c1af4f46303a3c48722cce8cb42bbdf2e98f8a619ac9b0ed47fc2bde7e780002d497df2bde38655cf4b4eacd4581e5537edddaf30c6c31171a093676b8fe51b3dce88ac706c7a635d3193f46aa72c200914836834f19cceb701f2a443302a723ceea109ef6e70fc83646546ace803ccf43c537417361010973d014dfc1856ffde0973575681616d3fc7246f20224f14061e54676af841363485ec89afffb29a2d6d62c75d0ceac1a9bf982effae263c71d28a1b26d25c1cbd9535adb523180094ae47418123e1aba02181e187357f80916bb29d0fb7d2265b60b5b1cd30cdbb5ed542f8f7903f92ed40d5de4d28e91ae81b65d7bd760364348aa792282662496086a7bd4df7f67d9bf59c7604248eead60f2682f5262dfee2b5caa1232bf5ae94270cf8e55f6a049734036e728993f4ec6d3eb31b6d9cff8d72f641e0f8d2590f47e78fb728d619717b204786dfc202b25e28509935c759bac6e8768e907dba1e46893a71fd9059923054dbd3a676e00e042467d1e419ebb"}}, {0x0, "417d9e7e88111c5ba264bd72582eeb4e6588290b66b004805a1b1317a0e479bcaf3f6375893f1dea6f1143c98abd4fa30876fb64433fa590ca828694db781fa6742fc877147efbbd167fdbc81580f44c78016c8346f7bd77259aa462585942008f270947b9eaef7b94f499513bd25d1ebe37c857423573af227b92ab6fe24936cb3d6d"}}, &(0x7f0000000140)=""/156, 0x109d, 0x9c}, 0x20) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 416.205135] EntryControls=0000d1ff ExitControls=002fefff [ 416.210624] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 416.217542] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.224248] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 416.230857] reason=80000021 qualification=0000000000000000 [ 416.237163] IDTVectoring: info=00000000 errcode=00000000 [ 416.242650] TSC Offset = 0xffffff1f4a7d362b [ 416.246973] EPT pointer = 0x00000001bc0fb01e 10:22:38 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x2000000]}}) 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfdfdffffffffffff]}) 10:22:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x20000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000180)={0x8, 0x1, 0x80, 'queue1\x00', 0x3}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) 10:22:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @reserved}) [ 416.326727] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x2000000]}) 10:22:38 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x7400000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfdfdffff]}) [ 416.548455] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:38 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:38 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xa4000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000180)) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @local}, @in={0x2, 0x4e23, @rand_addr=0xc29c}], 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000240)=0x1, 0x4) 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xe7]}) 10:22:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x400000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3170606021217b0259b125751b88546dbf2a0fb5fadd79e73b78b287112ab52fc169965d12be730446574432ff8ae1ddd28850092b3986db81278ef3ed8db1ba3554cc36f243"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400, 0x0) write$uinput_user_dev(r3, &(0x7f0000000900)={'syz1\x00', {0x7, 0x1, 0x0, 0x2}, 0x43, [0x4, 0xfff, 0x6, 0x1f, 0xd992, 0x401, 0x40, 0x40, 0x3, 0x0, 0x100000000, 0x8, 0x2, 0x5, 0x1, 0x6, 0x6, 0x1, 0x5, 0x3, 0x4, 0x10000, 0x8001, 0x4, 0x7a3e, 0x6, 0x9, 0x1, 0x100000000, 0xfffffffffffffffb, 0x3, 0x0, 0x0, 0x3, 0x200, 0x7, 0x5, 0x2, 0xfffffffffffffff9, 0x28c00000000, 0x66e, 0x1, 0x2, 0x3f, 0x0, 0x10001, 0x4, 0x3, 0x80000000, 0x7fff, 0x67, 0x3, 0xb8b9, 0xdbb, 0x4, 0x5, 0x2, 0x2, 0xfffffffffffffff7, 0x4, 0x3, 0x1, 0x9, 0x8001], [0x1, 0xfff, 0x4, 0x3, 0x7, 0x81, 0x20, 0xfffffffffffff801, 0x7da000000000000, 0x800, 0x2, 0x100, 0x4, 0x9, 0x401, 0x1800000000, 0x0, 0x7, 0x101, 0x6, 0x2, 0xfffffffffffffffd, 0x51e, 0xfffffffffffffffc, 0xec8, 0x5, 0x5, 0x2, 0x8, 0x5, 0x100000001, 0x9, 0x2, 0x8aa1, 0x7f, 0x2, 0x9, 0x401, 0x0, 0x4b, 0x9, 0x8001, 0x8, 0x0, 0x7, 0x7, 0x9, 0x5, 0x7, 0x5, 0x0, 0x4, 0x2e6b, 0x400, 0x581, 0x200, 0x7f, 0x5, 0x100000000, 0x6, 0x5, 0x3, 0x1, 0x1], [0x0, 0x80000000, 0x8, 0x7, 0x8, 0x5, 0x8, 0x646, 0x7, 0x4, 0x3deb, 0x13cd926d, 0x3, 0x4, 0xffffffff, 0x1f, 0x1802, 0x9, 0x2, 0x8, 0x5, 0x1, 0xb5, 0x8, 0x4, 0x4, 0x8, 0x6, 0x0, 0x401, 0x9, 0x800, 0x7, 0x5, 0x5, 0x6, 0x4, 0x6, 0x5, 0x7, 0x7, 0x300da2e9, 0x1, 0x3, 0x2, 0x80000000, 0x7fff, 0x5, 0xfffffffffffffffc, 0x3, 0x3, 0x4523b45f, 0x80000000, 0x5, 0x247, 0x100, 0x3, 0xdca8, 0x42c, 0x100000000, 0xad0c, 0x80000000, 0x5, 0x401], [0x10000, 0x1f, 0x4b93, 0x0, 0x8, 0x244, 0x1, 0x0, 0xfff, 0x331, 0x15, 0x0, 0x7, 0x8001, 0x4, 0x2, 0x4a, 0x0, 0xfffffffffffffffe, 0x9, 0x2, 0x100000001, 0x0, 0x7, 0x8, 0x8, 0x400, 0x9, 0x26bf, 0x7ff, 0xca, 0x4, 0x4, 0x5, 0xf03, 0xa3ae, 0x5, 0x8000, 0x7, 0x80000000, 0x7, 0x58, 0x1, 0x6, 0x7, 0x19, 0x3, 0x3, 0x5, 0x3, 0xfc, 0xaeaa, 0xffffffffffffff70, 0x4, 0x8, 0xfffffffffffffff7, 0x8, 0x6, 0x8, 0x100000000, 0x6, 0x3ace, 0x60b0, 0x1]}, 0x45c) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) 10:22:38 executing program 2: socketpair(0x1f, 0x4, 0x4, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000080)=0x6, 0x4) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000180)) 10:22:38 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0xfffffdfd]}) 10:22:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x3f00000000000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:38 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x7f8a16eff700) 10:22:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000000)) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x7, 0x30}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000240)={r1, 0x48, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x40100, @remote, 0x1}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e20, 0x5, @loopback, 0x20}]}, &(0x7f0000000280)=0x10) 10:22:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfdfdffffffffffff]}) 10:22:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x40000000, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:39 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, 0x0}) ptrace$getregs(0xffffffffffffffff, r3, 0x8, &(0x7f0000000900)=""/4096) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vsock\x00', 0x202, 0x0) r5 = accept4$unix(r4, 0x0, &(0x7f0000000300), 0x80800) ioctl$sock_inet_SIOCSIFPFLAGS(r5, 0x8934, &(0x7f0000000080)={'bcsh0\x00', 0x7f}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1dbcb3bd3850eb9c21fb"], 0x1}}, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000440)={&(0x7f0000000000)=[0x1d67, 0x4, 0xe29, 0x7, 0x4, 0x9, 0x4, 0x4], 0x8, 0x8, 0xffffffffffffc88b, 0x200, 0x0, 0x101, {0x0, 0x80000000, 0x3ff, 0x1, 0x9, 0x81, 0x3, 0xf695, 0x7, 0xffffffff, 0xb2a, 0x2, 0xffffffff, 0x4, "a4f2c2c7c4428ed6f00909ea973f22f8387dbc40be69b54f66985b92c52b68dd"}}) getsockopt$SO_COOKIE(r5, 0x1, 0x39, &(0x7f0000000280), &(0x7f00000002c0)=0x8) r6 = syz_open_procfs(r3, &(0x7f0000000140)='net/dev_mcast\x00') ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r6, 0xc08c5335, &(0x7f0000000180)={0x7fffffff, 0x9, 0x20, 'queue0\x00', 0x6}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc00000000000000) 10:22:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xe7ff]}) 10:22:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:39 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f00000002c0)=0x80000000) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000180)=""/232, 0xe8}], 0x1) getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000300), &(0x7f0000000340)=0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000080)=0x4) 10:22:39 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfffffdfd]}) [ 417.726374] Unknown ioctl -1066900319 10:22:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000000)={0x4, &(0x7f0000000180)=[{}, {}, {}, {}]}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:39 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="882d3116edff25f8ffdb115a1f1cf078b39b8b1cfd3e6df5940a05004ec40884ed4a14c190e02c35b00b7e05d57e9700ea8c4760d7ea87f14e9f504e13d3a066a6b46f6feb3e1d"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x400204, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f0000000080)={0xff, 0x0, [], {0x0, @bt={0x5, 0xe49c, 0x0, 0x2, 0x0, 0xa9, 0x6, 0x1000000, 0x0, 0x3, 0x81, 0x4, 0x400, 0x4, 0x6, 0x20}}}) 10:22:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x22000, 0x0) uselib(&(0x7f0000000300)='./file0\x00') ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0xfffffffffffffffb) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/82, 0x52}, {&(0x7f0000000200)=""/152, 0x98}], 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 10:22:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x100000000000000]}) 10:22:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:39 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) [ 418.154934] Unknown ioctl -1066900319 10:22:40 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xe7ffffffffffffff]}) 10:22:40 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) 10:22:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @reserved}) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x800, 0x0) write$uinput_user_dev(r0, &(0x7f0000000180)={'syz0\x00', {0xd07a, 0x5643, 0x2, 0x9}, 0x5, [0x9, 0x1f, 0x7, 0x7, 0x5, 0x3f, 0xffffffffffffffe2, 0x3f, 0x0, 0x4, 0xfffffffffffeffff, 0x3, 0x100000000, 0x8001, 0x1, 0x16, 0x6, 0x5, 0x400, 0x9, 0x9, 0x8, 0x982, 0x4db4, 0x100, 0xfff, 0x8, 0x5, 0x0, 0xe429, 0x1, 0x100000001, 0xc0f4, 0x1, 0x4, 0x401, 0x4, 0xff, 0x46, 0x0, 0x7ff, 0x3, 0x0, 0x4, 0x3, 0x7ff, 0x7, 0x5, 0x6, 0x3, 0x6, 0xa44, 0x0, 0x8, 0x4, 0xc27, 0x3, 0x46b, 0x6, 0x0, 0x4, 0x401, 0x2, 0x8000], [0x2, 0x4, 0x7, 0x7f, 0x8, 0x7fffffff, 0x280000000000, 0x8, 0x400, 0x3, 0x4, 0x0, 0x1000, 0x6, 0x1, 0x20, 0x8, 0x100000000, 0x5, 0x7ff, 0x0, 0x4, 0x8, 0x7fffffff, 0x1, 0x0, 0x5, 0xfff, 0xcd, 0x3c53, 0x7ff, 0x1f, 0x3, 0x8, 0x7, 0x2, 0xffffffff, 0x753, 0x2, 0x4, 0x200, 0x4, 0x8, 0x1, 0x10001, 0x0, 0x6, 0x6, 0x10000, 0x3, 0x7, 0x9, 0xfffffffffffffffd, 0x7fff, 0x0, 0x80000001, 0x4, 0xe891, 0x1, 0x36400000000, 0x8, 0x5, 0x0, 0x7], [0x5, 0x100000000, 0x8, 0x4, 0x8, 0x0, 0x81, 0x8, 0x7fff, 0x3, 0x5, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb, 0x7, 0x200, 0x3, 0x27, 0x0, 0x0, 0xffffffffffff09a1, 0x20, 0x80000001, 0x91cd, 0xfffffffffffffff9, 0x0, 0x1, 0xffffffffffffff81, 0x8, 0x8001, 0xa9, 0x4, 0x3, 0x2, 0x10001, 0x2, 0x2, 0x8, 0x0, 0x8, 0x3, 0x9, 0x4a34, 0x1, 0x3f, 0x400, 0x7, 0x10001, 0x5, 0x4, 0x4, 0x1, 0x8, 0x3, 0x3, 0x7b3, 0x11, 0x6, 0xd0b, 0x6, 0x33bc, 0xf632], [0x5, 0x20, 0x5, 0xa2, 0x0, 0x7f, 0x20, 0x9, 0xffff, 0x9, 0xdf36, 0x2, 0x8, 0x7ff, 0x9, 0x4, 0x12, 0x3f, 0x8001, 0x1f, 0x1, 0x5, 0x4c, 0x1, 0x0, 0x1, 0x214d, 0x7, 0x8, 0x7f, 0x2, 0xfffffffffffffffe, 0xffffffffffffff0b, 0x8, 0x6, 0x8, 0x2, 0x337d, 0x87, 0x401, 0x6, 0x1f, 0x10000, 0x5, 0x43d4, 0x2, 0x8, 0x10001, 0x3, 0x7, 0x80000000, 0x3, 0x2, 0x9, 0x6, 0xb5, 0x0, 0x0, 0x2, 0x10001, 0x9, 0x8, 0x800, 0x400]}, 0x45c) 10:22:40 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:40 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x80100, 0x0) ioctl$TIOCNXCL(r0, 0x540d) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x6, 0x800000, 0x8}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8f2747defd080d9c251e6112120c1361e0a85f83794812c50106aa22763bbcff0f00004e4cd720a43aa51a771d2ad5050b2100c088e84790b41ab4d47cfb91996b46b28a2383f255be2fcbf3c75f93052863f9175a936fdb43500f2c3889dbde4e468ffab9db817b1e7cf9e54b76df75129ed5f0acd622769972a443f9a4927157bd50d8287aaa49c8f23e8aba7b000000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x300) 10:22:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x200000000000000]}) 10:22:40 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) 10:22:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) r1 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000180)={{0x3, 0x6, 0xe67, 0x9, 'syz1\x00', 0xfffffffffffffffb}, 0x5, 0x419, 0x2, r1, 0x5, 0x80000000, 'syz1\x00', &(0x7f0000000000)=['\x00', '/dev/vbi#\x00', '/dev/vbi#\x00', '/dev/vbi#\x00', '/dev/vbi#\x00'], 0x29, [], [0x3, 0x1, 0xfffffffffffffc00, 0x5]}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) prctl$PR_GET_ENDIAN(0x13, &(0x7f00000002c0)) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000300)) 10:22:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xffffffe7]}) 10:22:40 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:40 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x1100) 10:22:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xffe7]}) [ 418.833993] validate_nla: 9 callbacks suppressed [ 418.834004] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x2]}) 10:22:40 executing program 2: r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c, 0x800) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x101, @mcast2, 0x4}}, [0x80000000, 0xffff, 0x1, 0x5b5, 0x9, 0x7e4e, 0x0, 0x9, 0x1, 0x4, 0x7fff, 0x8001, 0x0, 0x20, 0xffffffff80000000]}, &(0x7f0000000280)=0x100) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000002c0)={r1, 0x1}, 0x8) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f00000003c0)={0x1, 0xffffffff, 0xffffffffffffffff, 0xfffffffffffff000}, 0x10) setsockopt(r2, 0x5, 0x5, &(0x7f0000000300)="222179766a6ff89e24247e1b31b45b9a941b638f67c857e6d2093f1335cc81910cbe9582ee0875043510a891d7f4b7bb34df4fb4cf7c9ef1812f3e93f68a4d9d2133b2e63a207e3e572a87e83331390e435e2ca7349b3bbc7673f34467341e40e47971f6785d777e53a05cfe30d6fc3cce84c356357dea25308435059861b7e90b3e30ea8aa9698276a4936df23942d4c51231f96664e99c5ee03a01109ab36b5077359570", 0xa5) 10:22:40 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:40 executing program 1: prctl$PR_CAPBSET_DROP(0x18, 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000f40)=ANY=[@ANYBLOB="7f454c46ff7f060905000000000000000200060000000000920100000000000040000000000000009d020000000000000900000006003800010000f00200b5000400cfc95038ef102ff1184d3c7a1800000600000008000000000000007f000000000000000400000000000000e100000000000000000000000000000000040000000000000600000003000000010000000000000006000000000000000000008000000000bfbe3c5c000000000600000000000000f71d3a2100000000c38bd04d7dbd8a33aac50ef523189d9511d14208a5bc61da0908882b983f42776d8d29e771736e83b1dc6dc8a02e46cae4ef7cf8b00f701b36c4f59acadfbb88aa0a8b223827f7c1d89f5ad130ddfe28f4a5d85862ef99d36653e9866f0e43daa49336ca6006a323dc787b7f8fea8599121c8505c4950aca1754f641d84c4fb87c5b8c31ee806f233bd31234bfb0e5242ee67824197c6295b0bb4c067910086464eca767dcd34fffb44c3c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000069479bac00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000097bf8d16fa67c1620000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fb170eb0deb2daca91707229d65c2b410a24790bdeb5363c00f0bbf6ed7595d7b7e58bb637d3154e1f8809a6230b98d74314fd16753e50d2583553acfb7b22daf04f37d80238a95600bfa8e6a8b67fe88cda5dd25d6174b5a1f62ad8b278d89dd6016c934580fba99ae8b24c35cade695e021d305339ff099205a613ff581a1f9c94183e9e8a5ad1604d13511786bd154ace396dce858ce97b3280033911d007eebe7b1f2477d65dc5e29497b28261173add732a13fba3b3911bc9aa"], 0x55b) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f00000000c0)) r3 = accept4(0xffffffffffffff9c, &(0x7f0000000580)=@ethernet, &(0x7f00000004c0)=0x80, 0x400000800) ioctl$sock_inet_SIOCSIFNETMASK(r3, 0x891c, &(0x7f0000000480)={'sit0\x00', {0x2, 0x4e22, @local}}) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00') sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8240440}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r4, 0x2, 0x70bd28, 0x25dfdbfe, {}, [""]}, 0x1c}}, 0xc0) r5 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000180)=0x0) sched_setattr(r6, &(0x7f0000000080)={0x30, 0x1, 0x1, 0x2, 0x8001, 0x100000001, 0x8ff5, 0x80000000}, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000500)={0x11e000000}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r7 = open(&(0x7f0000000000)='./file0\x00', 0x480000, 0x40) ioctl$GIO_SCRNMAP(r7, 0x4b40, &(0x7f00000001c0)=""/86) ioctl$KVM_RUN(r2, 0xae80, 0x0) r8 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x100, 0x0) syz_open_pts(r8, 0x400040) write$P9_RCREATE(r8, &(0x7f0000000140)={0x18, 0x73, 0x2, {{0x1, 0x1, 0x7}, 0x7ff}}, 0x18) 10:22:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x1800) 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xffffffffffffffe7]}) 10:22:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f0000000000)=""/5, &(0x7f0000000080)=0x5) ioctl$TIOCGPTPEER(r0, 0x5441, 0x3) fcntl$setpipe(r0, 0x407, 0x7f) [ 419.204270] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:41 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x1000000]}) 10:22:41 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000180)={0x0, 0x3f, 0x20, 0x2, 0xfff}, &(0x7f00000001c0)=0x18) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={r1, 0x7, 0x80000000}, &(0x7f0000000240)=0x8) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0x1) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000280)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000440)={0x0, @bt={0x0, 0xffff}}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000000)={0x2, r2}) 10:22:41 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) [ 419.429026] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x2) 10:22:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xa6, 0x240) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000080)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r3, 0xc1105511, &(0x7f0000000100)={{0xa, 0x2, 0x0, 0x20, 'syz1\x00', 0x3}, 0x1, 0x11, 0x5, r4, 0x3, 0x5, 'syz0\x00', &(0x7f00000000c0)=['/dev/kvm\x00', '@securityself\x00', '/dev/kvm\x00'], 0x20, [], [0x2, 0x3, 0x5, 0x8000]}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfdfdffff]}) 10:22:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:41 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xe7]}) 10:22:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @reserved}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) process_vm_readv(r1, &(0x7f0000002400)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/155, 0x9b}, {&(0x7f0000001240)=""/157, 0x9d}, {&(0x7f0000000080)=""/50, 0x32}, {&(0x7f0000001300)=""/195, 0xc3}, {&(0x7f0000001400)=""/4096, 0x1000}], 0x6, &(0x7f0000003640)=[{&(0x7f0000002480)=""/29, 0x1d}, {&(0x7f00000024c0)=""/165, 0xa5}, {&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003580)=""/181, 0xb5}], 0x4, 0x0) [ 419.639918] *** Guest State *** [ 419.645004] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 419.655451] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 419.675080] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 419.712050] CR3 = 0x0000000000000000 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfffffffffffffdfd]}) 10:22:41 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) [ 419.745284] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 419.768954] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:22:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000080)) [ 419.798364] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 10:22:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfdfdffff00000000]}) [ 419.849263] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 419.874238] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 419.884982] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 419.941457] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 419.962237] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 419.969678] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 419.994939] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc00) [ 420.037309] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 420.048050] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 420.063484] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 420.086767] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 420.096168] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 420.108948] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 420.127894] Interruptibility = 00000000 ActivityState = 00000000 [ 420.134699] *** Host State *** [ 420.138024] RIP = 0xffffffff81223c27 RSP = 0xffff8881810e7350 [ 420.145632] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 420.152579] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 420.161457] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 420.167918] CR0=0000000080050033 CR3=00000001d2f94000 CR4=00000000001426f0 [ 420.176427] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 420.183810] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 420.190339] *** Control State *** [ 420.194477] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 420.201814] EntryControls=0000d1ff ExitControls=002fefff [ 420.207420] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 420.214866] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 420.222112] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 420.230339] reason=80000021 qualification=0000000000000000 10:22:42 executing program 1: setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.ima\x00', &(0x7f00000000c0)=@sha1={0x1, "78ed28e7ede2728aab8aaa92b47e6bfe179c5977"}, 0x15, 0x634dc9267ccf499b) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r0, 0xae80, 0x0) 10:22:42 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:42 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000180)=""/214) 10:22:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xfdfd]}) 10:22:42 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) [ 420.236878] IDTVectoring: info=00000000 errcode=00000000 [ 420.242829] TSC Offset = 0xffffff1d2e2110ba [ 420.247327] EPT pointer = 0x000000017e81301e 10:22:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r2, 0xc0086421, &(0x7f00000000c0)={r3, 0x1}) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x800, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000140)={0x10002, 0x0, [0x800, 0x4, 0xe8, 0x10001, 0x18f6fc0c, 0x5, 0x5, 0xd69]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:22:42 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f00000001c0)=[{}, {}], 0x2, 0x401, &(0x7f0000000200)={0x9}, 0x8) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) socket$inet6(0xa, 0x800, 0x7) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000080)={0x5, 0x0, 0x3002, 0x7fffffff, 0x1, {0xe33f, 0x80000001}, 0x1}) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 420.323812] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x2000000]}) 10:22:42 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:42 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 420.514051] *** Guest State *** 10:22:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0xe7ffffff]}) 10:22:42 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) [ 420.542046] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:42 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 420.623055] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 420.660203] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x2]}) [ 420.678536] CR3 = 0x0000000000000000 [ 420.694145] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 420.715241] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:22:42 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:42 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000180)={{0xa, 0x4e21, 0x1, @ipv4={[], [], @multicast1}, 0x7fff}, {0xa, 0x4e24, 0x97e, @empty, 0xfffffffffffffff8}, 0xfff, [0x7, 0x6, 0x3, 0x5, 0x4, 0x3, 0x3, 0x6]}, 0x5c) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 420.737049] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 420.786602] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 420.827391] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 420.865207] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 420.883634] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 420.896018] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 420.904946] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 420.913684] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 420.938169] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 420.978875] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 420.987328] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 420.996800] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 421.004557] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 421.015834] Interruptibility = 00000000 ActivityState = 00000000 [ 421.022919] *** Host State *** [ 421.026243] RIP = 0xffffffff81223c27 RSP = 0xffff88817ebbf350 [ 421.032689] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 421.039790] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 421.047716] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 421.055583] CR0=0000000080050033 CR3=00000001bba00000 CR4=00000000001426f0 [ 421.063040] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 421.070199] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 421.076377] *** Control State *** [ 421.080228] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 421.087011] EntryControls=0000d1ff ExitControls=002fefff [ 421.092936] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 421.100351] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 421.107128] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 421.114228] reason=80000021 qualification=0000000000000000 [ 421.120938] IDTVectoring: info=00000000 errcode=00000000 10:22:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfffffdfd]}) 10:22:42 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:42 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x600) 10:22:42 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x800, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 421.126505] TSC Offset = 0xffffff1cb5a09826 [ 421.131163] EPT pointer = 0x00000001afc4b01e 10:22:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcs\x00', 0x40080, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000380)={[{0xaf5, 0xffffffffffffffff, 0x5, 0x9, 0x80000001, 0x80, 0x1, 0x2, 0x3, 0x0, 0xa6, 0x2, 0x5}, {0x9, 0xffffffff, 0x95d, 0x7, 0x0, 0x15e, 0x8001, 0x800, 0x4, 0x3, 0x6, 0x10001, 0x9}, {0x0, 0x9, 0x4, 0x8, 0x0, 0x8, 0x8, 0x3, 0xffffffff, 0x100000000, 0xfffffffffffffbff, 0x6, 0x5}], 0x6bca40dd}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x10000, 0x2a, 0x3, 0x7, 0x10}, &(0x7f0000000000)=0x98) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000140)={r4, 0xffffffffffffff01}, &(0x7f0000000180)=0x8) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116bab7073029"], 0x1}}, 0x0) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80004) setsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000200)={0x2c6, 0x1, 0xb800000000000000, 0x3}, 0x8) r7 = syz_genetlink_get_family_id$team(&(0x7f0000000440)='team\x00') getsockname$packet(r1, &(0x7f0000000480)={0x11, 0x0, 0x0}, &(0x7f00000004c0)=0x14) getpeername$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14) getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000580)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@empty}}, &(0x7f0000000680)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000780)={'team0\x00', 0x0}) getsockopt$inet_mreqn(r6, 0x0, 0x27, &(0x7f00000007c0)={@multicast1, @loopback, 0x0}, &(0x7f0000000800)=0xc) getpeername$packet(r1, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) recvmmsg(r6, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000a00)=""/201, 0xc9}, {&(0x7f0000000b00)=""/249, 0xf9}, {&(0x7f0000000c00)=""/42, 0x2a}, {&(0x7f0000000c40)=""/100, 0x64}, {&(0x7f0000000cc0)}, {&(0x7f0000000d00)=""/40, 0x28}, {&(0x7f0000000d40)=""/145, 0x91}, {&(0x7f0000000e00)=""/159, 0x9f}], 0x8, &(0x7f0000000f40)=""/27, 0x1b}, 0x5}, {{&(0x7f0000000f80)=@rc, 0x80, &(0x7f0000001000)}, 0x6}, {{&(0x7f0000001040)=@hci={0x1f, 0x0}, 0x80, &(0x7f0000001400)=[{&(0x7f00000010c0)=""/15, 0xf}, {&(0x7f0000001100)=""/116, 0x74}, {&(0x7f0000001180)=""/235, 0xeb}, {&(0x7f0000001280)=""/106, 0x6a}, {&(0x7f0000001300)=""/238, 0xee}], 0x5, &(0x7f0000001480)=""/126, 0x7e}, 0x722}, {{&(0x7f0000001500)=@alg, 0x80, &(0x7f0000003a00)=[{&(0x7f0000001580)=""/35, 0x23}, {&(0x7f00000015c0)=""/241, 0xf1}, {&(0x7f00000016c0)=""/222, 0xde}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f00000027c0)=""/40, 0x28}, {&(0x7f0000002800)=""/43, 0x2b}, {&(0x7f0000002840)=""/175, 0xaf}, {&(0x7f0000002900)=""/169, 0xa9}, {&(0x7f00000029c0)=""/44, 0x2c}, {&(0x7f0000002a00)=""/4096, 0x1000}], 0xa, &(0x7f0000003ac0)=""/64, 0x40}}], 0x4, 0x40000000, 0x0) getsockopt$inet6_mreq(r6, 0x29, 0x1f, &(0x7f0000003c00)={@mcast2, 0x0}, &(0x7f0000003c40)=0x14) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000003c80)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000003d80)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003dc0)={'ifb0\x00', 0x0}) recvmmsg(r1, &(0x7f0000009640)=[{{&(0x7f0000003e00)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f00000043c0)=[{&(0x7f0000003e80)=""/19, 0x13}, {&(0x7f0000003ec0)=""/142, 0x8e}, {&(0x7f0000003f80)=""/237, 0xed}, {&(0x7f0000004080)=""/182, 0xb6}, {&(0x7f0000004140)=""/29, 0x1d}, {&(0x7f0000004180)=""/165, 0xa5}, {&(0x7f0000004240)=""/181, 0xb5}, {&(0x7f0000004300)=""/186, 0xba}], 0x8, &(0x7f0000004440)=""/227, 0xe3}}, {{0x0, 0x0, &(0x7f0000004a80)=[{&(0x7f0000004540)=""/116, 0x74}, {&(0x7f00000045c0)=""/79, 0x4f}, {&(0x7f0000004640)=""/204, 0xcc}, {&(0x7f0000004740)=""/106, 0x6a}, {&(0x7f00000047c0)=""/226, 0xe2}, {&(0x7f00000048c0)=""/43, 0x2b}, {&(0x7f0000004900)=""/174, 0xae}, {&(0x7f00000049c0)=""/84, 0x54}, {&(0x7f0000004a40)=""/34, 0x22}], 0x9}, 0x101}, {{&(0x7f0000004b40)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000004c80)=[{&(0x7f0000004bc0)=""/134, 0x86}], 0x1, &(0x7f0000004cc0)=""/45, 0x2d}, 0xff}, {{&(0x7f0000004d00)=@ipx, 0x80, &(0x7f0000004f80)=[{&(0x7f0000004d80)=""/176, 0xb0}, {&(0x7f0000004e40)=""/89, 0x59}, {&(0x7f0000004ec0)=""/184, 0xb8}], 0x3, &(0x7f0000004fc0)=""/14, 0xe}, 0x3}, {{&(0x7f0000005000), 0x80, &(0x7f00000063c0)=[{&(0x7f0000005080)=""/189, 0xbd}, {&(0x7f0000005140)=""/4096, 0x1000}, {&(0x7f0000006140)=""/180, 0xb4}, {&(0x7f0000006200)=""/239, 0xef}, {&(0x7f0000006300)=""/131, 0x83}], 0x5, &(0x7f0000006440)=""/97, 0x61}, 0x81}, {{&(0x7f00000064c0)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000006800)=[{&(0x7f0000006540)=""/199, 0xc7}, {&(0x7f0000006640)=""/183, 0xb7}, {&(0x7f0000006700)=""/176, 0xb0}, {&(0x7f00000067c0)=""/63, 0x3f}], 0x4, &(0x7f0000006840)=""/222, 0xde}, 0x4}, {{&(0x7f0000006940)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000007000)=[{&(0x7f00000069c0)=""/237, 0xed}, {&(0x7f0000006ac0)=""/138, 0x8a}, {&(0x7f0000006b80)=""/34, 0x22}, {&(0x7f0000006bc0)=""/155, 0x9b}, {&(0x7f0000006c80)=""/129, 0x81}, {&(0x7f0000006d40)=""/99, 0x63}, {&(0x7f0000006dc0)=""/143, 0x8f}, {&(0x7f0000006e80)=""/161, 0xa1}, {&(0x7f0000006f40)=""/178, 0xb2}], 0x9, &(0x7f00000070c0)=""/91, 0x5b}, 0x4}, {{&(0x7f0000007140)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000081c0)=[{&(0x7f00000071c0)=""/4096, 0x1000}], 0x1, &(0x7f0000008200)=""/186, 0xba}}, {{&(0x7f00000082c0)=@ax25, 0x80, &(0x7f0000009540)=[{&(0x7f0000008340)=""/4096, 0x1000}, {&(0x7f0000009340)=""/218, 0xda}, {&(0x7f0000009440)=""/150, 0x96}, {&(0x7f0000009500)=""/19, 0x13}], 0x4, &(0x7f0000009580)=""/180, 0xb4}, 0xffffffff}], 0x9, 0x40000042, 0x0) getsockopt$inet6_mreq(r6, 0x29, 0x15, &(0x7f00000098c0)={@mcast2, 0x0}, &(0x7f0000009900)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000009940)={{{@in6=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @empty}}, 0x0, @in=@multicast1}}, &(0x7f0000009a40)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000009a80)={{{@in6=@ipv4, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@dev}}, &(0x7f0000009b80)=0xe8) getsockopt$inet_mreqn(r6, 0x0, 0x24, &(0x7f0000009bc0)={@loopback, @dev, 0x0}, &(0x7f0000009c00)=0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000009c40)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000009cc0)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000009dc0)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000009e00)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_PORT_LIST_GET(r6, &(0x7f000000a4c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f000000a480)={&(0x7f0000009e40)={0x614, r7, 0x8, 0x70bd28, 0x25dfdbfe, {}, [{{0x8, 0x1, r8}, {0x160, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}]}}, {{0x8, 0x1, r12}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r13}}}]}}, {{0x8, 0x1, r14}, {0x1bc, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r15}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r17}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x81}}, {0x8, 0x6, r19}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r20}}}]}}, {{0x8, 0x1, r21}, {0x178, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x10000}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r22}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r23}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x100}}, {0x8}}}]}}, {{0x8, 0x1, r24}, {0x100, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x80}}, {0x8, 0x6, r25}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x1c, 0x4, [{0x595b0004, 0x8, 0x5, 0x6}, {0x7, 0x5, 0x1, 0xfff}, {0x5c, 0x0, 0x7f, 0x7}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8}}}]}}]}, 0x614}}, 0x800) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 421.209120] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) readahead(r0, 0x6, 0x10000) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x0, 0xffff}}) 10:22:43 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:22:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:22:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x3e8) 10:22:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1bbf17eb552edffab9ce7f45d414986d85ae5f5e4278bdb5c534b03e8dcd42544e5f8e17bb4692f6a6e24e6caad1118060723011488d92fcba876cf778b384"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000080)={{{@in, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000000180)=0xe8) r4 = request_key(&(0x7f00000001c0)='id_resolver\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)='\x00', 0xfffffffffffffff9) keyctl$get_persistent(0x16, r3, r4) 10:22:43 executing program 2: ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) r1 = syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:43 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 421.495891] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfdfdffff]}) 10:22:43 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:43 executing program 2: syz_open_dev$swradio(&(0x7f0000000380)='/dev/swradio#\x00', 0x1, 0x2) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) vmsplice(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="c09a8bcc038c3094e13b8cdeafb54b1e642e647861e265fa44a451e0b40f390f9fe6b7925ce31751bc7cf763f460169fed391ace88341d0b07c84e3a37", 0x3d}, {&(0x7f0000000080)="d746634caccbe7ce0000ec98b8321930b39d8c60444e193dceaa8b87e8d7a51cb81750586abc80e0acdbad5f3e8e447e53a92e2ba104d92653bde33fa665", 0x3e}, {&(0x7f0000000180)="1c7b59cc1f2647b59b3629fe6bb444982722d919bb1a3d1db9f39e35dd3f229700a7a1bb9ca9ffff3778e6acbe13d4ccb82be166c044ac9d730d06ee51fa6434edcc9f4d17c7303473376c5ddc73f4b22c931deeb92c00a8375bdbe4fc2f044962896b983a977aaeaced37cef961003d3e114a984fea011b44de48c759e52c4d5bb2df3caba3fc0b865384a986c8dda73df7a3515e857e95ff711f709912639aafc50c1b4977161da6ce9a86aa0cd3a0ba7791560d", 0xb5}], 0x3, 0x8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xec0f00) 10:22:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xe7ffffff]}) 10:22:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x0, @bt={0x2, 0x8, 0x1, 0x2, 0x0, 0x5e, 0x80000001, 0x8, 0xf862, 0x0, 0x0, 0x401, 0x5, 0x7f, 0xa, 0x2}}) 10:22:43 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 421.741701] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3216fdfd25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) socket$alg(0x26, 0x5, 0x0) 10:22:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x3a0, 0x1, 0x401, 0x6, 0x1000}) 10:22:43 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x1000000]}) 10:22:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xffe0) 10:22:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:22:44 executing program 2: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x80, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) write$P9_RCLUNK(r1, &(0x7f0000000000)={0x7, 0x79, 0x1}, 0x7) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000180)=0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:44 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xf7ef168a7f0000) 10:22:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x100000000000000]}) 10:22:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4, 0x100) r3 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0xfffffffffffffffe, 0x200) sendmsg$TIPC_NL_BEARER_DISABLE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:44 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:44 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x0, 0xffff}}) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)={0x0, 0x6, 0x4, 0x4000, {r1, r2/1000+30000}, {0x7, 0x1, 0x0, 0x100000000, 0x100, 0x7, 'c-\v$'}, 0x8001, 0x7, @planes=&(0x7f0000000080)={0xfffffffffffffff7, 0x401, @fd=r0, 0x81}, 0x4}) 10:22:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x200000000000000]}) 10:22:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xec0f0000000000) 10:22:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x2000000]}) 10:22:44 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000003c0)={0xfffffffffffffffd, @bt={0xffff, 0x6, 0x1, 0x3, 0x1, 0x1, 0x6, 0x6, 0x9, 0x0, 0x2, 0x100000000, 0x0, 0xcf0, 0x0, 0xa}}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000000)) 10:22:44 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 422.984248] *** Guest State *** 10:22:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:22:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) [ 423.029335] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 423.057274] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 423.119239] CR3 = 0x0000000000000000 [ 423.139511] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 423.159925] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 423.192415] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 423.213948] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 423.231837] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 423.244529] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 423.253488] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 423.263115] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 423.271623] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 423.280331] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 423.289135] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 423.297422] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 423.309764] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 423.319418] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 423.325969] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 423.333936] Interruptibility = 00000000 ActivityState = 00000000 [ 423.341640] *** Host State *** [ 423.344988] RIP = 0xffffffff81223c27 RSP = 0xffff888182a37350 [ 423.351726] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 423.358282] FSBase=00007f5bb4337700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 423.366519] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 423.372815] CR0=0000000080050033 CR3=00000001c2c38000 CR4=00000000001426e0 [ 423.380226] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 423.387017] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 423.393480] *** Control State *** [ 423.397061] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 423.404134] EntryControls=0000d1ff ExitControls=002fefff [ 423.409955] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 423.417000] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 423.424241] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 423.431164] reason=80000021 qualification=0000000000000000 [ 423.437603] IDTVectoring: info=00000000 errcode=00000000 [ 423.443443] TSC Offset = 0xffffff1b63db2821 [ 423.448140] EPT pointer = 0x00000001b78fa01e 10:22:45 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:45 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:45 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:45 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xffffffe7]}) 10:22:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f00000000c0)=0x2) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) 10:22:45 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000200)={{0x2, 0x4e22}, {0x1, @random="19ad5f617589"}, 0x4, {0x2, 0x4e23, @rand_addr=0xffffffffffffff5b}, 'syzkaller0\x00'}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000180)={0x4, 0x0, [{0x4, 0x0, 0x401}, {0x4, 0x0, 0x800000000}, {0x100, 0x0, 0x4}, {0xf11}]}) connect$unix(r0, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e21}, 0x6e) 10:22:45 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xfdfd]}) 10:22:45 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:45 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 10:22:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x200101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="005800dea600000000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x10000, 0x0) ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f0000000080)={0x1, 0x2, [@dev={[], 0x21}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}]}) 10:22:45 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xffe7]}) 10:22:45 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000000)={0x1000, 0x5, 0x9, 0x802, 0x754b, 0x3, 0xfffffffffffffffb}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) socket$inet_icmp_raw(0x2, 0x3, 0x1) 10:22:45 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:45 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:45 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x4, 0x5, 0x0, 0x1, 0x1, 0x1ff, 0x0, 0x9, 0x9, 0x800000000000000, 0xffffffff, 0x8, 0x3, 0x3, 0x2, 0x21}}) fstatfs(r0, &(0x7f0000000180)=""/225) 10:22:45 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:22:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x4000) [ 423.963865] validate_nla: 10 callbacks suppressed [ 423.963876] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:45 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:45 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:45 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0x4040) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x1, 0x4) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:45 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) [ 424.140916] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f806"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:46 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xe7ff]}) 10:22:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x33bd, 0x30, 0x6, 0x7}, &(0x7f0000000080)=0x18) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={r3, 0x68, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e23, 0xb76f, @loopback, 0x4}, @in6={0xa, 0x4e22, 0x3, @empty, 0x4}, @in={0x2, 0x4e23, @rand_addr=0x42b1}]}, 0xffffffffffffffff) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f0000000180)=[@dstype3={0x7, 0x5}, @cstype3={0x5, 0x6}], 0x100000000000002b) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, &(0x7f00000001c0)=0x5) 10:22:46 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:46 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:46 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) [ 424.376918] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:46 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) 10:22:46 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0xe7]}) 10:22:46 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = fcntl$getown(r0, 0x9) getpriority(0x0, r1) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000180)={0x2, 0x6, 0x200, 0x100000001, 0x1, 0x4}) getpeername$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000080)=0x10) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) 10:22:46 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:46 executing program 2: ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000180)={0x20, 0x14, 0x3, 0x3, 0x9, 0x1, 0x1, 0xb3, 0x1}) openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xfb, &(0x7f0000000080)=0x9, 0x4) 10:22:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000000), 0x80800) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xfffffffffffffe90, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d319a4a16fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:46 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:46 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) [ 424.602408] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0a5171e1caa7d5bb3dc366aa8470a58eba4eae3e289181"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x81, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r4, 0xc08, 0x70bd29, 0x25dfdbff, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x7f, 0x1, 0xffffffff}}}, ["", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0xc010}, 0x800) 10:22:46 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:46 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x0, 0xffff}}) 10:22:46 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 424.778660] *** Guest State *** [ 424.795101] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:46 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) [ 424.834393] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 424.837202] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 424.874124] CR3 = 0x0000000000000000 10:22:46 executing program 2: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001700)={0x0, 0xffffffffffffff9c, 0x0, 0x6, &(0x7f00000016c0)='selfu\x00', 0xffffffffffffffff}, 0x30) fstat(r0, &(0x7f0000001740)) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) sendmsg(r1, &(0x7f0000000080)={&(0x7f0000000180)=@in6={0xa, 0x4e22, 0xffffffff, @dev={0xfe, 0x80, [], 0x10}, 0xd649}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000200)="71a4e8f2709aba54340afa4bcd0db01004981d236a978b9ee39f526f1c29dd1f8c6ad102747f692ae993073fb7bc1d6ffeec5b5c70db88634c643e715d475aabde6012397e560514d8410f88cd85d6184294989b2f3fc216b2ef14b0efb23af1db5c543f3972ba19d42161c4a4b264d85db4732b25bb0f9faa79", 0x7a}, {&(0x7f0000000280)="dfb0e1a2b6bb6aa3a6d0e698f5ed6b0476b87343afdb552b299e4b94ad5730647c24436a27a8a01e9080ba2e6ce166aab9a992f691bdcf4e682b813737e51de020244610f3ec864b3d7feda072cfef8f187da5866f3d520ea5e16aacb3827bde422c9fdd98f15b697c970084a655dd1f916c4e8da1c12a4923f07771ae0beb2d55436eb6b7433a64cd6e6a5a411d8286ba18608a8cf19b694739b521feb9f859ed9d0c67be4c2c47f5f77dfc852fb8d1bae2af8d7e9bcfd2c7f6efc3376f749e33fbb31c3f22006d4bf4d143dd378653a9d95353bc348362aa81109b6257942e6db27d44e25d1a43937aa354c4a116340b253e05b1c0c88fb5fcedab8a691e620ba1b97a01e301994938872c573917f290329071f65bb9e9367751bc84e87372c339149970df3befaef13ebf8db19035d93b9d619306475d3c9e8bc84b916e4653ee9011f28b722bfaec7e405f35ebaa0b8f11342aaaeb4524a4ebe4e37c855a6aea4ebf2e5a2c5c4c74faa474b39ff4afa744eeadd663741d7f926db203bde8cca2cce39842fe2a835f96ece0257bce353f9492494ff62f0621a8b22c09080b2dbecf4827a4a89f6528758b393ed5292fd44be90295ef4066dcdd11801d6528546fde6844cae979441383264f21dbefd97ce7301cec89ebd2a73fcf31e510c86b234bf73caea51d1dffb51a95ad25a1de7db7156105c7b1cf315e43a634be3f122ab2a9d6b33447f8e0e581b2ca20da807ba0a6d55e54dc21ad85eb6ac9975f4c3b10f1832fd910ee4a5093cc0db5f849dc7ba8310b0f7bb2c5a42ed43ea1426fca17f9b6d33fba185673ad29103520ab2c4b44841db02e3b9996f70b84ddcb5aed31c7f0944d92150a3de1d14e80fb12dd2efe9a838555fb9709a7fca5181b18f2126b964df4f3f5d7aefe4e19ad76915f995da1679167550597ced1fd059cf27b4f887ecf9a33aef4c11b821b982188d3443e8679b34e81d0d5280eb51c1856ceb2e3db5efe6cd8676183675e3cf794a3fd80296f140c69bb8432313b4f313247339e735650575a3c0281edb36ccbe0cbaed7e8d718ec57d220b3d38e06123febe475628e4dbca94d2de3735e067922c1b83044a586fc3ee8a31df0266854d63497e0c8d6cc9fd0f2f06223f11d4039a08fcd2506918492fee6b2ea603b22abc6215e054b4ea2f5551a69cfeb73ad68aecfc8ba7e63f5b60601fd17477341c264a74d2885b6fa66c2c5ee3122766dfdeb5e2723aa7d830967c7c1c944c1443527769eded67334473a5697598cdaf157b654a671deab319281a0f990bc5f006422708ce814938b53d445f604bda8112b03af7a326a15bfd89ad8a4970776020bd7937298b2d5ffc37b744adcadaacbbf9abd5fb93fd21beb6ad414862446099a608796c32899976c00a86557ad098470c6da7cee6a85567902ef2e8af5be998aaf14d57b90777e15cc5e5af2a9b836e78ad4e70a52cfb399865eae00d8875ae8002afcfb2d1fca0fc20ef33fcc1542d1bd65b3cc52c29f470fc2224834b988648497cc7cca24ae8347197c5f0f0219a062dc8364cdfd1dd35499c09d8e2b85d81a57a67ceec65bd59c87b3c83821f3bc630a7cab7c61d8a7ebad30b8c882c3a90edce157fcba6cce5afa93cf7f3d0a21b1cfa7aaee5125f9eb682bd5fbce4abb6faf0a79b198c488052ec90ac6dd0a2db067f5a99942ce24eacc517ae18802fe5dcba00e7ffc2aca167ca9f3180388e03ad52df61e07d196cc2370eff4c9c2bed20654adae32c8f39a69222d349bd86834bd28fd548fef9d03cf7a625d49fc00bf4f594c899d344a3b1e714a2317476dcfee9a4e2edff94eeaf56c100fc10f05996db04509bea71afb0ac50c3cd01bfde681546b0f3a888594f4402e8efd4889045cd9091ca91cdb4991afd5b4ff9a53135b7fa494b67b81a4fbec0a6622410485d83e11b18aa66a01370c1fa3074d47904b9c4c02ea044479b978d9308cf8285343d253781b32cb984ed121d509bb6339db02e8e8814d6bb40ce5f30aa2e8d0420fd5f3f890477b1355381649a836f88b386989dca64eca890345107d08a06fd4fe8f7a6093a891ead9fd73f04f86ee5c85ee4a8c03069291d846edb45d39b057d9b4046a524f0ced637dfdcae521781378773258e0c5499393f9df8d3500fad9c0a63c91e0e3c4e3fad3370b6e7500b03a81c3614876cf23e0b579c026231e0042874d242da274c335d219bada81a9c3f927ef1725aa12ee0f91ea53456b7b847c457c05a7a7892ef94ced38136d0e63814a438f73231ecb781ba5944e8a4a68e8d6101c12cb48dffeed96c39d0accd96ce391e164242dc9af37e5a6fef04e718d46ca6bcdfac7526cf844ef725eb58d070f25151762428dba9705db5e6d3ffa0658cc0c97059484306cf5f524424aacc573a3f016649b14d4f2c641cf80515032b5584f387cea513ccb7d3271c4037a51aa0bdc393b943f1a92c6f5b3f994cb3edceb05f9d1618c24a7c62bbf7feb7fff83a256904c3a75193978cb14a190281ef129ca1c68cb775c9ebfbd9862b161ce6a407e5f05ce903474b5c00d6dd2cc504801c08c128c4bccd3ce7d49065df42e39a655f6c46f983325c7e37c9953af17a6d622e019447b113cc5862bae9f39ad7a9a0cf545ab59a85ca93734132d5dbdcdd3e1c3be5e3c3cc23fbcdbbc5938033705f01561b63e4c0efd58d2a2a43a8ab1ec4f887f1f378fbc74b5c1fcd6cfc6f95605f4528ebb929a874137fc621166102ccf31f3acd33c904c0575b2809a79aaec838818a990713ad3183729c822ebd7242d978166d320f496cd8f16119cec7fb843547cf5a4c916fc0a2a9918464da422270f04d3e2103c68cfb1163270cd27c46d5264856d7218b268138fc2fa55f27c339d0c6090ad2f8320020c2dc892a7cecf19e6f1cebd6d1bc75d0737aff049cbd426f1efa88ea8650447fcca57bb9ad504c71ea46492ba882cb7f95d36a832a3f8a402b2d31530efac04f5adcb274afeb6e729add775f1cafa8626875fe0e90b7af0b928a52ce06718ac35c467df802f1c5792e13ef2b68365dffabc9bc0505b33928a24eb1065c9d7d97b659d617ac912f99b6e2ec87a10ba203d81521542fefdac7e81870880d39aaf4660e45ca99fa0f250be25efe2259b8fc01a69718ac6ff4fd0f8a87e07fd7022030334057cb88951c44b160b069a95bddd889ee3b7eb853d1bcf629c0d066f68e0261f5672b9398951918d791617c63df01038c89a345c72e7e8b5da670dd7ab5e3c876ef8e3939839203583747152a1545d607debf6064c04382e9a3a9f8c8c61828859fb25040fba300a3a549e19fddbc70934a6a0ced528abc80c58e648aba2795dba4b883445df77cb0c8dfc034e941ecbbd50151b1fb3a00a7534af625d378756ca20676b7fbe4a5c1ae2a175867e0114b0e041bb2ee4deae12c133cc6c3deeead466a551f802225811d74945712d2b7d43379ca92b3d167f6b8e003b68c0772ecdaf4ff44257d729e3b2b708aedda41db2308a635f518cfbe72e9e0157e8f81da0767adb61050e44b77b5fcf13c63d8de6f2cc410971fbdad27fbb5c9294ad4e9739bcdfd8cbd762fd234f3d6bcbf28c308241ea2d3625ce1ec51b8d78be8a8ae3b51ebc741c7759f0ad7f44007380285f92267a15fe0d41291a410168b2f149df352e4a8341a802459745ca25a5a8d02c7b223409e29d4047a3244f2f304c9430f914f2335b961de1bec0f9d76e9cce4f377f2640a56f25fb8faeff107c5db1738b202e0211815d7791fc0d6a94e6789f95f58e5c6f67d8057fe6e87150d6bdaf85e508dad24870699beeeac5ca74961d775f4954aad5388900844d3b1ff853c842ee84d2d8158b7135898662f0205718d82940ad6bfc040a4aca633d7244839ee14ce2f6418f7fb16b947efb1383b86efbaa0d6685f11faa8053394b79639f07b004c5dc779fc454e239dc9a13e7c2919636685e5952dfe2d0beff83ccb04e36d023343aeb5b14b14361aa4d9327fc15aab56d8d6cc4f661ed1ea14803a786a4181c783e60141847c3afffdef051d400caba6b6552a444104b06aeab4cc5fe42e5b5ac869b7017565f69623f4069152f655586da1b107084ee956b5714f60ac732ca176061daf2996de150536edcdb9c6a926c333a3f1c98171d896eec1c4074c59a04498c7aa22da399e4c4385a0a644f54bb30869b55c84fe39a8c3f272ee2a5aca428cc76e2c68504d3e25aeab5a4dd5e0d3773e28bc02097e6bee946ea788043a9fef7c817e6abc051e23f87f564df9d7ac6d4efa241e53700bbe9fe581f134da20f89de02f6f3c6c56677f6a7d6a45a3003f3f70b53551ea29c1142b471e08a79bf368336919ad86cdc28e9627fc0348285c7e743434f44b89346b1c8738f8616739cb07c71c1bd316885918e78705a25e93a3be797032041938c3fe90dbdaa93373db4a1685f8871799dd9f58184d0e2e3ab698edd72ece220cacb4ccb4d21c9a35274001d043396dfd83c559dedaddf166da3040cdb6e4a0244b7bb10cbb515aedb3d84b3dee2432e16bd48bb97f9a3e7e7cdc24552f3c91411cd8a0378428716c6a37c138949bb08290d776561ccec4a98f271717485154f3f0b5e41c40c601eb9d15a1cbd2d027aa562e6806d0ea01966d0cd96cd9331a2b8fc367a4ae7784d0f45593e2fcffdcb2f801cd07e5da24de5c167037a4102e45fcabee9c5282d09187f6840dcdb8092bd685a8c9b2038e4bc3b8d815cfd16df20ab8743cba32ac3154798aed7ce3fcc17ff1fc41d9cec9c65bb5afdc5fa09abcc24993e7d36379d89fe90cad1e0ba557a4ed07f442509ec891c9771265e0c3d29ec0fc6a4b80ace3ec01bd23e1c3a7548c7e0f680bbaf366848d6ee3ca67b9a875fe06eba65eb402a85ebc8bbda4d3b5419b886cb361b68521f4dd0ba8c8d90f415ff2e7143803e57fe2421aeb432097d26fcf058ff1ca32737286ba9f5a0cffe33d4aa30782c4e258a8bdf53c4d9832b1aa8c8d3313f9b5ed66a723a479cef96e5d6ab1b72582c9308fe7130b15869fcc36086cf0518fee8640da921ca5c3cf25e62c17c22866fc3c787ec074e235ccf156f9c47d360a0eca43f89d8c29a6ad9a7e1dad0441f2facd3213841ade05566151066e14669ffb3b8887de6d88929cb6f1e3312c0ac757a68b14dc38a6180a173fb3d98ae392a949451e5e9737ccc982fc0b10abde43f6fc0ad314a933b34278b6bd0fa263ed2b582036b16f6b08127113a707d972e4be6e4ba97ac6e0f012b15d851c8e04f267b121defe8fd6ed97a3d2675305e6d581df488ac582b052a69e99684fe53272ba8e6db960e91d5fdd5caf14a1122a26e1727552d9f3fd4790c54d1c257108e99f12996674e9ec71d3be72b737de9df1ad8e38948547e75b2acdfa16da5be593ffa564d5064f9c6693687c6d9c8571cdfa1657796f2ddd2854a69c4c38e696c1e613539fc721c9d63672d5734a8a8f1197146c0fdb6db3c3fccc0284ee9705d85007a6aefcc725098529c905a4e599478440cf6b84de3a3b9a9e73f9c90b40d9236e26b2c8ec56ec14b605dc066c5b752a9fdd52dc16a063934f2bb5bd242a2a07afc410a2f60725be0aecf377325ea53194e30db3956c2c78046d5580d6934940641e27f91b519db25c4545588ff7dd8250bdceecfa353e9284bbd6a9b394bf774b465af0b65692f1679b03b3d092165ecc3b919b248071ec4b6c17205c1580bb7ee1691d31ad95bd8edc28b284350b91eddf152419bda1b36", 0x1000}, {&(0x7f0000001280)="a99851323a25b343d4e10e69c8ac0d12b125fdb13e1e77fc059702448f33771fd8e5fa4316cad0208c93acd0b91f13f43cbab792a8ed148dc14ba0c97e0ff62a65e84350f0dcb8fb4452cad324a36b43c0419df18efeeb9aa025dc4c5cb323606066577ddc51b51782aa2095170ca9bbbe1624d059becf737ab2223ed6bafda593c766a3f6e986aef05bd4e0e115cd8ba0f1724e749c3583b70fb6d871f115b07edd249d0ba1cc17b3c27f8e369e79e718badfaffcb78fa60af336bb4f2102ec03c22a126d76f1c5624c6feb18e8fcc7288079bab722e6b042469a91bb824aab627cdbd7e8f02fcf1062ca2e2fff263e09330c3ff07185", 0xf7}], 0x3, &(0x7f0000001380)=[{0xe0, 0x1, 0x8, "3bccda50b07454595d699e5517f06e26c2d20c6fd90c78535e300c65d851a69819b4858ddb94d80f817d89427b54126b6bf76f60600cb8258ae16b04cb53a9bb3f54622b8869dbb0a983741445021c3379240d79ba0576b2c51011021a819848db4f4f93678e13d3228cecb77c46f9e254e8a7f5542f6bffdbd037242b35860693bb41901715896b2deea54e85e1d8eab7e63d892c9aa1a00a64b6fcfe7773c8de8b01f608a80875024b630a125568a9025919fa567c2975753b099c254c169168e41e6c79b4821bade169"}, {0x98, 0x0, 0x400, "a4ded443ce0aca21f3b7f92c1510b4a27a408bbabed04ccff52518cb6826d3294a74045733a83ec81281d2f1167818bd42c9c506c78be9508ed7a82a9b7da49a9c9f16c705d7a10f65238c72de71d90923f2049a6e15873e3e6a513367ce94f9598ed0f3824a9a860b0081fdca8a39bce5a6e71509ae55847286ad9196fd05a4a0cf1ea12c0c"}, {0xe0, 0xacb42141b0163a3d, 0x9, "22c0d7c23700ccbfb6bfd755e696ab1e474b4264d1b1bf5cc3b375743aa125e88a13cf0cf1dcbedd731a207c8c30e194996258548e92d5d1b4a3b32a8f5300be440c4d25f89aef0672b4782c26d25404bb9863acca628f32ba5f1adcc31bec93361e31f920c1f6a6d460dc5ed08eb78b3d18537530185e0bbd95f1950d044a68baab60e3c07c199590ec7ce425c68d146b553c389bf4e9db97f12f7e2ba66160e9edec6fed87edc4ca1078fc0aaed30d63ccb10a89b5fbbd05c96d8de8ed8fb2859cddf085515cc787093cb425"}, {0x38, 0x10c, 0xffffffff, "2e992143ca98c32859b40ffdb656da767c8544fdada63e2d96e4738181172150ae5387e24772"}, {0x10, 0x11e, 0x1}, {0x98, 0x117, 0x5, "a664d96a4565307b6eba9fc4d484e026c32bc8bb23d5d5475a4a736c7ed4d84586791dc87d4c05f50b913e1cd66d9990ae094bd8b02de495cab284551e50407a3237e1c2030b94b5e6282747851a28105b7286a2070f30f387ec6e075655255647fc398fa16c76e61723b92cbea1fb11f049c3a3d27bc1a7a5eb721e625ce138efe2731cee73eccd"}], 0x338}, 0x8801) [ 424.890158] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 424.916002] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 424.937466] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 424.950068] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 424.958379] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 424.968106] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 424.976709] ES: sel=0x002b, attr=0x000f5, limit=0x0000ffff, base=0x0000000000000000 10:22:46 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:46 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:22:46 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0xa2102, 0x0) syz_open_dev$vivid(&(0x7f0000000180)='/dev/video#\x00', 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) [ 424.985312] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 425.008331] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 425.067822] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 425.096613] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 425.123479] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 425.151669] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 425.174549] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 425.188553] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 425.198489] Interruptibility = 00000000 ActivityState = 00000000 [ 425.205216] *** Host State *** [ 425.208613] RIP = 0xffffffff81223c27 RSP = 0xffff8881afd2f350 [ 425.215517] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 425.222338] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 425.230622] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 425.236644] CR0=0000000080050033 CR3=00000001d1bbd000 CR4=00000000001426e0 [ 425.244154] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 425.251228] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 425.257402] *** Control State *** [ 425.261268] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 425.268158] EntryControls=0000d1ff ExitControls=002fefff [ 425.274218] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 425.282489] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.290007] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 425.296709] reason=80000021 qualification=0000000000000000 [ 425.303471] IDTVectoring: info=00000000 errcode=00000000 [ 425.309295] TSC Offset = 0xffffff1a6b7aeb23 [ 425.313746] EPT pointer = 0x00000001c60df01e 10:22:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x2c1, 0x102) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000140)={r3, 0x1}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x400, 0x80000) ioctl$DRM_IOCTL_ADD_MAP(r5, 0xc0286415, &(0x7f0000000080)={&(0x7f0000fe9000/0x1000)=nil, 0x1, 0x5, 0x80, &(0x7f0000fef000/0x2000)=nil, 0x542}) 10:22:47 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:47 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) [ 425.417078] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xf6, 0x408000) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000080)={{0x5, 0x9, 0x3, 0x9}, 'syz0\x00', 0x3d}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:47 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:22:47 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:47 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) [ 425.468508] *** Guest State *** [ 425.472906] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 425.482432] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 425.518056] CR3 = 0x0000000000000000 10:22:47 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:47 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_QUERYCTRL(r0, 0xc0445624, &(0x7f0000000180)={0x2, 0x7, "07db1ef37cc7c1e1c5d9c611b60cd213fa29d5fd8b93471f1f6631c4acc586ad", 0x0, 0x10001, 0x400, 0x3b2, 0x2}) [ 425.552864] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 425.589956] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:22:47 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:22:47 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) [ 425.613731] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 425.639782] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 425.666804] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 425.686606] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:47 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 425.719015] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 425.766781] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 425.794897] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 425.806282] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 425.815466] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 425.824348] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 425.833093] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 425.841885] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 425.852854] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 425.863519] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 425.890313] Interruptibility = 00000000 ActivityState = 00000000 [ 425.896581] *** Host State *** [ 425.900151] RIP = 0xffffffff81223c27 RSP = 0xffff8881d796f350 [ 425.906160] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 425.915406] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 425.923541] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 425.929737] CR0=0000000080050033 CR3=00000001d1bbd000 CR4=00000000001426f0 [ 425.936771] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 425.944816] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 425.951224] *** Control State *** [ 425.954772] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 425.961600] EntryControls=0000d1ff ExitControls=002fefff [ 425.967064] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 425.974046] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 425.980740] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 425.987305] reason=80000021 qualification=0000000000000000 [ 425.993678] IDTVectoring: info=00000000 errcode=00000000 [ 425.999168] TSC Offset = 0xffffff1a0b3e9bd6 [ 426.003474] EPT pointer = 0x00000001ba6d001e 10:22:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:47 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:47 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) 10:22:47 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:22:47 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x10000002, @bt={0x0, 0xffff}}) 10:22:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x18082) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f0000000000)={0x101, 0x2000000000000000}) 10:22:47 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0xfffffffffffffffc, @bt={0x0, 0xffff}}) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x4) write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0x7, 0x4d, 0x2}, 0x7) [ 426.110491] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:47 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}) 10:22:47 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:22:48 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:48 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) [ 426.264546] *** Guest State *** [ 426.280436] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 426.300963] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:48 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 426.339205] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 426.360504] CR3 = 0x0000000000000000 [ 426.364594] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 426.370984] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 426.377299] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 426.386237] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 426.391712] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 426.426932] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 426.443748] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 426.452221] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 426.465796] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 426.474173] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 426.482800] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 426.491059] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 426.499342] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 426.516346] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 426.535853] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 426.543478] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 426.551730] Interruptibility = 00000000 ActivityState = 00000000 [ 426.557991] *** Host State *** [ 426.561599] RIP = 0xffffffff81223c27 RSP = 0xffff8881815bf350 [ 426.567600] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 426.575008] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 426.583121] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 426.589107] CR0=0000000080050033 CR3=00000001c409b000 CR4=00000000001426f0 [ 426.596129] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 426.602856] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 426.608985] *** Control State *** [ 426.612423] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 426.619130] EntryControls=0000d1ff ExitControls=002fefff [ 426.624592] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 426.631556] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 426.638232] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 426.644851] reason=80000021 qualification=0000000000000000 [ 426.651200] IDTVectoring: info=00000000 errcode=00000000 [ 426.656634] TSC Offset = 0xffffff19a7b5a25e [ 426.660990] EPT pointer = 0x00000001ba76301e 10:22:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x42200) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000080)) 10:22:48 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) 10:22:48 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:22:48 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000080)={&(0x7f0000ff9000/0x4000)=nil, 0x100000000, 0x2, 0xc0, &(0x7f0000ffa000/0x1000)=nil, 0xffff}) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{}, {}, {}, {}, {}]}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:48 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x400001, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) recvmmsg(0xffffffffffffffff, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)=""/65, 0x41}], 0x1}}], 0x1, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000ac0)={"55c990aa4964e82a3ec457f4c7d69681319b32c4fe546fdaa52a7f1ee7a27d5f71fb895c4bf21bf0301d2a160f646d230ecc224077896302fd1e64ad393ef24145492c44f164e53100dc89f52d25895dcd4320f649fc784145767a5224088c492511d0a5d7bb0c0176706c238dfeee9caae8811ba9d2ec92a4a340c091647ae36123d290d72c375af37957c01aa945bdb6a7a6870069350c7c2ac6b9c032e80d8150743be19fbaf9447badcc1908d174e06fd466e64e24e3c892ee52a4b31338ad67030baeffa5bfa701c1e7bfbd8fd016d87018d05ab11f9e813877bd9cdf0884cbaabe09190f95550884f8a1e6510f6bbe96f86859597bf89741aea068e55b938ebee9d9bff58478513c4b72edbf79f75431b54743ab05d3980b30b2127cf13bf94beba0828a4bb1848bc1f862fac00698e4bd2f4bde3bb35107056c4147c0ed8d7d588ba03c37b82ea384d1db706a8b46ee351812ad747d1045540a48b542996812548270c5af5d27ff72920bebd8371348c7f55a953e236ac13fe737a81bd9b61e30a5e9c526cf61862f5a0a90963c73febe3b66ab29f17b6da74b7647bcc4e527356d57fa1fe3f3dffab39df7b353eda6b839decb4484939f4fc0c84bda1c964941ccf4db1ca0d2c152fd356ac66441c8b68755d533b416d9f7999678227c7a69db08e997252dd6a38fc458d93fac9f1f14f49b7ca4a0b0c8b538d2f30c34503a0975506ae9004b3e5c3d2469cf4e03d9b79dc1499647b5b680a02bdc56c18782c48120dee663918288f068c49d85355d114cfe0c5d1405cf5e37b181f296fa7dc9af116fbe220121fe139739226eefce468f27f5d21ab51ef0e26134c5341cf13799003ceb38d4050c2ba1c9e6decc2d11a8f14a6adadd45e615106b5dd4c07093ba114ac55b4e80d1a3545ab6e8fbf796b908ecc244340fc06e4d4bd6e069b7f0232198ab067a709bcdd4d41500e5dc7032e5993f965d4603033fe61cc523937d7345df42b4f1b62c4daf64f6c29eb2f214b88680bfe19252b67719ccea37d19fe3bfb0c8ad0bd6f4a1df532ec9220269453df5144ff48f63c2ad655b8f20db01b3af95c11f4e7de2bd0a47d47b08b620589a33327bef9ee310505c1736510e88b74281f098099c753d30fcf32f31a0521e32407d689b093f24d07049682ff4662b5b94616699fd704589c0edb02cf3e622088c685564b0c166f9f3cdb12dd8a70684ac6e24570191dda2db2b1965d2397a45060f834405b81fa79204e029b7cd93333dfbef669f3e480fd071f5b87e9fdf984dfe176353ed12ea15484366548336f540a5f1e8b9e19bdeb8d71dce9ecf03d09515bc4bcf7be382176e7e12395ee0f795f76695d0d90eee181d300deb89d7098403ac76309e63f6ca3eade1ce57dcd9de56e24610ed5c470d5540e9f50d068ee8a1431bb3216ae99b18"}) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000200)={"325fe8544015a994f65f98bf2ba410e8600204f96001b183b89c42da1213d0e61a3a6dacb2472b82acefa6f66614ca126bc8c279c568c69441b12d35d64c01159f37d74f4f5008f9b456d982900129e4d5c3ca235dcfc099ccce3753d7bdb07623dc18085f1e0d68a2029b8ead87fe35bcc6e99feddc970496c858f61c23d408c0b7266c4d669280fbc81c846f9dbb3e678c2b5521079b1bd397efb91a9c2ff5f8f281442df147cd20c31f479351240b05acb06f91ed4a60022c1d8bd05937f300b9370238ec7856517e82044aa3c6654470d6967d5c4496b149b67542978464e088a6f1992a1679eacadc34ec761995e982d29e9fa28a6b3aad0dc6ecd2547ad1d2c87d5c049e023a7e5052c8c79f181a6208551979811d3ddd4a8e1ce4573d83d99be3aa61074eac4bcdb221cb48af07df89359442088cd94487fcbd0c4197390bd1b0c0602eac14d02cb93f5246153a37a8d2342f7e77fff3ae080979db90e3d0b0dd093cd48e996ff7a958adbff4ad03c2add1ff6df35600dc284622830c8915a37ca84632529a46772d6083db241a62892f49190a65f297cf302c273cbad5a1bc64321bff8186621904d4ec47d75ae334228da5556144e82ae1b31708f3f9bdb7a469f1a0c5b7397244183d00766c855b83d423e3ce2b943296fb283abac2bc1cd5a80554ee550be3c4c673cf512ec18aa01d799dba22dbe5fd2cfbd04ff792334b25bdb9afc3e63ac4b4313ccc1fde866dc7045cc32e3c0e85b76099e6feb0a2152a9d959a08f848f5c64cbdec98956f4d6d50e8eb74779ad173e36d426c1b1e5fd75807c78f795cd23bc0ccff870678c72504e5d80cdabe431b4f0b7974228be9e7dec474d798b2daad19623c92e7c910debabf8d2adb490abd2994d92f1aaf75f5fd8219e3fcf6433c1034eed44b8f68e46eda7404c77b4e7961997b5cf2b1d87f5213bfbbcc1a6032560b117ea0c51934f3b5cb50bdb5f1c285626bb473eb94419b0ef863e076d768b14dc5b9e35ca58001f5378e10308e67ec46c12d93f2a9ea66a3df974819a233b667a247ee113ddd4321278545c4fd61f569c843af05b7916546bd7d4122794e5106d5fba702c4386f1dbbdce1720a1eeb253d8556e1bf5a3f5bad42b14059287ec6dd56d4461f716f3447e3be6d8b8c4ab19e743f87097883cad2b650ac87488d7856c43ebabe0261c341749d4049a4903a9dd14f84d5cbc30620565c2c860bbb6826db7c78a56369fb01522226cfbe0457e6162ecb7372e5096cd8f88e6bd505d89bb9b94f44b8fd895c5e6af9b4507ea86ef9a6fc50c9131bee453081baa0c076d3b204c4e608fdca13b26ad423da0ee7eee12e7dcf5608814f3a48670e9f817a0f6e7720bc94ae8f64f84008bdf9ebbed6da5c5f05ebb353907d053d901243116023b7c23cc2f5cb9677677946c96f713d"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) write$9p(r4, &(0x7f0000000600)="6709986bc8cd45febbbfc7046eaf9a344f91b4841cd4a77e373c7417a1269de3965715639b014b0cde7fc14ab6e08f579672866f118c165793ab627601bf5f73f6755eb215439ed55aa02072188f888d47119340353d3827c646431bb1252c5a7bb2c3ad67d976f4ee1da1b11b6dd040321bca0a962f90f1298a3292050053fb0096f81d7148796b2fac0a53be4c3a45a9b9abceae8a893dba2c", 0x9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:48 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}) 10:22:48 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:22:48 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000000)=0x7, 0x4) 10:22:48 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:48 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000240), 0x4) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000180), &(0x7f00000001c0)=0x30) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000400)={&(0x7f0000ffd000/0x2000)=nil, 0x2000}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000080)=0x2) times(&(0x7f0000000000)) 10:22:48 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}) [ 426.969629] *** Guest State *** [ 426.972959] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 427.020957] *** Guest State *** [ 427.034896] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 427.056084] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 427.092491] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 427.121669] CR3 = 0x0000000000000000 [ 427.143177] kvm: pic: non byte read [ 427.147526] kvm: pic: non byte read [ 427.148905] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 427.152139] kvm: pic: non byte read [ 427.161895] kvm: pic: non byte read [ 427.163828] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 427.166344] kvm: pic: non byte read [ 427.178025] kvm: pic: non byte read [ 427.186746] CR3 = 0x0000000000000000 [ 427.190659] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 427.199637] kvm: pic: non byte read [ 427.204265] kvm: pic: non byte read [ 427.209565] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 427.216386] kvm: pic: non byte read [ 427.220489] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 427.228008] kvm: pic: non byte read [ 427.229583] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 427.241447] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 427.245004] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 427.253370] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.268804] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.269628] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.285290] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 427.294222] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.295779] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.302785] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.318434] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 427.326952] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 427.335337] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 427.342836] ES: sel=0x002b, attr=0x000f1, limit=0x0000ffff, base=0x0000000000000000 [ 427.343694] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 427.359642] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 427.366162] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 427.369839] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.374931] Interruptibility = 00000000 ActivityState = 00000000 [ 427.388139] *** Host State *** [ 427.391860] RIP = 0xffffffff81223c27 RSP = 0xffff8881afd2f350 [ 427.397936] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 427.404746] FSBase=00007f5bb4316700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 427.408577] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 427.412884] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 427.426832] CR0=0000000080050033 CR3=00000001ccd6b000 CR4=00000000001426e0 [ 427.434351] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 427.441387] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 427.446537] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 427.447522] *** Control State *** [ 427.459542] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 427.466292] EntryControls=0000d1ff ExitControls=002fefff [ 427.472171] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 427.476661] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 427.479415] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 427.493147] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 427.494394] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 427.509914] reason=80000021 qualification=0000000000000000 [ 427.516697] IDTVectoring: info=00000000 errcode=00000000 [ 427.522605] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 427.522647] TSC Offset = 0xffffff194fee0629 [ 427.530819] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 427.541726] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 427.542377] EPT pointer = 0x00000001b964801e [ 427.549403] Interruptibility = 00000000 ActivityState = 00000000 [ 427.560097] *** Host State *** [ 427.563433] RIP = 0xffffffff81223c27 RSP = 0xffff8881816df350 [ 427.573466] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 427.582040] FSBase=00007f8a16ede700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 10:22:49 executing program 1: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff57a155"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 10:22:49 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:22:49 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:49 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) statx(r0, &(0x7f0000000000)='./file0\x00', 0x2400, 0x0, &(0x7f0000000180)) 10:22:49 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}) [ 427.604446] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 427.610652] CR0=0000000080050033 CR3=00000001be741000 CR4=00000000001426e0 [ 427.617769] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 427.708961] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 427.772223] *** Control State *** [ 427.786007] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 427.793578] EntryControls=0000d1ff ExitControls=002fefff [ 427.799221] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 427.806760] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 427.813566] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 10:22:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = semget$private(0x0, 0x3, 0x4) semctl$GETZCNT(r3, 0x3, 0xf, &(0x7f0000000140)=""/189) r4 = syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x9, 0x400840) openat$cgroup_ro(r4, &(0x7f0000000240)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="882d3116e295aaff25adec002dc757b965f57fc73c0f6f5e02c8b7708ba56f471b413a2411eada835ff37dc6e52e006fecf6eb466265ba24a7f02c22ad2ab7daf46385353dd61cdb0e7d3320ca41c6c0a257a1395a1db744def6c33ca87af201926cd523f961747658b89b94b8ee8527cba6699248ba721dafbbdfe593b5a0d822dcbe37ffda23e8a986a088eeefc6b894f42e0db58aaec69e5d6f8a38d9c16460a7bc0d06b4388e05a4392dd4a78c26b203fb3b5a11509d556777836a53e983a0515ac3c10a67226d5e6e8f1821ed35f3e7f8cb60283c73e7bd88515cb5db6ef9eecb3630d4c94298ebd241cbfb46a95b49f53f59e8a0f8a53c13a1add2320a072d"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r4, 0x111, 0x5, 0x1, 0x4) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) bind$tipc(r4, &(0x7f0000000040)=@id={0x1e, 0x3, 0x3, {0x4e22, 0x4}}, 0x10) unshare(0x60000800) ioctl$BLKTRACESTOP(r4, 0x1275, 0x0) 10:22:49 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:22:49 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc4, 0xdc, 0x4, {"fbaa09abc526ce0197e2cf89108895c497ff845f31ac2f336458c001a45672a8d66e6924b9628859e08fa3eb7d1a6907e06af02a4cec75ca25bf76f5ec9640b36728cbdd84f5d7cbd8c501d32f08ca3ec7cf86b89fdd80bc4bb7120c02018a38860be5fcf879a0818ac579c6042b61628ed43e5e54451078bc6b8587d0e38b8b9054988fabeeef9b570e39183c765a8056976231bc939fdb4396775cbd79ee4d61ce861f1375ff4512e6d57158edc54363570072c6c22df44940a2878f4c172fec27e8"}}, {0x0, "4ea1f33ce1f4c0454a2ab79376354982e0625cd911987d31cc528a60ac7807dd394003a015c0cce481b7289980d94adbfc85ccb51aa741f322721eaf1ac6553fd64d6063601fa1f0c7453a2544b39969f707f85384cf19f468afc05e"}}, &(0x7f0000000440)=""/228, 0x13a, 0xe4}, 0x20) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xfffffffffffffffe, 0x10000) prctl$PR_MCE_KILL(0x21, 0x0, 0x2) bind$vsock_dgram(r3, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @reserved}, 0x10) 10:22:49 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x10183, 0x0) 10:22:49 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000280)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000200)={r2, 0x4, 0x0, 0x9, 0x5}, &(0x7f0000000240)=0x14) [ 427.820212] reason=80000021 qualification=0000000000000000 [ 427.826528] IDTVectoring: info=00000000 errcode=00000000 [ 427.832027] TSC Offset = 0xffffff1951f1242c [ 427.836363] EPT pointer = 0x00000001c0cd901e 10:22:49 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x2]}) 10:22:49 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x0, 0xffff}}) [ 427.940837] *** Guest State *** [ 427.944364] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 427.953856] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 427.963518] CR3 = 0x0000000000000000 [ 427.967450] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 10:22:49 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x800000001000003}) lsetxattr$trusted_overlay_opaque(&(0x7f0000000280)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.opaque\x00', &(0x7f0000000100)='y\x00', 0x87, 0x2) utimensat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x77359400}}, 0x0) sendfile(r0, r0, &(0x7f0000000140)=0x2f, 0xfffffffffffffffe) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f00000002c0)) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000300)={0x1, 0x0, {0x80, 0x7fffffff, 0x201c, 0x7, 0xb, 0x7, 0x0, 0x5}}) 10:22:49 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 428.009094] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 428.045897] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 428.088617] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 428.096922] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 428.106076] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 428.114351] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 428.127847] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:49 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @reserved}) 10:22:49 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x8000, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000080)=""/59, 0x3b}], 0x2, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) [ 428.136948] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 428.145925] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 428.195846] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 10:22:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="6f2d3116fd072569e1"], 0x1}}, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000080)={0x4}) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r3, 0x0, 0x1, 0x7, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:22:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 428.238524] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 428.250634] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 428.263537] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 428.277079] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 428.317656] Interruptibility = 00000000 ActivityState = 00000000 [ 428.344998] *** Host State *** [ 428.370765] RIP = 0xffffffff81223c27 RSP = 0xffff8881b199f350 [ 428.399301] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 428.428157] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 428.436926] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 428.443095] CR0=0000000080050033 CR3=00000001cf35f000 CR4=00000000001426e0 [ 428.450339] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 428.457510] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 428.464105] *** Control State *** [ 428.467762] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 428.474685] EntryControls=0000d1ff ExitControls=002fefff [ 428.480384] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 428.487533] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 428.494439] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 428.501291] reason=80000021 qualification=0000000000000000 [ 428.507778] IDTVectoring: info=00000000 errcode=00000000 [ 428.513493] TSC Offset = 0xffffff18b7cd3ef7 [ 428.517985] EPT pointer = 0x000000018609e01e 10:22:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x240002, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000440)={0x0, 0xa1, "5d261889bccd3696f705b61e16402805a182fed3668f30a05cac89533d9a9921bd66f73a4dd09645fa83e38f483deaca7f6fef54dbc8b0d0d845e98c6bb16c9f9f9a8184ebde78cb720464d909aa72eec5d4bf7af01b5708b7f5a15d0b1d6d6a92d698ed888641eda4ee3bf45ca5ec4ae27f7c6eda51ccbeec44b40d298a28196680a3ffe5adf3de62c3a1ed0e71736dfabb2a2598ef24bec2e636e21de0bbca2b"}, &(0x7f00000002c0)=0xa9) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000380)=@sack_info={r4, 0x2, 0xaca}, 0xc) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="882d3116fdff25f8ffd275fb7f505cdedc5df9fbba02cacd820d7fc786d749bce21c487f284bcf89425d735d38f1502ade0e7a83c0271a21a23ae4ebe6d6c603e2f5d5e184808954668a8d8a1f81049a863229137b6807112a74adee76269a9258d41720e63aa9bb990db6d4d251acfb0f2a041506064d831c34ca01135d4be735163878046a06fde52a3c6ef2826db2120dd2f2796386b49f002772b8b18f76d35d2e3dcafd7ad6e2dee910317782e7f6551f745c85167db34250add16600d4400eb8494c3a31a9caa47473c8439d"], 0x1}}, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x1e) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x984, 0xdb5, 0x3ff, 0xb230, 0x3, 0x812, 0x20, 0x592e, 0x7, 0x9, 0x1, 0x1f9d, 0x1994}, {0x7fff, 0x9, 0xffff, 0x3, 0x100000000, 0x8, 0x0, 0x80000001, 0xfffffffffffffff9, 0xff, 0x5, 0xbe3, 0xfffffffffffffffe}, {0x9f, 0x52c, 0x7, 0x9, 0x5, 0x6a, 0x4, 0x10001, 0x0, 0x80, 0x4, 0x6d, 0x401}], 0x1ff}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r5 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x100000000, 0x100) write$P9_RSTAT(r5, &(0x7f0000000200)={0x4d, 0x7d, 0x2, {0x0, 0x46, 0x4, 0x1, {0x8, 0x3, 0x1}, 0x1000000, 0x4, 0x3, 0x2, 0x9, '&vboxnet1', 0x9, '/dev/kvm\x00', 0x0, '', 0x1, '!'}}, 0x4d) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:50 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$TIOCNOTTY(r0, 0x5422) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000000)={0x80000000, 0x0, 0x301f, 0x2, 0xb17, 0x100000000, 0x7, 0x1}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:50 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) setsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f0000000240)="edd6a629c5614ab0034eeaad82cbe264895419a5b6255a72347e9c11d5b7bbf55c79fd8dd8eece4b33a074340e1d7bab70eefb4a0d45c9793490055a7182a938955c0345b00ab4f970ef44d93a88ab016110c4dbc9", 0x55) getsockopt$inet6_int(r0, 0x29, 0x11, &(0x7f0000000080), &(0x7f00000002c0)=0x4) getsockopt$inet6_buf(r0, 0x29, 0x1b, &(0x7f0000000180)=""/135, &(0x7f0000000000)=0x87) 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:22:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:22:50 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000180)=""/61, 0x3d) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000001c0)={0x1, 0x5}, 0x2) 10:22:50 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) name_to_handle_at(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="ccfcffff09000000f5f521c24ba2abe51f790083e47d764d3f330e98a711d30dd5b2faaee8e58cb442e0c8387685e9273f8fcb530aa4f80596bdca89bede0d46d0c89a32099ecf844d857aa68c8d3b840b8947bdeae65431376aec2a7901d5ede6daecb75ca935cec6add36a90df060c7b810a100ad01ea6018363ed7da9e1c058d6940566b93dbbc047566bdc24a282dac0599d02e77b3ec5bbb0fd20e2d1a851dfb9c45bbd5d582f18858848e5ab521a328abcf746e4c975dd6ec3ff9851420c013dfbc43b7335fe34e5a813788c37c7920803ee6030ae22681a808742d5aedd249082d02dcb622df76ad1452a3bb35be6971e874ea89520f38a4ddda81d4f17d8f90cf27f4b7b812abaa260ff815279f8aac37606503710dbb20e973bca1b24575d99e991dccd386680f336ea19260f0b221d105787d6a5cb84467865e235965694f826f9d24d570270c41cad4d94a1544d92a9c6847b9c252fc7d40322a4053aaee0e0e5bf0658f80091f49bfecf982fbc8994f2747f0e"], &(0x7f0000000080), 0x400) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffbfd) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:22:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x40, 0x0) ioctl$ASHMEM_GET_SIZE(r3, 0x7704, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="882d3116fdff21f8ffd8eb14b14dbee337fae6b660a071017d0d43dfa6e8cd997f483a2f1630ec4a8d29c3f930c4a939774455baca1ccb0ca77d92542488f9964f8a6de7b439f16738139705ef7e6190d6b76a85cad7ef766e4b2bde7fd657526d30278ec6ff3232a2aacddb1523de270998434d71c0a91fff0928e3fa0eb050e2bb69fd25cf29404051a1fffafdfd5963bbd2e40af517c7284bac5ba867be24feb8a87f35c1bb322eab7bf693522ebfb60c64bc6cafba283fbfe0eafd4d7ed35d7c03974581118ab049f6b270c52207c7"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x7ffffffffe, &(0x7f00000000c0)=[@efer={0x2, 0x401}], 0x1000015f) ioctl$KVM_SET_CLOCK(r3, 0x4030ae7b, &(0x7f0000000000)={0x7fffffff, 0x7}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:50 executing program 4: pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = memfd_create(&(0x7f0000000080)='/dev/vbi#\x00', 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000001c0)={'\x00', 0x8101}) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000180)={0x0, 0xf01, 0xfffffffffffffff8}) 10:22:50 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000040)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000100)={0x3, @bt={0x0, 0xffff}}) 10:22:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 428.998499] validate_nla: 10 callbacks suppressed [ 428.998508] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:22:50 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x204100, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000001240)='/dev/admmidi#\x00', 0x4, 0x82201) setns(r0, 0x54020000) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000000)=0x7) ioctl$EVIOCGUNIQ(r1, 0x80404508, &(0x7f0000000200)=""/4096) openat$vnet(0xffffffffffffff9c, &(0x7f0000001200)='/dev/vhost-net\x00', 0x2, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x9, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000001c0)) 10:22:50 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @reserved}) 10:22:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:50 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:22:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="24230000fdff258e56014f741c89f0e2369338ec8695d6535b23f992884f197c17583985b8aef502b7cd5788182d01953b55fdf8c6bb6ef1f9a1dbc32a0442beb3b2d80000000000000001"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:51 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_ENUMAUDIO(r0, 0xc0345641, &(0x7f0000000080)={0xffffffffffffffff, "d7409a6aca50d00809922692ef9f35adf98cb417ea644e74d7ecfc3499187e36", 0x1, 0x1}) ioctl$int_out(r0, 0x5460, &(0x7f0000000000)) [ 429.198440] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:51 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x84c01, 0x0) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, 0x5, {0x3f}}, 0x18) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x6) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000900)={{0x6, 0x7, 0x0, 0x9, 'syz1\x00', 0x7}, 0x0, [0xca, 0x8, 0x5, 0x24d, 0x0, 0x6, 0x1, 0x1, 0x101, 0x0, 0x0, 0x9, 0x3ff, 0x0, 0x7ff, 0x7, 0x755, 0x2, 0x81, 0x81, 0x1, 0x15, 0xffffffffffffffac, 0x5, 0x101, 0x5, 0xffffffffffffff81, 0x18a00000000, 0x2, 0x2, 0xfffffffffffffffd, 0x0, 0x2, 0xcb1, 0x0, 0x40, 0xb124, 0x2, 0x3, 0xfc5c, 0x5, 0x8, 0x3, 0x23e6303b, 0x2, 0x5, 0xdf9, 0x0, 0x41d, 0x8, 0x0, 0xcb, 0x8001, 0x4, 0x9, 0x5, 0x80, 0x9, 0x4, 0x1, 0x7, 0x0, 0x8, 0x1, 0x8000, 0x4000000000000000, 0x400, 0x7, 0xe188, 0x100000001, 0x7, 0x267, 0x3, 0xe8bb, 0x7, 0x40, 0x5, 0x100000001, 0x0, 0x9, 0x7, 0x2, 0x9, 0xfffffffffffffff9, 0x5, 0x10001, 0x7, 0x1, 0x101, 0x3, 0x8, 0x0, 0x2341, 0xad, 0x5, 0x3, 0x80000001, 0x7, 0x17, 0x9, 0x0, 0x9, 0x7, 0xdcfa, 0x0, 0x9e8b, 0xd94, 0xd, 0x4, 0x8, 0x4, 0xffffffffffffffcc, 0x7, 0x100000000, 0x401, 0x4, 0x9, 0x10001, 0x3, 0x3ff, 0x1, 0x3, 0x1, 0x7, 0x0, 0x3ff, 0x937, 0xff], {r4, r5+30000000}}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:51 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) [ 429.300474] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:51 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:22:51 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:51 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)=0x100) write$tun(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="000022f00101050003003a007df600082374aae56600e4e28ec816eb62585da9532eef6c85d037a5924972648b868b4c64379b601a05a25333235d643b0973ebd8c96d1b3efba31a15e5764fbd6ba336ecb3ee555d6b016361b03e79e351b40791126e08ab3508ad1c887fa1656529410d0d24c501b9080b2b9f43f47290961f8d57e9a38cbacb296a371a0b40830a3ff9f33fbd4168f6ee04df"], 0x35) sync_file_range(r0, 0x0, 0x4, 0x2) fcntl$addseals(r0, 0x409, 0x2) mq_timedsend(r0, &(0x7f0000000240)="918f5c331a6bf72f5986f2ba2e0f004a01a7d6f022c427d2a661c16cb6ae7e1b33058b402e79364d0d5a8fa2c38a7801c1929d0dd024902075c8d8786b5ea6a716d7132b11dd8c2c0e1f15089cb558a2ac453d17eaf726e5f32d77205da91a95e5a6dd965a0a00795e27ddb5dc20195b26740bf6e7d043b91779fe290de69793535a8f6f093dd60ffa4d77ec05013f063347ce222dfd6bc5fc80ca3eed29", 0x9e, 0x4, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:51 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000000)=r0) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000002c0)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) getpeername$unix(r0, &(0x7f00000001c0), &(0x7f0000000080)=0x6e) 10:22:51 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:22:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="09000000fdff25f8ff2e1587ce3d4998568f450207d140181291de07b11c51883b238e24b2fed9fd87f325edb9bcdfb5673f204a96ee33e97f9561feafdb77ea30bd17f8342e556a2e38c2ba271813a890700f4aa8a2e6b500c04bcd7f23bd6e3bde53e7587f961b4ec0ca43985d03503d89d3cf2a942b8f4fb631164d536a681e82e11fae54816af89caaf7e13b170206d94fab7edd3d6096ec56c102057857b353eaa11c5aa3"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 429.517286] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:51 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000)={0x80000001, 0x5}, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0xfffffffffffffffe, @reserved}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 10:22:51 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 429.729522] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 429.810381] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:51 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) socket$inet6(0xa, 0x7, 0x6) 10:22:51 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:22:51 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}, 0x0, 0x7, 0x0, "4877bb1f56d48eb1fa5fac76a792a929a57f6062b013ec6b7a9ee231ea85a1c7f5c8fdf3bcaf6c5bb203dab4011d7c6096609012d3e979295204ae936681b23832f302a5020f3f6af0b1d2fb5a00eb09"}, 0xd8) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f00000000c0)={0x2, 0x3, [{0x1dd, 0x0, 0x2}, {0x7, 0x0, 0x400}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xaaaaaaaaaaaaa2f, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$clear(0x7, r3) 10:22:51 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x24, 0x0, 0x2b) r3 = fcntl$dupfd(r2, 0x406, r2) sendmsg$TIPC_NL_BEARER_DISABLE(r3, &(0x7f0000000180)={0x0, 0x106, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="88aac3961f8450a0e7"], 0x1}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8) r5 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) ioctl$TUNSETGROUP(r3, 0x400454ce, r6) keyctl$link(0x8, r4, r5) 10:22:51 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) ioctl$SIOCGETLINKNAME(r0, 0x89e0, &(0x7f0000000180)={0x1, 0x3}) [ 430.140867] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:51 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:22:52 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:52 executing program 2: getpid() r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000000)=0x10000, 0x2) ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f0000000080)={0x3a, 0x4, 0x9}) 10:22:52 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:22:52 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000000)={0x0, 0x2, @value=0x7}) 10:22:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=0x0) ptrace$getregs(0xc, r3, 0xffffffff, &(0x7f0000000900)=""/4096) [ 430.434650] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:52 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000180), 0x4) timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, &(0x7f0000000080)) 10:22:52 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) [ 430.554211] *** Guest State *** [ 430.571548] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 430.607300] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 430.623084] CR3 = 0x0000000000000000 [ 430.627117] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 430.657320] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 430.673934] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 430.694705] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 430.719838] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 430.732579] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 430.740872] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 430.749308] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 430.757476] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 430.765731] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 430.774212] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 430.782457] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 430.791657] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 430.799995] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 430.806601] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 430.814318] Interruptibility = 00000000 ActivityState = 00000000 [ 430.820797] *** Host State *** [ 430.824176] RIP = 0xffffffff81223c27 RSP = 0xffff8881815bf350 [ 430.830487] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 430.837093] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 430.845099] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 430.851727] CR0=0000000080050033 CR3=00000001c4b12000 CR4=00000000001426e0 [ 430.858968] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 430.865768] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 430.872041] *** Control State *** [ 430.875617] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 430.882390] EntryControls=0000d1ff ExitControls=002fefff [ 430.887859] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 430.894870] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 430.901597] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 430.901607] reason=80000021 qualification=0000000000000000 [ 430.901616] IDTVectoring: info=00000000 errcode=00000000 10:22:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe6) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00000f25000000"], 0x1}}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x101000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000080)={0x7b, 0x0, [0x2, 0x1, 0x6, 0x9]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$IOC_PR_RELEASE(r3, 0x401070ca, &(0x7f0000000140)={0xfffffffffffff2e6, 0x6, 0x20001}) 10:22:52 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:52 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:52 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) flistxattr(r0, &(0x7f0000000380)=""/213, 0xb) 10:22:52 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) [ 430.901623] TSC Offset = 0xffffff1755a7d8a6 [ 430.901632] EPT pointer = 0x00000001b783f01e 10:22:52 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[@ANYBLOB="5f80c2000000aaaaaaaaaabb86dd60093a0600083a00fe800e000000000000000000000000bbff020000d8762f62c6c83e00feffffff0000857a30269400000000010000000000089078f798fc1e828198e2fad052911eeefad9dd689508739ef4b8539fa7b532b1b598eec0f3af5177e87824df73cc930a2754813d437e1d1dd48db33cc6df3592a44a702caa478b4fa7c2fdede71a643feebdce075965125b2cebf4b975812f7000000000000000"], 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:52 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$KDGKBMETA(r0, 0x4b62, 0xfffffffffffffffd) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000300)={0x0, @bt={0x82, 0x5137, 0x0, 0x1, 0x0, 0x20000000, 0x6, 0x7fff, 0x8, 0x3, 0x1, 0x6, 0x0, 0x81, 0x9, 0x9}}) [ 430.969646] *** Guest State *** [ 430.985774] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 430.993595] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:52 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) [ 431.033633] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 10:22:52 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 431.100139] CR3 = 0x0000000000000000 [ 431.118895] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 431.131362] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 431.146883] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 431.193267] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 431.208681] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 431.225934] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.245045] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.253223] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 431.263098] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.272524] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.281144] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 431.290863] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 431.300709] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 431.309394] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 431.317493] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 431.324193] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 431.331698] Interruptibility = 00000000 ActivityState = 00000000 [ 431.337916] *** Host State *** [ 431.341163] RIP = 0xffffffff81223c27 RSP = 0xffff8881b2e07350 [ 431.347147] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 431.353596] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 431.361436] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 431.367313] CR0=0000000080050033 CR3=00000001c4b12000 CR4=00000000001426f0 [ 431.374386] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 431.381222] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 431.387266] *** Control State *** 10:22:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x7, 0x111840) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0xe8, r3, 0x102, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x98, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc7a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x38451081}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x642}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x7, @remote, 0x1f}}, {0x14, 0x2, @in={0x2, 0x4e23, @multicast1}}}}]}, @TIPC_NLA_SOCK={0x30, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffff}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x24004001}, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x4) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 431.390747] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 431.397564] EntryControls=0000d1ff ExitControls=002fefff [ 431.403075] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 431.410032] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 431.416799] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 431.423430] reason=80000021 qualification=0000000000000000 [ 431.429777] IDTVectoring: info=00000000 errcode=00000000 [ 431.435210] TSC Offset = 0xffffff1755a7d8a6 [ 431.439564] EPT pointer = 0x00000001b783f01e 10:22:53 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:53 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) write$P9_RATTACH(r0, &(0x7f0000000080)={0x14, 0x69, 0x1, {0x1}}, 0x14) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:53 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:22:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x8602) ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x1}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:53 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:53 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:22:53 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) keyctl$session_to_parent(0x12) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000000)=0x8) 10:22:53 executing program 4: ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000140)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x3, 0x10}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000340)={r1, 0x8000000000000000}, &(0x7f0000000380)=0x8) write$binfmt_misc(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="73798dad1349951a2f10e775143709a072f398165f4656e7a883a210864a53185a6c7595078ab0ada6d1"], 0x2a) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000080)=0x20004, 0x4) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000001c0)={0x1000003, @reserved}) [ 431.611632] *** Guest State *** [ 431.614972] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:53 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 431.653028] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 431.689369] CR3 = 0x0000000000000000 10:22:53 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:22:53 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) renameat2(r0, &(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00', 0x2) [ 431.703717] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 431.732433] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 431.776477] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 431.803890] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 431.822795] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.835738] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.850874] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 431.869299] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.880854] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 431.889044] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 431.898338] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 431.907051] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 431.915282] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 431.923419] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 431.930099] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 431.937709] Interruptibility = 00000000 ActivityState = 00000000 [ 431.944111] *** Host State *** [ 431.947523] RIP = 0xffffffff81223c27 RSP = 0xffff8881b2e07350 [ 431.953652] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 431.960194] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 431.968174] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 431.975115] CR0=0000000080050033 CR3=00000001bae38000 CR4=00000000001426e0 [ 431.982303] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 431.989115] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 431.995241] *** Control State *** [ 431.998824] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 432.005573] EntryControls=0000d1ff ExitControls=002fefff [ 432.011149] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 432.018238] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 432.025135] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 432.031825] reason=80000021 qualification=0000000000000000 [ 432.038212] IDTVectoring: info=00000000 errcode=00000000 [ 432.043778] TSC Offset = 0xffffff16c50cbcc4 [ 432.048195] EPT pointer = 0x00000001b008201e 10:22:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0) getsockopt$inet_tcp_int(r3, 0x6, 0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x4) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:53 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') write$FUSE_BMAP(r0, &(0x7f0000000000)={0x18, 0xffffffffffffffda, 0x8, {0x2}}, 0x18) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000040)={[{0x8, 0xd9, 0x20, 0xdb9, 0x4, 0x2, 0x65b8, 0x200, 0x3, 0x3, 0x1, 0x9, 0x8}, {0xffffffffffffff7a, 0x6, 0xa4, 0x2, 0x9, 0x8d, 0xb4c2, 0x26, 0x4, 0x6, 0xf, 0x5, 0x7f}, {0x9085, 0x4, 0x3, 0x7f, 0x9, 0x3ff, 0x6, 0x9, 0xff, 0x9, 0x2, 0x4, 0x9}], 0x3f}) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x5) 10:22:53 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:53 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) [ 432.191466] *** Guest State *** [ 432.195725] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 432.212147] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 432.222439] CR3 = 0x0000000000000000 [ 432.231403] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 432.242128] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 432.257601] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 432.265520] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 432.273848] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 432.282163] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:22:54 executing program 0: r0 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0xff, 0x101000) getsockopt$inet_tcp_int(r0, 0x6, 0x37, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x40000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x100000000}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:22:54 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) ptrace$peekuser(0x3, r1, 0x2) 10:22:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:54 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000480)={0x0, @reserved}) syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x800) 10:22:54 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) [ 432.290640] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 432.299059] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 432.307235] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 432.335471] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 432.357916] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 10:22:54 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) sync_file_range(r0, 0x3, 0x1654, 0x6) 10:22:54 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:22:54 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x100000000000}, &(0x7f0000000040)=0x8) timer_create(0x1, &(0x7f0000000200)={0x0, 0xd, 0x1}, &(0x7f0000000240)=0x0) timer_getoverrun(r2) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0x7fff}, 0x8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6(0xa, 0x1, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x14) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c) setsockopt$inet6_udp_int(r3, 0x11, 0x6f, &(0x7f0000000040)=0x3ff, 0x4) listen(r3, 0x18) r4 = socket$inet6(0xa, 0x5, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x20080, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x80, @dev, 0x200}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}, @in={0x2, 0x4e23, @rand_addr=0xb5e6}], 0x4c) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000180)={r5, 0x0, 0x4, [0x3, 0x1, 0x9, 0x3f]}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}, @in={0x2, 0x4e23, @local}], 0x2c) write$FUSE_LSEEK(r0, &(0x7f00000001c0)={0x18, 0x0, 0x2, {0x7}}, 0x18) [ 432.388584] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 432.413020] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 432.450602] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 432.475997] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 432.522047] Interruptibility = 00000000 ActivityState = 00000000 [ 432.545617] *** Host State *** [ 432.549042] RIP = 0xffffffff81223c27 RSP = 0xffff8881afd9f350 [ 432.563096] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 432.570041] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 432.578096] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 432.584162] CR0=0000000080050033 CR3=00000001bdd5d000 CR4=00000000001426e0 [ 432.592200] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 432.608863] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 432.615485] *** Control State *** [ 432.620148] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 432.626959] EntryControls=0000d1ff ExitControls=002fefff [ 432.632579] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 432.639825] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 432.651683] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 432.665719] reason=80000021 qualification=0000000000000000 [ 432.677496] IDTVectoring: info=00000000 errcode=00000000 [ 432.683221] TSC Offset = 0xffffff1670c8bfb4 [ 432.687779] EPT pointer = 0x00000001c74d701e 10:22:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x6, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2e9, 0x33, 0x0, 0xfffffffffffffffc) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116010024f8ff"], 0x1}}, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x206600, 0x0) ioctl$UI_GET_SYSNAME(r3, 0x8040552c, &(0x7f0000000180)) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fde000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f00000001c0)="66b81a008ed0440f0f4b0b0cc42329684e0d00400f01c166b8c8000f00d8c4e3c948da0f3e410f01cb66410f388102440f20c03504000000440f22c00f20e035000020000f22e0", 0x47}], 0x1, 0x1, &(0x7f0000000280)=[@cstype3={0x5, 0x8}], 0x1) r4 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x800, 0x1) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'bcsf0\x00', &(0x7f0000000080)=@ethtool_link_settings={0x4d, 0x1ff, 0x3, 0x80000001, 0x7, 0x7, 0x0, 0xffffffffffff6348, 0x5, 0x7, [0x0, 0x7, 0x401, 0x40, 0xffffffff, 0xeadd, 0x3f, 0x8], [0xfffffffffffffff8, 0xe470, 0x101, 0x5, 0x1b0]}}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0xfffffffffffffffc, &(0x7f00000002c0), 0x103) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:54 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:54 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:22:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) getcwd(&(0x7f0000000000)=""/5, 0x5) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="01000000fdff253f3977d97e32c4cb00feb6a8451f26ce9be1c7397ec919a8c35b1949e16d560d3ffaa8b41226ffb53b9d47e9a90022ec588182b0b7ab81ed6a9fc706633a91c141c56731743bc79de84eda9f3392798b12f886f4594678c0aee034fcba4c1ae1ceb94b84f4b05be49258af4b2e5228f9e72c334cca6012489d315f26ff8710b11370eb6f9765461382d7b447468795ed02d0f44bc53910e16d3a79ffb2a6a863ceb64e12563cde043708668b7c6626a5eefc7585aba463c9f815"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:54 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x20000, 0x0) 10:22:54 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:22:54 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000240)={0x5, 0x3, 0x20, 'queue1\x00', 0xfff}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000180)={0x3, 0x0, 0x7, 'queue0\x00', 0x92}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:54 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x20000001d) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) 10:22:54 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:22:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) connect$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0x2, 0x8, 0x3, 0x16, 0x101}, 0x6}, 0xa) 10:22:54 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r1 = socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000014c0)=0x0) prctl$PR_SET_TSC(0x1a, 0x1) r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000001500)='/dev/video1\x00', 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000003b80)={&(0x7f0000000180)=@proc={0x10, 0x0, 0x25dfdbfd, 0x18200100}, 0xc, &(0x7f0000003b00)=[{&(0x7f00000001c0)={0x12e4, 0x32, 0x102, 0x70bd27, 0x25dfdbfd, "", [@nested={0x88, 0x47, [@generic="aaac9b7596bdb61b77d3d380a11a371772f70c064bde708de5ed370838b2c7b9fc7f050949c4dd032d38f6257cc2667e5e7205d1f2aff41b7a28fddd2c0f9492a1218726ad773cf1003cdc6b79bd6a2bb1f4e5e71509c4fc221dc814269444153d0019e73bb1e4643a84c43a9a1caa0e1496dfd2e8cdfc21cd58fa76c3f9bcb68eadfffa"]}, @generic="dc045963c662397486ca2a595d8d83cf375b5f85f41cefd35806157b5b2f60e3be57dbbb145c9cedde1d23545cadee4f608007366674c505a3085ebc33fe916fc6dc1b623880d45ec900dcd3781496b400f2215b4d785034e12bae01057027f18f5620c2820b7742de552aca93d1ee2d6fe948b5f10155919e5eeb97a26bc5298482fe88b5e6e999bfc5e193ebf4d17cbe00a56304f7d60226d0ef7542f1ca6a78199d81697cba5b62797ebb961fd6af963f89c58cfe8eef8ef988f8046b834d7246c65f3b099555003e59e93c8363dbb49895e93c2d0f00f05c5c64fcda8e37df9453e1a265b12efc5208365e6aa92ba69d991a6c56297da53261008dff309e9b26bd32af95cfc90bb5cec56f689d5dfbfe8bd338b55db9577d9c7c10270bce4f9b2bf26850381bb6a66a0dc263f3cf253605557f001d73145e3bb056bb08d302eda7e18dd297d898b360700471457c9818bc076775fdfe162fc452f701f50a6b02442dc4d57d3eeff012485b5e7ed12778046f649d5d9b06fe45fdb733be652293d1f2d90b9ad13bb882fa5d73d595e79f664d682b07d062dfa60c318e13b3f0f896898b252fff996700556c9dbcbbc314b17d6a1d2d7f821b57d586da722979840e8a9d92054a6341c45a4101f20cf6f563f3f7151c1affadd9cf7ff93a7f52886b158b57652773e86862afda4b1b1ccdcb5c1a552c6a2a7c5812802347ac58df94be972fbda8db173732f23cf44c18c3249a5ebe29616b2d3df472e7a48f5e37daf74cf520886a4c63849219ec07f06d633f18fc954e59b7bf524974485809aafa40f09cab2b88ab3d0d9923b829a15be81ea4878f4e6645b35ba960f82181f17c836aa0ea84c9408922e07ad02c66cb87384ab3a9d645046c6d78bb423d28023319cb018a3cb82a52a1aaa6821ee529c938669e103ed99975b5f9efe29b7202029ece3d89d0d03eb21f20c84214a61153e401db5a102b476906c5948f4b12e4d63389e1600cd4ade5eaa77408e212c23a008bf324a3a84ed867c6072b778ef57e18dae0afdcdfe140c4c45075f87ff8eb700c62598cf7625dab547945c435ba4e35d8d4b08fe4a937ee3156d2ddece2a520bd251e4ba164103c9d75896693df235fa4f41429a0c4167978d5c25927f32016245cf610e4c7b05f5e2051cc9c444f06a5c92a92a062ed1ebcf39feef5a3c567961a19505de9abca0ccac153505e8d97b374519a04350b23c346bef31f0cc5b438c759420166bc9a49eb4920c791bdf08982cf5f7cb0122ed16b8b67732e58b31ae8749f9af3dba95db37a840c8d0b570afe77a8f239097a273e6b7ab42e0a6914cc3ca0009591aa2015d3ae16ea3e17b97f1a49013d90c4644465b6c417533bd0e67c670a1aaa9d1e66da2a75e4b4130b26c45f5c2b4836da9b9d1216f543e744e1b011bc86ed7253d80466f0168176953c61f3f4f7b8c948103508d8e638b853065432aa3c7fbdc8a37f4c62fb6c42b3c270818d66bf523e8f81805cf6d31a75c00e14d77a949673b25515e19209ac6e8a8369f94d2a5f3aaa3c6e9967a1695bd234540ef8746d4104a0f8cd89625c9654c2f567951b9d060016da1774f9ec56dcd5bcc7412a7d0a68d61c2afa0312aa594fc48e64ea4fb436f33a8e2bd1d6ec1ed029173c035ca319c494126e6e4850c514fd4ad80174cc15dd1bdff5abafdf994dddeea695b2da1f60ec6c30b17409fe5006e08ab77124f14239799e2289cb6255604e6dab0880a6818eb9f8301f3c5b2235915dbb5543a085c0543f1c1bb21c649df9d1e04125bc370f1518931125cdb1804f6fa50e3b96ecaa7744fa8251ef4d8d3a5dfe7d5ed75c47ecaf1ac19ab41229df90262632d085920e9cfcf835d86619d065cd855a69061075da0fadfb249deef5183f58e6e9abd50dcc03160ec7167bcc56f87ed97f6e7128e89d793e0c6119fd45e7a6c414e18cda72aa1f82b4a0635a78d2b8139067a9ba3ad39de06a067681debba253cdc1fd0f4b10286ea06a348b3ec4497006028f7fdd3276a016b0718b045ac04f4208ba37d7d50562691572e7f6a20d3f8e692d796d8c5e2330335112f9c958f9981380f931e4ea3b6340526d9d25015d6e120acb378eac0b9bc2d211619c7c740b0ef5bd11ac4a08b1fbbd296d061908bd25914d5f97271a29c556d7024b08809137ec3d1f82a8de616db215e119c6240e440395b65bb4026b394ecacb2162c1c48d215e40ebeba8171b1c43892d448d0cfbfb76c2b0071ef938c244189ca721f77b1d05b8c2538eab365974e38b9231eb4f9beb8e42995270ba0a738420418f0f88475861a1f17f933e0c557c03b0494460448847b55de2f2362dca19cb10489410c4a08d55495eef7fddf015742e55a8e2a29018f77fb3f2096381b59efef4ac749cf720478d49d56bbe6a00729cc4ef3bd6449a346b59255f7d070293a90e556980a17359e23bf9ecfb933d77d4c1cfb43e7afd438e438b28ceb758ecd93750a8a1359c0e7bcadcc4d90e14bd3f96399f21632c5afc0f1caf46952be1d22fe5d90586f90e76c06707b3fc6cb52627e17ea31cef938ba62f684e3dcc523eb86748bea2b73f271757cb87bb75d3a109435347198f5f2746cb4dad79ffdf71e512cc4f3b93de632383973193255ac2635906903699cae721402b86c91af2c6291e95c7e0e61194899ffdf56871027e18ec5674f672233ba592bc1d9c7ca33681cfd66ee18440ea36490c0693979e25794fa5869fb03a506dfbdd75f6306e5b17007df06f932e0646c96ed6b97a34787d621d9d8495998699abee690451a636b0a67c1549eeb9b720fa88b9f6dabba63a76ff23bb75103a4d41706ed94fdfcba283cdc48a8b26b22fadc0b40d7ba15cdf3ae0287f6813ae917b4d4fde68d40d829ff3d7f93831bd66258e963c3838216098125373135832a6f4b919adc6c5aebe3b6278d501dacfefe681d5eb62cdafacca7113f631644bc2d929dce958f248ac18381058c5d967d94288761a8018e82f0ba41aaed2baf88ce9d96e33df2ddb549b4544b0b841a9488ff24167e2e017d56e212b7d3c9a13ffc2edc7c089d4c343a60db5b5e15dcb53c1ae00a7c9c130437ccb4d31918c5ee36e0b501f2f3fc01cf56caa3f6103c8fba455525882c3a046679c697eb12c807601d4e15adabbc48706a975fe2586191ad8b744e50802f07a10ea045dfe4c9ca9562753d3c1ea033b4a3aa0b011be6e29cd1f60844d7d357485255ddc820ad9a53910416aac79960954d6d848c7f55c84fd39b850510499fdbd7537712da48be2c5a29698d0e24776ca19b4c6ccf6932b93ef4d56259b867e737add7519901d5b17b5382dd83c0500556ba7af05ac2e2786b337f1a79788814c399b3cb3c1e98388881ea2fc5347cd08102b13bc497b5f939dd6dbe90555bcd23e62334444e7d8b1dd2f0eba20987e1e2cc4e3bd63b16acb4aa93c942bde0796ed26441409a497a06f28ff873aa64310cb07e00ff4afe17a9f9f7679f1a3192286a24409482508272a1e6c4b48ecbedc2e7c508f45b62073f63c535c59d4b0de7aa0e821612cabd6f653c1893f83c0517ecb899de882e6b65dbaea71e66452e0d0d950ea612c6a07421591f3a89535f17595f10b8851a3130fcabc9e25f7f826f15a6de24d8f0773663d09f687b43f7ad2be262be4c4856b7f987053761cbd76edd52ad60743d49b02c99c36f03d094b3705699ccbc0cb1bcbc3b3cf351c3fe17dea0fc2b43ea975d691a0c6b51928752432d46e71280e121ec457da1db4dfe05b833e6ceff06f19ad4a9da097c4911f4b14640e1333ce5a86c991dc69cc63ef3123f54709258b94a833012fddd7f63fa646ec1e7be2e6201789a8176f6ab1e72b79d99b088199bbe9d37ea354453e5e67365a86b291b5fb6992014d621e5ae007acb8eba345780d3ab7c628209c7abd942f8245edb4ed5ad69d1d82ba82ff8b9eb05d15fcccf1f1067ce92a310359be8b103a53b35dd1c0599b975493effdd15bf4471e8cfe5277f56aa47763acfda29cef80f4fb6868beb74c460ce702c52a7f30bd72c88e1bacbe52595a57b267f7169de6e8453011f3fc86161a6b65c32fa81487747570f9dc5d366f2d653e7016b9c5b1051f383be32e26e3a55fb2d69dac966078f954edb0a8b7943922947ef995215034ff1a835f660470392716370bfdc02df52c6e4b8392b3a1cee16a21cf97e128a17531ac3ecc99da99b85f2430dbe2faae08ff6a6f3eb986fc5f3c72c2123f36231668153692c4bc84f911187dc19b7a9e6e8b42922a774c21e6e03c87a4ea6a1b9d0d11c3b7774cf106283268e4d8448bea84545c82d6245829fd93cb927fc051c5dd4790917df6dace4a26e061d0198379bb85fcdfc6e6e04151cb2b4eab848dd4ac7149b448c7fe4c138a78438411e120a73e5e1278d5858fa75444f608cea6f5ae447867a9c440bfa99338d166884815af3853098e79bfafa15738c59a200fc6188409a719d494245e65617127a7ff9526aba121371d6b599f2da95cd2c2453c7fbf6d49190a0b56df0b6bcebff85778d4b68529023b617630616f10665cf9b5f78a17464683d6ea214b9fbaa6a4dcdf1fa782d06c5f8fb2e0d44962b0516bd6161289339694a3b03f1dce4651ab25138681c281306554488a31639225a98ed23ce5c95cbc54b6ee49d06eaa9a31734128a2b9f6b8a729c9fc68d9afd0f7c06ed0a46be62bee93c2dbe5be456c1ac8d35e9930640f204a200ca98d17bc56cc142eb7ef8ee01448ff9b31d3d8069627d24dbaac007a70e89ac7d11ea8c5caff950e0115fc30fa90088f33f2f4531eca72e6a04bf550d4f54418681e480bba3ba6e76f92eea1e20cafac73b22d0cb8ac0e189079734b91384122000251f11ba367fde562ee6744046d1fcaacda19458bd3582c7ebfa37362bdbdd72109b5a83d8889c7b30c3f1ca7c63a60098498dbd26aafd4e74db673e8155a3705646babc3141b02d5a9b411bf42897d80dfc2284abfc4c7ba40c8d0b6382e38b2ef9685aa4097e6e7c7f1698c6a80962e24c01ad5fd1ec0777cfe8a35211019674fd33ba7a5ed676e52d1525f88ee2c44bca97effc0d93fe3256c274dd0349df8fe7c903130e8942bf52093195c388a6a29925bc45857c1e267db02fa293b23d6be42223335e31072244c6b7610cd2fb5f7ec51b484ea6b84ec2188248e9c5ac672b4a5e3a7b97731c8eb2ba2406af9caee618f33f72ce34e58d482245e7bd8c15eb1998c597f6144c13b49dd4bcc9a448762d33c4aa65bf8dbc4edd3acc263c0b5a8bf3a3a18d0932883e3330b50f5a88891fdbeedc0dcd14185ffcc481d7225a4a5a7a1eaefb87b00224b98477abba92c0c6b41eac0bd230dc61f6b5f6f33da53a20765ca7f3110d34bd3269643990772e8eefe7ef71d0fe90253e0bdccefa69481b9d0cd873507be00d574576cafd30ef3af1bc74c7038dbb261043f5c378ff40d145415d2627379b910d78cee02e349a9a1a3b8b1ab155b5a75dca48d9b1c90d2202d003d201d9ebb91f144f9a9cd70efb6645cd79d072bcb76357379a6de86efacbf85285551afdab54aff745ba0338d7d784141eadb41e9364cafeaf81086442ea362af1b712f6c1d81bf904eb0c8f4d86bda142c62be3223e4a41deb42095162684b4bbc5828d654f562dfb55813d3723221da64c5e4fc79274c746f3db443cda4a55c52cb722492ae79bbd09f325c51b5b97a682cc7915a8dba487d0c9b48afd33ecf23ab8b51cb8d8a291c0df398", @typed={0x8, 0x59, @u32=0x1000}, @nested={0x1e8, 0xc, [@generic="743f6f53247fa26e83be31e9eace8f72143fbab6c437c92119ecec72a48ebddd17521c58d418dd8ca23b49704806c4a1f279cf54e23a9e997207c5e6e05c3abcbfdcaba81d4bc1b59d1b29f1b3015d61f9a1ac975b51c346f0d97d2bff23a0bd628704ee6c98c50c7bbed727867f9c6c591cc3bead60d66de0fcd5039284395521a2e10986fb2391834d326746bde2660cf3eb280d4fea8650af2aa934b1d4d3e32f5a06e652b6cfa879b0fae391bda6270db9b61aec980c2db1109eba92453e5e9f4376c5d088abab9ff548f02a517d2e51cbe9ab35", @typed={0x8, 0x14, @ipv4=@local}, @generic="6e84fa7a9ac8fe6f7824774feee9d1b5b2d367f48e8a2574977ab9e2d916ed34bad812376418ecaf4ed2f2378c437a19e6113e13381d6fa509ca30658a389e20abfba084f4ed2ee00b58d214c19730b95a8222544aed60ee0f70068c9fcb13db68cdd3d957ad83755aa5a3ac4ce151", @generic="76a581c8739df09e4820b1306fec50c85ea7c2fb21a23a826a5b5a2fb16f9c59043ffb388634cfafb374827fb602be66765f0bebc83a71b1a7202056e6f4c30f09c41b40303ede23ab4067b0d7fca94f85e5ecf1b11c265f1cad57b359d2dc1a8b0ea8087f822ffbf957ed5dd9b48a31f85bd6734d17e75c4ea58a55", @typed={0x4, 0x4}, @generic='E#', @typed={0xc, 0x8d, @u64=0x200}, @typed={0x8, 0x64, @fd=r1}]}, @nested={0x5c, 0x3f, [@generic="546f22edbfc62d5117ca30025e7e6f8a2f8b1041fd4cae072c75d66b9ccab87c64e40000968478e296d3e6d07e3a70a7a0797fac98e3fb30ce8bc8e6353f19523aa1a89ba15474f142882e00de551a8481fc891f74bfc182"]}]}, 0x12e4}, {&(0x7f0000001540)={0x2588, 0x36, 0x1, 0x70bd2a, 0x25dfdbfd, "", [@generic="1028387181cdc77172e2cc9e74cfa417b5781574f98657a0a115f87ef28e20520de1dddf32919ce15aca79b95c5930922508a16051849304a1482bdcca2f472583bc6ab93b5ec149b3511b23c657aab57a95c446799c733792cfc8b66f221a7ae187faacf8a7ac55e2fc056f470d7f0334ebe785f6304c3787ad46b32da805bfa7e89628c7f05cb7298615df6da1cfa70044fd2c54b65b42d18c4e860580c1a8510c6cb0b70ea7c72e061b35ce805932289e2b367d41c017d2e678a6ccf670a6f0da04e605426bcaf9d438a60ff1a423e8d1e502843e9c4e29cea478af3823", @nested={0x115c, 0x15, [@typed={0x8, 0x70, @pid=r2}, @generic="343582aa8f6fb740f71030e61b25449af415f7bcf366e7f3d2c0692bdb4feac5bccf2c8c8440aaa45544294f61542a7af9c27bf34d33c4ff5ac22e20c90d1286dc93ed564cf878b2d639114da24cf2ac63444d7f05b1b280ddec1b29d7b8c688ae8aa15896075e2afc157a493703ea969dba91f1e1d4c29b01dde0a0bbb6b619fe3c36ae26302a439b9bbf829f7fd11d739ef8cf5308226cfe9bf0faa30be8c6d28e95629c9cc8feeda1d6e1dee8549ea7009c9deddc0f4ddc62325385f5803c1b00f64d8bf761b3a0a0705aa77883", @typed={0xc, 0x2a, @u64=0x1}, @generic="3b1030c8297bd3602b7bec18e2a7ac2390908222149a9cf7ea", @generic="550f79a08583a0e8bd817149a8c1b3797bd346a39d8b4b991a83aa26f42f228ee417b79a5fb541958f76688c49e324a14b3211118f0317f770d52825941f9598cd575040aa", @generic="bf0413c1f386821be3efb584092a99e01992dd276550449caa3bf1b84c1a753f2c5b95e4c1dab94f6ee9f0492aa8544dfe71fdadbdd640710f01a0d8a4ff8f1cad1f1234e2a378e110723d9c118192b7998fdeb85533e4fced4316a4211a4950692717788cdfd6b8d64ebcedbe39e1f655ec0c51175ec2331b7354167a23675e6fbfb767bd9648895bd9ffdbd87c428a4803cd8e2b4c9a2697a1a6dfff311ee7929f0916926d005d398b988e42c1250f35ca4a7b606f79196d9903eef41ddf0828945b4549f6ef86fd63b741cf8c9ed6b73ddaa37146eceaf6bc935d768303f16510f45016cf3409942683819334eee8a4811b8c741bc8272589ce603b5da88fa6a9f87ca9c2a974100f5f645663766faa0b61266d3f8b7ff5eac287533d601c8aa90295685d617583c560355241306cfb20c17dd8949b237a4a39da0fe77781d982b1a852131b69c17156cb529dc20a0ffb53d7333c66a702d9805023ed147f0ee587566a2c6df54a90900851845f96d06ed8c9f969ccf2e1ae0682756dc3834febf36a7c13743d7d53763fad18def84f51937902be742929168fb5f4d7b978386e34f7d2c7e85aa9372177fc73d016b7e6a72b839108f058dd968054154fbb71d16713794d1150fa4b81588d9c1d7ba515706a93265922d98359377eea8c952343343b5712e75d449e351734abe8f9f4bdfc78ba4b41cf456b3fbe91c3fc176378e146086134aaced1ad5ff0be80bc2a43a1e3ff7f07ff848aafe4e8f74c34f11c5509e721b807523b8e5f129ed77ba034d0f7c58aeb458d3b5fc0eb94d6bfe364ac0b60fd35e6558c5cc8de26dfe85701a845c7e7abe8c112b200105118810f23bc465db5574a96b75e897bbccd2d12ec0deda7afc917303b49dd23c6c48bf166539aa4b3b93adbd1f8312acabac1f44c99b141bc84843e1d2b1b3e3c348c186285751d7ba0859b67b3a036878e52081726892bb6c4d59dbfdb429246c4393ece5f330b5949df3f14ca55ba360ba5a77e237e723c812dc34e61fc7cf4fa8d3a5d7d2e01dbafb4fbd85e32b4c175d498f1d26087f2397effeb7e344853937a98fdd38fe6bba87a5adef9827fb7d231e2adf341b6817aa143d2c0a17cd0c6a8508588eadaef0505633ccb7f7087cd0371cbc0c750d30cafc3e69904e215903d8c9485e6c6f994806b10bdf3f4d97c7b40fef0202628245a7024ed972686b68592507e5107705cbcf82076096387c1c28d70492a85e9344d34593eb1c7dbd958d71581754b08244ddc91719b1f5332c0acb2e32b2e3fd6348514ac0718a24c9444a5f4ebc45d2545f694e97db9004744876b39b8b28422a25f1bb7d68d4b079d38906e90b598ac0f662dc82dc6f1dc95a81797589dd74b2a8e459740c37db95b909be99f91e779fe803a8e0e145aec4adeced780ed7505d9cb8b8e52096e39ae43cde8a428704ce2b620627ba8186a4a6140295621efab0158f15f4e97cf72440349c16d8ec7d174ecc52a4d3d9a4b6cbec1f01c103311de88bc744a69fd1cf146a60717da3831504ef9fdceb0cb0e84fa890d3f3207c8d9ecabce4eb6f1f0e0f42144f8825ad2f32c1d83dd55a642e1c933337ed10f70e046a8055f00afbbb2dee37a304c3ef08789c2b850509e577a8ca70c4600374eb1883c515c30f513162458bd432864262cc1e1dc8a2df78ba396edebbbd26f46e758a895f9cfd182566744b2966e0aceb959bda532935b791989467e153f7eafdd4baf0bebf38b7dcdfbfbb23c0c571227fc8676c20b7d3fada72a4c2b5c166bb81cab55cc4b49e705ad6343f5fb8dfba0407e2cc5da98c042c56956145aed45e9a29262f5c16d52a818c07435b06aceeb1523461984a3741ac327c733a90ff594c34ec1a641382786c93beff1f7c0e70db7e6ef280bdfd2b5e218078f0914b7303bcc2e46214346a782ce18f3fadb8223b8e52d4d068923d38de863fb7afcfc16c5edbf00ae1c4f9366521d0d6ed614d31c112775e6ceb32c7d9eaacb0458eeb46e23c79b66e0dce30f118ed34094b7bac1452f4536ad7154141579e46b4dbf9650ae780310e47d1df3153ff22c2e2b3e07ceb2f880909410c7b06f387fa3570312976f6d0e6db3502e0bbcc91e64cc8c6ebc4b2a3e264b2980de26e17be38c973ba88d8f64581284539b151188825c614d05290fcd928d6f71e61cf67a1e2f5abcf855ba10e135f9d233fa0cac07fcac176abf29e69d02fabfb019110cfc955d30ac640a963efe05b6acc6591a220d75ce515dd6012e820654a1bbdd67fc99b3994639f996458d1582cbbd30ff55f66d509e47d65f8b8da7e7ac2439e2a6dcdb141734c51d79ce261c4f55f1c24b70e9dcef3bfc9bf9880d54576e2e4180b59c90905c917302bffad384b6850335a93cad6cf177667565d66c1d51c0db086ea3658f94e537278d6675590dfb3f3e40ebb4d48cceaa53c54651279410029c0f72e60c2db2a83b4273f342e1bb76702be1c6cae8bf0c65e740f83b51bc006c1554c8bf197b20523d6f823d214f45a1104d781833bb87f0fba9713e57e880cf69b40ae2fff8e050e9f5b4237d8a0049d78818622ae91589fbbf3f50483a8b5ce4475c2255b3b4646afdf572ec25691f2391e3a76e7087d5eba62f03d7237086da2a20241ea91fe834306a9896b66a629dda32c50b13915787527ed9df181d453f99ffb2940843b233a6675be1d5a4b191f2ff5b30b9689194914de483fe01b7e033389d967d34c3805248444866ee288d6c837fb9677045b8a113db14bf99bb65e508dcb312baac1ce8a485104b9c5d2c278993dd9a6f5afa1b4ed95487f83b5406d973d53aeaf9e62c996e3402e717702c840e8214805c68c0129e0ee514642599048d664ea0e848f752860e9151b727d799f8054f2991a65184fc228d9d043861fbf01b44a0040eefbeb0318317ac0d7183bcda7f887561b1a5235bfd2e584cea2087cf3857c9da29cafb19679e57e85304a74c94d9ff8deadc1c536809f5b65e3a7036d3c89a593f41441460a5cce8272f4933eb3bad58a516868e10d499bc5ad387801cf4c750598579e58c1f1af15703bedc7ba546acf356806deed1390ec29f6365c7f767964a3e143d9d210f2daf85957497acb7c9d5f30321af6288dc27b3bc7850acfd5b3a6cd00b13159028b68350b2129e48530494c9bff3f27839413ebe58fa143d80166aa3cb17d3682530f6146f703472063b83079d76829cb400bde09ff51740563c45c823121abda0d206f605ccc305beb514a347e99ac05b8d672dde3c76b6f81cab92f761cbddf0ec3588bfc597664b5f1653c13320261ff47eb16f83bbcbe854f486dfd26d593912b50847db9e3e0ad2651cb819d4b4abb1131e236ce6166f1028fe6c980919422e766d2cbdc4c343cb7d982c952f0e81f20a2e42143c25a20cc993118f59ac22d5bdfd7196a6ef8690aaceb370e804614d79587190df1044a26543a6d70df4cbf2690ed3ed9ce30dc64e1537ad24fc394dd3a33e9380e0e7346d8aba8c1200630eedbfcf0aa7334fda144ce82958542928691858f6c4d2eeba60759e63a5836a389c6f77c18ca8cecefaeda2cccfb39c5dce8c91a433b5c54f80cc6d8c9f100937807647103bcfe169175987bdcd80a2a9aeb908c079e0ed623a25efe347c6e7e42044c84d9670d146f5ff1af09d20e4c9600ac2a9bf7e93e4ce4b56a84b9053a30200c5f0df248bfaf3026cf33692f33ea01b56e7c3e7365c5873ad09d1fb8b45a9186d4cfe8c68f40c4b8b0a9d427a3e1f92b2ccc2d2b3027cae1c43423d7f04afe5aecb899dd6483025903fe7a696425c8c36c85f8019518cc43552c8d15766f5c6ec4b906dfb20bfb9abafccc35306639fe19b88f6224f0a6376dc7a0c246997078e7a40d886febafc9a8e25cf5b36956ddbc4d1f88dd553f9d807434aab2ce74593fe3c71c5453bce63709db445099b02366f2923f30ce3388bc4dcfc6222f242243d5cfd8ab852a17cd0147b38bcf3f9c7f40d960a4e3a226d9c4df63626f961cba608cce4822cfa19e15b800825a2783fdc8a17873beac016ee59c250daded07bf71cc6ba16ec6bc1d844ff911083a2f6dc303660d0c2171486b1d765f934a5e81aed829c4aff9f5d48ca2c88f2738755e402f6a9138704ac56e88d2fb0c7de5849320e32c9563de23d6a6131feb51e686a9671f2cacf10f7fe9921b94b4aa468d50769527e6d44de090673826a841833d362007d241e2c51b5c90ff2ca748f5da65fccc29fe837f8a5ebfbff2e98da1bcba0e3e55091cc8bf43b48a41834070381b4588838a3066ac00ca597258559d6720f80132b88e1a5716568a6af176ff0d35236e941221ae5afc0154a36c531d6a41e4431f8420c2d8ed17889257bc3036e275d701e9a224cc5f1761e9f3e52589078f78745f7ca5dbe65c6b8a4941a3acb8558e682298c8de6a1f61f1f666f75aeace1153ae359f760e94d371287cbb231ac11a0782a49d4e206548114b23d6561fadbe4d770ee83a40fb111a8373bd5ec55d43d9e13a1f44976cc568fbb8a8817c8c5f30115ace52dcebe0434fe7b0e488f226ce5cc3b042e918c5f5967a18b2bbc3dc6abf21a4eaf0492b92c83f2653260caf48a6fa936eff7434e125d265c207913cf3e4e047b3be26b00ae1346a5a468762b1675220c729bd18a00a56bcf6302cda914fcd8583291630b8dec72a467df0aa1d3e433917134b86e094ff90b78c97586f4a498f760bce47ee13d54ac177da442ecf5dd9b535d2cae1e925687d566b532c318732a8f109da306e4d25195013e3cc3135b3afa72aad054a7cb8963ee7865c9bab45169e2041812628aadd1ac379a68dc5f2a0cdb21092b0b4ebfc0c8b660da9b97e621d83c7a7b767ee46e2edf5d10d189d0de2417d7b42176185f03dd0f275e2a904d0cc7a634603681a4de83dcdf6cd6852a2d5fce88d6f5583e7ff0f32efce1c1b506f78594ff4fbc79ad5988c54b4f6318dc8d842cb4d8d7682909de7b8e1cff1e7c26f415f1b5708f2fabdc257b3042e69c1469b6cc7cb13c165a41fa266d21a593541dd5a40d40d6cd554c1659dbe15fa614ce8fa6204507675d2ebfff36e85a812783e399aca06b448b156e2b9d3ee25bbb1316bb581f4cfa63f5d4b880d2d69b0145e32696d83b2defedd5ca82343634a8c3285fbb446016156ac4a5b9cca063195ae8c4979edc9ad7ba88e3a063117e2c3add44382fcc15dd2fdc7409edfb85644785ee0fbde71e38d5fbfde75dd898f7dcb9cdce0e5d65b62555db2f4735a5ddbc6cce5c419eb8e95f38b4eb1031432be60da4d5e52e86f3bdc03964376e7765725653892704501f681d78d1c3c80a870b37d165b0b7549231f8b4cef472c9ee35bb6889c42c3c66a7f11d836576ead3b6af9f7acd385422acf2d1605e10a4a1486831dbc4405e82400e352a9bb231f3ad84763038fd1493003f31a78be6f1604152810b52a5d25ce79e693525e09ecf3ae009f5cd197e13ca6373a7d8204d5b69265d61fd88c325796af6c4f36da82502ea4ef5f9db09d604eaad23b5c69a3f35af9a0422246ab7e84ff8362b0158d222a9e2cf10685220cc5f20db0020f6fd0e7732f14fad7057c924ba105d4b283483d9dc76e4249c50fced6e27766d753bfdc18b1e630f9ca17939b0162abae07632633758bf2f171db219ed0555f2365c3e499852a69165205b991f6471139081907da5124aefbbb1fa03b45ff39c05840282b5b5d3df97b2a3038184ac1989a0a2573281e8c80a4c8d06", @typed={0x14, 0x94, @ipv6=@ipv4={[], [], @remote}}, @generic="19c9"]}, @nested={0x294, 0x24, [@generic="3052b13df0f7e0a2a9b687acd332aae6569c594b8e94c06773768cf52b58747bafb0d876ba6854a20692e52b967984fcc45b394594b58d7535b71136a30f9d13e2051fa0", @generic="87c2c5fba7f78fccc73056ed5dc58f825cda69cfdbcfe00b8a819976e886e191ac28dcb5bb56823b55f4678ff7fd5ebe5bdb0914c9cf513d4911662b82a58ce7f84d6d17a970b5b211148a26c76fa25eab1538645d7cd07f792506661ef27db68ed33a5ef6fbd5355a07", @typed={0x24, 0x9, @binary="bc6e94fcd0a30d60f677d7077f8c62f9682790acf7eb11378b93e13ed050"}, @generic="95bc077f32c9ba52f6450d71b3731fa1b2698542f22cdf149e249eadebcb4fa49f79f13b7e00c503f1e2ca7da9848e6a64996f290eb3bfea29", @typed={0x88, 0x0, @binary="068a55a832f47eef85b0e157a2f6f920df3f76bd4185a564b2d91f714d0aa6f2c632177d1f43116750fc96231455cb74ca9b7b6f4a72d7308ce05b30951e05507574bc1bbb50e72285dee66937df1dacc12f7c63bcbeb1239bb969becb029fd67f0bb74430712accd9016f8ad1224798fa8f1e4f57669f6a90bce81875d4ea2568f9ea"}, @typed={0x8, 0x28, @ipv4=@multicast1}, @typed={0x4, 0x4e}, @typed={0x8, 0x76, @fd=r3}, @typed={0xe8, 0x91, @binary="f6708796b9247e1b1f627facc791a2caefb4d4afda0ff5b8965d839ac829a944c973a336bf64837247471e1571dc6d36ff925cb4c5fa13119fef13558582606f90f3734a1b5e9d2489024fc56f2c37a40fe56381b11d8a1592c69c902bf800647567b88ffd6f5dbea4ca921cd07ed327a6c4106e0a218b1760317e36a5419d7ccd2aac804e4760044dab167452021c1da58117e27cb47c24b2c5b8e8ea4811e6a95b9d358ebedff248724ec8c1618f533835206015a2035fb82c4bb4c3c87bd381c8e0bc068f2ba93ab120bc551af64ff56b31c012d5753b636d814362b926b8de6d29"}]}, @generic="f5dc40e6c9a7eb16b239c3016132ef0bcb2e2530164c17e5f7b7beb21b86f53fba5e43c8f9a6f642a52198a8829b21dfebedbe7d0d94e52bee1f9a6e2ef9b5412ee7354ceb57d52720a41afeceab0865fb3ec35f1b3e86ab60effe1e4ecb49c1cbb61fffe68b2d8c01ecd2895b9bdbc7568836c08de3a6aefc8868221ef93db89cbdde4d1893d63869b4d795096af982b150ea84df30416e2cbff2f669afe8fc5d0917253470196f", @generic="5c95101abd716fb70d963f29415c2ea28f80906a10c295a7b94f0e911c3d8fd62e0c7f8c31b5d91227b1c58503e634b7eb0e40d263acaa527e5e6332e20c8c3bd1c476e01be4f61d054c9b2b9f8cce7f824b8cf1a8f37b8cd9e23e5f1e0a0eda644b10e0bb8813880215460aa8d5635d5fbbcaf1ba0d6a04a53ccd914857228497b38a11c66201f63d5818f54da8448b29646ab396b3d6132777f8dfcd2a4fbe8f585f060ba08304b35c4c4eb868e6b05886497f392b6df8346cec6c6e17d4c173ad62040278abb778881187df6ff75d592015bf59e375eab56d55744978ec3d3dd1f9083271321a62e7e1bc7f7c32287bcbc8cf7df4f998099a500dafa42c514eaa2eaafb0efdf92b7bb9f279df4f3a74a6b06eb7e2fa7207d2066c61e56b14051031adf426555c43497b079280b3f78fbe0aefeaef59a3a4448143592a8df9c75919625d7a0ddbd1b504a5cf5fd9b7e75212bd411f31a234799f9e48bd31509665c8416dcca64045c1cc877005b3697899dacec0add085d7cad7a899fb0d997ebfd06df51ac6975059ff960c1bd8ea6454ba193c6f9cb317f9ae32ec9d9eb0bde9774029d21744956ad9b2068509bde806db08fce8e169ce5b476201f22be8128b75554b68519d0f8184d16325d586dcfaa2a2be60bc74b01e7e532c0108a0dff442f4aa47a1f3f84a52816269135a6b36873a361aa67f05babc08dc249631f627d42dcbbbb858b34720fb6d9ea24aa01af4f075b12dfddfb7a946f466b1d8960f8178c53f18baffea79b568ea4e8e32fe4dea49b105a275d71fb37046584800f9b88ca03adadd83d585ef70181c8362774116c06791331042cf74641660354cf86cd02eb1d63e3974a3e0fa775fc0d026cfd90303745f905353e8c400dce276f7250b8499bff8379c50da8fceb3f8a8be9233199f6d45f6b48ce1a39957a9afdb34d5fe328da2ffb2254dbeba1c21fc49da1f33a45ef126d3caf8bc14606d08f8e696900f70e47f1565f03864508ba3dc7c3063b56cf6d9dc12cc2986aa6d3a670b6905c057faccc914ccfc718d31054aa8d9a8815ac96af02a20abb228a3b3cb3c93dbba1f5adb52097571c3d5efb740a60d5938b4ecc5a0b48e13415f16f7031ef6692169a686f03e89b6ecc30bf9abcfda5b3b2ace27555ec32d55278b602b07805b7ccc688956939f30a36ed414c8c9358199d3e377d4e334949c696b2e91213d24bd60bdaeca344953b350d5dcfc6723b22823de113fe005c6668b65d002d4c400585fb8a80b5ae56978f76ba180e60ffbdd3d643db8e0a9051cc87b52c221f0ad277b3ffbfb595c417c503efcc29875f42fd5c21b9e506e0bef0ab286c48b48ecd9e5a3b3f25a3afd707ed807e2c7a643609548af56bdffec46fece4b7349714b294dbd50d8731fe801700fc2f48048d9a2736ef37afb00699b224a1b7c8ad1abc0c5ef3444a230a5b46f10a98fd3397bbd23eeb523b50a689dabe77a2d95f175aad6c36d497217b4e8c83c109aa5dd5725951ac505446b8bbe8ca3ff3b9f7a21fd2e22187ad6c12c41b093c2e8663d9b02fbd223465f70c3c6d565fbe8f694f139f2872b97d050d336e60a86228196ee52bb4074581028af058ce6e55d752c63cbe322c88af449ef14f4be641eed1e7505fbd48fc8bfcb2cc2c1f865590d874ad5bbc039c2a850c222a02bf394d8e1573f5a8b81ca6fbd72a1b29d376892c727cb6e0e36bf7f4be56bafdbd9559e8e4b603875f706db1f3ad953f5d02ced4b3f0359cce4ff314ccd9f3fa68ddda66311b86e4471dcba16b83fab20eaf6ca7e7b6744732019c8babb86bc1e94f69cbd7609b1ebc3fe3c5f45062277098f256348eca1a3031a13ed6fb8284ec3f75df8a7e2a1b0a080169b9d5e5602a31c04aa9eae1f62e3d9d141dd18f092eda81448fb7cc69912429a817454e4635efe7b42f7ba5cd6242cbcd03399b68ca5a2f64fcda526b727df26e392334cde0da419ebb858f84231b2e1c61472108591b438d0678d990a78274d229e16a055e96b9f499a426e852a2367ef6e9a96d6c12e8f8e211db832951cf73dec2c8ecebc14d1fd9fb7fc0956b614c370c2768e9a9e8c45f04aa97f4d16c445b171d180deae199ee7aa18e18152ec45983244f475b73ce8297d679685c4a93668951b9168afcd548b8cf86a3fca38fb93097ea8e2836cbfae50295f127187d4aac63942e31f3e88975bad64dd1e383ad0c4de295ad03569c4de3450fac01a00336d8773c20d69a821f59ff189139ffe9d0e6e18f72464dd4d111d13dcdfda3bdcff630b0f777ac008c06cfadeb5734036e3658ef23238f7001ba911fad937246ede8030b93a936cfaa468940099f7dacc5a6f5d78b38271114d72bd47761e6c85a11510c1312e5ace95afb1844ee97a644ea9623d50a93a4c961491cb8a932bb543ff92bfb8c280c713a4e4ca656dcb74d33614f13eabc0505bf8706166dec3c8fca95bec0fcaef10d36d720a425fb35aa62f359ecbcc8fa4e27ea7a9401d1807592ba94e823e87bee43da1592e156b5908c00e2541902493e5187935af88ab9d45a7b510754a938b1d5e5f1e91bc6d405aa1129882ae89e8d0d1a46ab93d731323b9ae56481b756d1eab19502c0ce7a07214155168717a61903911ce432a583e492e580fc1a3e04491853e2da59a96c2991ef802ab35f0c9b9ab2ff81a15b946585b6e1d189681e4a1bfac2c0ec7a6dd962d442817333b4e9b54081417359439225d13797c5e202031af569719b7fb85763303b8d6792ad6942fc2f41fd05dce49b10861b993a1f5a86d38be885bc7c46cd0a534b5079026eecaccc3f04900fec0b143b90b296318489d2923432df336d9823a1024df317daadee59a5864fdcafbfb19a13d1567d11267a9ca102f8cb39e2fecd8dd115fa57616d3be516b0297e7d77d23f73f30dc90ef6e2f4972f96e13d341539cba3bdd359dac76e2d76dde11da80c0b220963401b152f657fed6a658182f65923045f2d4b531ddf963757dbb047cc41ebdfc0759fb78dc063fbe62bcf111db7b8151316ef098afb579445cfbdb02184033cc4c771e894e3155e57d2481b63e53825b5f18f2b96c460efa13640aef5291c05530ee8cdd1cb416d3a3a73b5437de5aab323d448c35725593fae982427a339682ea438f0d78685f064134d7a43b9ab094bc9eba6712f5acc9a6449d8ae0c82102348e82cb66bbcb155b6e1e29f73b7d3ab18b06e49f41b0b3954ce9446c3e7fadc72d5c633383d2c94b745e38694a7761fde5a433345e3be5cfb230eea49b5ed972495be1382b1cdfd5cdfbc9bbceb78f8bd50151d50e0d3bf6176fc0501e8ccb0e4aa7a7efd59631130d46784b8d41c578b2a85a93136f062fd10266b1a41aee2930760f5ff364bc7d3eca2abe554350e21fd2302765b2dc0309720286260f0c6f90ce0f2a6b22ba9efe0d7484c6ca1c9c1e1b89428ba5690837d3d7fe5ac9ef790b3242e5792eae6d27795b58c30c21e669005a21470d541cd2004a16dbbe9f3cb77b7232cf08172c19e184eeb024603c967388288d22a55f9da2f5bcd11b95357c4be675d99b8960d389c5a11303709e889796e29b500538b88197a6555b9d6b60e19efe563d3629c84fa21ae5685642f7ef508204e1a112fd7cc0f1fdeb6d0a6a1e63bc8f250051a05865a4ac2b84c73d161ed2812c1aa08611b4d4e532d0d829ff24940202431478527fe4304f0975ec3041ff54d3602d0e26e8b661f413d8e05c736bc29f22a45fbeda44c304bf6540033460cbf5fca355bbed21fd8520e0d18e027a9a5e20f0d74bc69e4161ed410c3c44f201d901cb787ece26a55dfe1d4e7012e041614bc12166396a2f9fbcc42f3c0f3c48eeac6a72a43e7a15c0147ae1e2dc61610570110ee3dcc6982def0d2d4f2b27ac146412081bf9c5217c70d75a20c1ba7d72a0cae053e1493f2d7bae2835b72d84d4afee6ac3db576169335f2b66b44bf86ff3ad730db97601008ddbb0ed161053ea371fab0bcad5b0675399d10467b9e10b22d5e9a1b85aa291a80bc4d230586859cb44ee2a382dc6af5f1349087cd99e978789beb008ef5120e35bdf0d9e6645b59790fdbcbebe64de1736d24f63c5d21d1fd48b4790322ec2f1f87c1490d2a7a86fd5d54e6276a29c7609c0213c607cabcaca9e1e77bcd98d11f6e122631087d554375f979ce42a0d7038e9b42c1a8833ed0f12f1ca5b676ad5b1c6a804265047911dc48718dd841dc9ed3a3e9b03a1056cea359c6393be66a2344d120a41133e097984106a03d6a49c7fdc3c79964a66b2621f7da0c08f3d198ef2e3624c5fe67bd79eb8513c122ea786e06b1b315c3242d768c51b9f63834f9d5f8587fb584d8bc6aebe239535a03d4457221fe6186a17510030f97af910a3ea0c5a2cf5db876ac078de5e8a7537c72456ab480af4f2b99fcdb4cc4c30374de8aadfeb1829a3cf3f0b56565e4aef8c443c7d0bf5a37bdf5fe09fd7a427ba210e2622d268a6732f1c514b398e1d9bcd5c17dfd020f7a7f9102d3af30fa12763b41fdff3be8c974b50db52f25defa9653af506b76612caeacd89df7ccc3434835d682bb480ede960fb35faa82b4f7b42b60d3914c7c572ebf1db9fcbdbe1448309f16e9e67f89da8c2a623be6119de4774c2508ca5a0342ee1c54aaeac65c3e6a9bc202f7b6f4b312be0eea3451d8e5b67ff05c4a3aeaba89c3ed72381dccff3d6c2f0a76420089db47ca640305f78fd31803ce7e901c85e99aa8a84bbc225ae6a94824accfa7d7c206cfaf51bf769e8fe0acd14aa677c524b135a279db7f0e5f05a0ed9ccdea4e12362a90b2eb56496784e5e2be3871d51434cc5cd575fd8ca3d32538e5fe0db9b8a6baa74880c7a53f2138edcb473c84818be0aa5dc20c6a7912e47383979c3ece83a6667b9be013aacbc9cb9915513200a00e442447dd3054548936dfd1ba95be78a489de0ab4b6a55acccf0869d0dbeeb43c62cd6ee4173bfcb9e0bbb6f3548c13f3e156e77584d442a2dcf1b12c36746e01edf97ee2ad528962660137af46b8e79612ed9b9d5fccf5de83bb8ae5c5b441dab490bb0f33f2110042b14eb40c86c2456b5a89ea5bc2d145ef349698cf3d250df3afe9702ac4b438b7efb270b42e2aa148d5a605ea58aa70e189432ade09c9d0cbb855910f8dbe26d1a7390e253f00365963acc5e76c55b764035ff207b49e97e486fb20402f6fed65a833113e3ff01705a02f89c1d215f5239a7c9f82c9cba64256d98af65604c4083b83cdd89c1f71c941b13e7eafe3c76522d2c3263b99c07b297f10ceae58ca7b4e33525532b6157438d330a1741c354891178fa093b8761ecc49bcc5990787f3496facd2a10367c554a72bb9d8b9f9bbe0362694575fb334db795da0c6d231eeb5bb35e144399d37bcf415464ca2f4e8c73de65c2f56ef62e620e3c3265fa126929a10e58903ec5d69986f3aa4d5a24cbf187d631a30cef3197ec22afad9cb3c5ece7124f9af50f4053ddde766e9bcf301e2f56ed082d59c0f21e460761abd68a88e064d9c18a4152d913b478f8e0a610c91f397f91c826e67309bf3439b503da603e9cd5f7f029aea7e7b0368333e6bf5c4c8fad8d89852c1c27a707b1a3aa1e342545189996b0801cd780ae6f2e60eaea348e289d1b1fba4b0bf9d8440d164230d10d56c663a83667fc87843944b78b3c008768a0f02eafa265fe47499451b369ed148575e6fce9f83fefbf6c1e5433a85f43e5e81adc587510194cccd3d7d538c74e5280db63ec"]}, 0x2588}], 0x2, &(0x7f0000003b40), 0x0, 0x4000080}, 0x80) r4 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$RDS_CANCEL_SENT_TO(r4, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:54 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:55 executing program 2: 10:22:55 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) [ 433.290185] *** Guest State *** [ 433.293520] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 433.341831] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 433.379117] CR3 = 0x0000000000000000 [ 433.383287] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 433.419238] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 433.434579] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 433.441802] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 433.450866] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.459975] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.468123] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 433.476563] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.485040] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.493525] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 433.501946] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 433.510374] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 433.518517] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 433.527031] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 433.534927] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 433.542799] Interruptibility = 00000000 ActivityState = 00000000 [ 433.549513] *** Host State *** [ 433.552886] RIP = 0xffffffff81223c27 RSP = 0xffff88817e3ef350 [ 433.559323] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 433.565904] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 433.574227] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 433.580521] CR0=0000000080050033 CR3=00000001afcbb000 CR4=00000000001426e0 [ 433.587703] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 433.594981] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 433.601445] *** Control State *** [ 433.605061] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 433.612166] EntryControls=0000d1ff ExitControls=002fefff [ 433.617780] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 433.628588] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 433.635920] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 433.643014] reason=80000021 qualification=0000000000000000 [ 433.652928] IDTVectoring: info=00000000 errcode=00000000 [ 433.664136] TSC Offset = 0xffffff15df7196e3 10:22:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2ac3, 0x40) ioctl$UI_GET_SYSNAME(r3, 0x8040552c, &(0x7f0000000080)) 10:22:55 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$RTC_AIE_ON(r0, 0x7001) syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:55 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:55 executing program 2: 10:22:55 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) [ 433.668503] EPT pointer = 0x00000001be61301e 10:22:55 executing program 2: [ 433.719698] *** Guest State *** [ 433.735946] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:55 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) [ 433.775456] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 433.799059] CR3 = 0x0000000000000000 [ 433.803080] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 433.831031] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 433.848244] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 433.859148] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 433.880803] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.923835] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.934798] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 433.943001] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.951299] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 433.959838] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 433.967932] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 433.976074] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 433.984241] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 433.992673] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 433.999181] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 434.006636] Interruptibility = 00000000 ActivityState = 00000000 [ 434.012930] *** Host State *** [ 434.016134] RIP = 0xffffffff81223c27 RSP = 0xffff8881b37df350 [ 434.016160] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 434.016174] FSBase=00007f5bb4337700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 434.028611] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 434.028628] CR0=0000000080050033 CR3=00000001afcbb000 CR4=00000000001426e0 [ 434.028651] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 434.056468] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 434.062748] *** Control State *** [ 434.066216] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca 10:22:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff25f8ffaa6530af21132e241333cbece692281889bd77cb567ef0e325d5b2d8fa3d1192cb8d29943ae47579009185e396217585fca7f50dbcc372b247b77d8d7ae19000ea89e4186844d5aae3ef71bfcc757bac50d2aa1a77cf8da326ffa54d9645ed420c849d6b0ef23bb5aa7bffd6893b33fbd4290af1fff5d6622205a7217b8e50d8a5605449c76edbcc82a3c74d3c6d07f486afb3704baa574cacacf3e855af23c4712b345993ef3a13296b9fb424fc7635772f3fd06bbcfebda7d8631e8adcc5cb383e456ddca06726a0de85c9cc600b1f7d7675440cd3ca97c8b15e22df"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:55 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000000)={0x2, 0x9a3, 0x7152}) 10:22:55 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:55 executing program 2: 10:22:55 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:22:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 434.066225] EntryControls=0000d1ff ExitControls=002fefff [ 434.066240] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 434.066250] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 434.066261] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 434.100772] reason=80000021 qualification=0000000000000000 [ 434.107302] IDTVectoring: info=00000000 errcode=00000000 [ 434.113344] TSC Offset = 0xffffff15df7196e3 [ 434.117683] EPT pointer = 0x00000001be61301e 10:22:55 executing program 2: 10:22:56 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) [ 434.191733] validate_nla: 11 callbacks suppressed [ 434.191743] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:56 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x2) 10:22:56 executing program 2: 10:22:56 executing program 4: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r0 = getpid() sched_setparam(r0, &(0x7f0000000000)=0x7) [ 434.362354] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:56 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x100000000000}, &(0x7f0000000040)=0x8) timer_create(0x1, &(0x7f0000000200)={0x0, 0xd, 0x1}, &(0x7f0000000240)=0x0) timer_getoverrun(r2) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0x7fff}, 0x8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6(0xa, 0x1, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x14) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c) setsockopt$inet6_udp_int(r3, 0x11, 0x6f, &(0x7f0000000040)=0x3ff, 0x4) listen(r3, 0x18) r4 = socket$inet6(0xa, 0x5, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x20080, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x80, @dev, 0x200}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}, @in={0x2, 0x4e23, @rand_addr=0xb5e6}], 0x4c) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000180)={r5, 0x0, 0x4, [0x3, 0x1, 0x9, 0x3f]}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}, @in={0x2, 0x4e23, @local}], 0x2c) write$FUSE_LSEEK(r0, &(0x7f00000001c0)={0x18, 0x0, 0x2, {0x7}}, 0x18) 10:22:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:56 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:22:56 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:56 executing program 4: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80080, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0xf, @sliced={0x32, [0x2, 0xaa2, 0x8, 0x5, 0x3, 0x4, 0x6, 0x80, 0x70, 0x20, 0x2, 0x3ff, 0x9, 0xffffffffffffffff, 0x9, 0x7, 0x5, 0x9, 0x6a7d, 0x3, 0x7, 0x0, 0x80000001, 0x6, 0xffffffffffffff80, 0xbef, 0xffffffff, 0x8, 0x26d, 0x5, 0x1, 0xdc5, 0x80000001, 0x1000, 0x9, 0x8, 0xebd, 0x6, 0x0, 0xd, 0x1, 0x6, 0x3f, 0x200, 0x400, 0x8000, 0x800, 0x3], 0x5}}) ioctl$FICLONE(r0, 0x40049409, r0) poll(&(0x7f0000000180)=[{r1}, {r0, 0x80}, {r1, 0x400}], 0x3, 0xfff) 10:22:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x20000) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r3, 0x78b, 0x6, r0}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x400401, 0x0) ioctl$BLKIOOPT(r4, 0x1279, &(0x7f0000000080)) 10:22:56 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x100000000000}, &(0x7f0000000040)=0x8) timer_create(0x1, &(0x7f0000000200)={0x0, 0xd, 0x1}, &(0x7f0000000240)=0x0) timer_getoverrun(r2) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0x7fff}, 0x8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6(0xa, 0x1, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x14) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c) setsockopt$inet6_udp_int(r3, 0x11, 0x6f, &(0x7f0000000040)=0x3ff, 0x4) listen(r3, 0x18) r4 = socket$inet6(0xa, 0x5, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x20080, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x80, @dev, 0x200}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}, @in={0x2, 0x4e23, @rand_addr=0xb5e6}], 0x4c) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000180)={r5, 0x0, 0x4, [0x3, 0x1, 0x9, 0x3f]}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}, @in={0x2, 0x4e23, @local}], 0x2c) write$FUSE_LSEEK(r0, &(0x7f00000001c0)={0x18, 0x0, 0x2, {0x7}}, 0x18) 10:22:56 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 434.940272] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:56 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 435.053841] *** Guest State *** [ 435.062700] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 435.081804] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 435.099632] CR3 = 0x0000000000000000 10:22:56 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) [ 435.106138] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 435.115592] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 435.126907] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 435.137472] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 435.163808] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.185971] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:57 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) [ 435.213549] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.238561] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 435.246774] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.254904] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.269040] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 435.277193] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 435.286631] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 435.295727] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 435.307092] EFER = 0x0000000000000001 PAT = 0x0007040600070406 10:22:57 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 435.341685] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 435.354932] Interruptibility = 00000000 ActivityState = 00000000 [ 435.378080] *** Host State *** [ 435.384371] RIP = 0xffffffff81223c27 RSP = 0xffff8881c6527350 10:22:57 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) [ 435.396754] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 435.433839] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 435.453976] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 435.481997] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 435.493830] CR0=0000000080050033 CR3=00000001d9327000 CR4=00000000001426f0 [ 435.522729] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 435.557313] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 435.588884] *** Control State *** [ 435.592546] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 435.618989] EntryControls=0000d1ff ExitControls=002fefff [ 435.626953] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 435.653744] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 435.673439] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 435.689213] reason=80000021 qualification=0000000000000000 [ 435.698914] IDTVectoring: info=00000000 errcode=00000000 [ 435.708941] TSC Offset = 0xffffff14ec6c897d [ 435.718861] EPT pointer = 0x00000001b879f01e [ 435.789394] *** Guest State *** [ 435.792864] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 435.807947] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 435.817708] CR3 = 0x0000000000000000 [ 435.822435] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 435.828574] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 435.835053] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 435.842167] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 435.850494] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.858629] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.867008] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 435.875404] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.883854] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 435.892235] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 435.900616] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 435.909019] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 435.917121] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 435.925592] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 435.932434] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 435.940264] Interruptibility = 00000000 ActivityState = 00000000 [ 435.946599] *** Host State *** [ 435.950260] RIP = 0xffffffff81223c27 RSP = 0xffff88817e47f350 [ 435.956337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 435.963217] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 435.971389] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 435.977427] CR0=0000000080050033 CR3=00000001d9327000 CR4=00000000001426f0 [ 435.984855] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 435.991992] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 435.998142] *** Control State *** [ 436.002051] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 436.009123] EntryControls=0000d1ff ExitControls=002fefff [ 436.014737] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 436.022092] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 436.029151] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 10:22:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="882d311644df09c1697889d2ca5cf193d2dcfdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x400001, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) recvmmsg(0xffffffffffffffff, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)=""/65, 0x41}], 0x1}}], 0x1, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000ac0)={"55c990aa4964e82a3ec457f4c7d69681319b32c4fe546fdaa52a7f1ee7a27d5f71fb895c4bf21bf0301d2a160f646d230ecc224077896302fd1e64ad393ef24145492c44f164e53100dc89f52d25895dcd4320f649fc784145767a5224088c492511d0a5d7bb0c0176706c238dfeee9caae8811ba9d2ec92a4a340c091647ae36123d290d72c375af37957c01aa945bdb6a7a6870069350c7c2ac6b9c032e80d8150743be19fbaf9447badcc1908d174e06fd466e64e24e3c892ee52a4b31338ad67030baeffa5bfa701c1e7bfbd8fd016d87018d05ab11f9e813877bd9cdf0884cbaabe09190f95550884f8a1e6510f6bbe96f86859597bf89741aea068e55b938ebee9d9bff58478513c4b72edbf79f75431b54743ab05d3980b30b2127cf13bf94beba0828a4bb1848bc1f862fac00698e4bd2f4bde3bb35107056c4147c0ed8d7d588ba03c37b82ea384d1db706a8b46ee351812ad747d1045540a48b542996812548270c5af5d27ff72920bebd8371348c7f55a953e236ac13fe737a81bd9b61e30a5e9c526cf61862f5a0a90963c73febe3b66ab29f17b6da74b7647bcc4e527356d57fa1fe3f3dffab39df7b353eda6b839decb4484939f4fc0c84bda1c964941ccf4db1ca0d2c152fd356ac66441c8b68755d533b416d9f7999678227c7a69db08e997252dd6a38fc458d93fac9f1f14f49b7ca4a0b0c8b538d2f30c34503a0975506ae9004b3e5c3d2469cf4e03d9b79dc1499647b5b680a02bdc56c18782c48120dee663918288f068c49d85355d114cfe0c5d1405cf5e37b181f296fa7dc9af116fbe220121fe139739226eefce468f27f5d21ab51ef0e26134c5341cf13799003ceb38d4050c2ba1c9e6decc2d11a8f14a6adadd45e615106b5dd4c07093ba114ac55b4e80d1a3545ab6e8fbf796b908ecc244340fc06e4d4bd6e069b7f0232198ab067a709bcdd4d41500e5dc7032e5993f965d4603033fe61cc523937d7345df42b4f1b62c4daf64f6c29eb2f214b88680bfe19252b67719ccea37d19fe3bfb0c8ad0bd6f4a1df532ec9220269453df5144ff48f63c2ad655b8f20db01b3af95c11f4e7de2bd0a47d47b08b620589a33327bef9ee310505c1736510e88b74281f098099c753d30fcf32f31a0521e32407d689b093f24d07049682ff4662b5b94616699fd704589c0edb02cf3e622088c685564b0c166f9f3cdb12dd8a70684ac6e24570191dda2db2b1965d2397a45060f834405b81fa79204e029b7cd93333dfbef669f3e480fd071f5b87e9fdf984dfe176353ed12ea15484366548336f540a5f1e8b9e19bdeb8d71dce9ecf03d09515bc4bcf7be382176e7e12395ee0f795f76695d0d90eee181d300deb89d7098403ac76309e63f6ca3eade1ce57dcd9de56e24610ed5c470d5540e9f50d068ee8a1431bb3216ae99b18"}) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000200)={"325fe8544015a994f65f98bf2ba410e8600204f96001b183b89c42da1213d0e61a3a6dacb2472b82acefa6f66614ca126bc8c279c568c69441b12d35d64c01159f37d74f4f5008f9b456d982900129e4d5c3ca235dcfc099ccce3753d7bdb07623dc18085f1e0d68a2029b8ead87fe35bcc6e99feddc970496c858f61c23d408c0b7266c4d669280fbc81c846f9dbb3e678c2b5521079b1bd397efb91a9c2ff5f8f281442df147cd20c31f479351240b05acb06f91ed4a60022c1d8bd05937f300b9370238ec7856517e82044aa3c6654470d6967d5c4496b149b67542978464e088a6f1992a1679eacadc34ec761995e982d29e9fa28a6b3aad0dc6ecd2547ad1d2c87d5c049e023a7e5052c8c79f181a6208551979811d3ddd4a8e1ce4573d83d99be3aa61074eac4bcdb221cb48af07df89359442088cd94487fcbd0c4197390bd1b0c0602eac14d02cb93f5246153a37a8d2342f7e77fff3ae080979db90e3d0b0dd093cd48e996ff7a958adbff4ad03c2add1ff6df35600dc284622830c8915a37ca84632529a46772d6083db241a62892f49190a65f297cf302c273cbad5a1bc64321bff8186621904d4ec47d75ae334228da5556144e82ae1b31708f3f9bdb7a469f1a0c5b7397244183d00766c855b83d423e3ce2b943296fb283abac2bc1cd5a80554ee550be3c4c673cf512ec18aa01d799dba22dbe5fd2cfbd04ff792334b25bdb9afc3e63ac4b4313ccc1fde866dc7045cc32e3c0e85b76099e6feb0a2152a9d959a08f848f5c64cbdec98956f4d6d50e8eb74779ad173e36d426c1b1e5fd75807c78f795cd23bc0ccff870678c72504e5d80cdabe431b4f0b7974228be9e7dec474d798b2daad19623c92e7c910debabf8d2adb490abd2994d92f1aaf75f5fd8219e3fcf6433c1034eed44b8f68e46eda7404c77b4e7961997b5cf2b1d87f5213bfbbcc1a6032560b117ea0c51934f3b5cb50bdb5f1c285626bb473eb94419b0ef863e076d768b14dc5b9e35ca58001f5378e10308e67ec46c12d93f2a9ea66a3df974819a233b667a247ee113ddd4321278545c4fd61f569c843af05b7916546bd7d4122794e5106d5fba702c4386f1dbbdce1720a1eeb253d8556e1bf5a3f5bad42b14059287ec6dd56d4461f716f3447e3be6d8b8c4ab19e743f87097883cad2b650ac87488d7856c43ebabe0261c341749d4049a4903a9dd14f84d5cbc30620565c2c860bbb6826db7c78a56369fb01522226cfbe0457e6162ecb7372e5096cd8f88e6bd505d89bb9b94f44b8fd895c5e6af9b4507ea86ef9a6fc50c9131bee453081baa0c076d3b204c4e608fdca13b26ad423da0ee7eee12e7dcf5608814f3a48670e9f817a0f6e7720bc94ae8f64f84008bdf9ebbed6da5c5f05ebb353907d053d901243116023b7c23cc2f5cb9677677946c96f713d"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) write$9p(r4, &(0x7f0000000600)="6709986bc8cd45febbbfc7046eaf9a344f91b4841cd4a77e373c7417a1269de3965715639b014b0cde7fc14ab6e08f579672866f118c165793ab627601bf5f73f6755eb215439ed55aa02072188f888d47119340353d3827c646431bb1252c5a7bb2c3ad67d976f4ee1da1b11b6dd040321bca0a962f90f1298a3292050053fb0096f81d7148796b2fac0a53be4c3a45a9b9abceae8a893dba2c", 0x9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 436.035846] reason=80000021 qualification=0000000000000000 [ 436.042580] IDTVectoring: info=00000000 errcode=00000000 [ 436.048131] TSC Offset = 0xffffff14ec6c897d [ 436.062948] EPT pointer = 0x00000001b879f01e 10:22:57 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:22:57 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:57 executing program 4: r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000)) [ 436.153768] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:57 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:22:58 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000000)={0x7, 0x1, 0x3, 0x5, 0x1}) 10:22:58 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:58 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) [ 436.347170] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 436.380857] picdev_read: 395 callbacks suppressed [ 436.380863] kvm: pic: non byte read [ 436.391657] kvm: pic: non byte read 10:22:58 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+30000000}, {0x77359400}}, &(0x7f0000000180)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) [ 436.422111] kvm: pic: non byte read [ 436.426944] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 436.431760] kvm: pic: non byte read [ 436.455623] kvm: pic: non byte read [ 436.466806] kvm: pic: non byte read 10:22:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="882d3151248ce057f30673c21d16fd9221"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000080)={0x800, "88caff1afb91bdf79540acb97654ef3c8a9f42030a8dc56f51f1e1c18236c470", 0x1}) [ 436.478568] kvm: pic: non byte read [ 436.496331] kvm: pic: non byte read [ 436.509112] kvm: pic: non byte read [ 436.513078] kvm: pic: non byte read 10:22:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x7d, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x1, 0x7000, 0x1000, &(0x7f0000ffb000/0x1000)=nil}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="0984e2a1ba0663d653217f0062614a91f26b903e819a163154f133c271b7f93cb79356a9b4ae88b91f5c16e9588df72f7b209afc2f6711ae866938b713f2b0d3ba40967dc3bf9c543c1c0ceed79f9f4fc5eba72798f2f8d00e953f7065a48729d157a65821ce1c1b567af0c8b506296e06a8b390e229"], 0x1}}, 0x0) clone(0x80000, &(0x7f0000000280)="62b4936f9cf7555d17a344c5aa91ae7f4dbe2dd9f3bf5a0d738ca445b770a9", &(0x7f00000002c0), &(0x7f0000000380), &(0x7f00000003c0)="714b615d004c44963e79bc8cc3a3a82a39c2e3de1b776bf2a29689") syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x183, 0x3) ioctl$IOC_PR_RELEASE(r3, 0x401070ca, &(0x7f0000000200)={0x80000000, 0x8, 0x1}) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r3, 0xc0a85322, &(0x7f00000004c0)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x101540, 0x0) ioctl$KDSKBSENT(r3, 0x4b49, &(0x7f0000000080)="56fd9d565e13bc4d5ce41af51d7462e3f95ae5203387b558a098b5ad56ad79210587b8cca62bc3a09f55286be9ff65e6c220c21d01205001241fdff4b17413e3c56b7adc2b4deb502a039e7200614c57eeda58b1711ffbd6c7dc1ae339d7724e827cd6e1e74df7794a77db72daf850c0408abc1a8185bfc9c27cab2185636350dead932ebd06ec231b57b523250b435aeea3b823daa63fd1a317153a37186d2de4bb2babab06cbf798d2c13cff5c884c01a5992c6ad2606238a6034cac9b538654dba1e0a45f43a46c331fefdfc7f76b69e5cbe64377f4d78d6dd8c92922e36f89ced933f2581e") 10:22:58 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:22:58 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:22:58 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:58 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:22:58 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x7}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0x6}, &(0x7f00000001c0)=0x8) r2 = getpgid(0xffffffffffffffff) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x440, 0x0) move_pages(r2, 0x3, &(0x7f0000000200)=[&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000240)=[0x100000001, 0x9, 0x0, 0x1, 0x8, 0x6, 0x1ff], &(0x7f0000000280)=[0x0], 0x0) 10:22:58 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 437.054183] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:58 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff05"], 0x1}}, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) shutdown(r1, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x16}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x10002, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 10:22:58 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:22:58 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r3, 0x4040ae75, &(0x7f0000000000)={0x5, 0x8001, 0x5, 0x200}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) 10:22:59 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 437.242207] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:22:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000000)={0x0, 0x0}) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000000c0)={0x0, r1, 0x0, 0x5097, 0x3, 0x2}) write$cgroup_pid(r2, &(0x7f0000000080)=r3, 0x12) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:22:59 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:59 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:22:59 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000, @reserved}) recvfrom$unix(r0, &(0x7f0000000300)=""/251, 0xfb, 0x2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendto$inet(r0, &(0x7f0000000240)="467292ceac8e2b53cc6691f781f126e65230731e7002bd29d08aecf87428f7a9f11427ad65fcd0b99cef47588aac0504f4249aa130e061771774c0d680381a9f2a06ba3c915cfc2c3534f69d2658738c5927e770c041fd713e54015183b2c4cb2445c882ead7e5c37fb6d4478c8a46130bead17f83abf8f6d58d572e62c09500873a3144b7", 0x85, 0x40000, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000000)=""/63) 10:22:59 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:22:59 executing program 4: ioctl$VIDIOC_QUERYBUF(0xffffffffffffff9c, 0xc0585609, &(0x7f0000000180)={0x8, 0xf, 0x4, 0x200004, {0x77359400}, {0x7, 0xb, 0x7, 0x1, 0x299a, 0x2, "8d8b2694"}, 0x5, 0x4, @fd=0xffffffffffffffff, 0x4}) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000080)={r1, 0x0, 0x2, 0xe7af, 0x9}) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) 10:22:59 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:22:59 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000080)=0x3ff, 0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:22:59 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) [ 437.642508] *** Guest State *** 10:22:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x400000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 437.671256] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:22:59 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:22:59 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0x0, 0x2) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{}, {0xa, 0x0, 0x0, @dev, 0x1}}, 0x5c) mmap(&(0x7f0000003000/0xffc000)=nil, 0xffc000, 0x0, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x1}, 0xfffffffffffffc7c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x40, &(0x7f0000001fde), 0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x1, @reserved}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000001c0)=0xc) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f0000000300)=0xe8) r4 = getuid() setresuid(r2, r3, r4) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000140)={0xfffffffffffffff0, "5a65cc76d38af8582bf33453d0821ad49298af1ab2ac63ec060d9fef842bd1ac", 0x1, 0x800, 0x3, 0x7fff, 0x4, 0x2, 0x6d72, 0x5}) [ 437.725395] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 437.770866] CR3 = 0x0000000000000000 [ 437.774903] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 437.789049] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 437.829534] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 437.881131] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 437.921287] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 437.940210] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 437.948382] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 437.957201] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 437.970601] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 437.982126] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 437.993779] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 438.002354] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 438.010937] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 438.019350] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 438.025778] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 438.025791] Interruptibility = 00000000 ActivityState = 00000000 [ 438.025796] *** Host State *** [ 438.025809] RIP = 0xffffffff81223c27 RSP = 0xffff8881b3767350 [ 438.025830] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.055664] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 438.063540] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 438.069475] CR0=0000000080050033 CR3=00000001b0111000 CR4=00000000001426f0 [ 438.076494] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 438.083220] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 438.089479] *** Control State *** [ 438.092919] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 438.099664] EntryControls=0000d1ff ExitControls=002fefff [ 438.105120] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 438.112089] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 438.118887] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 438.125451] reason=80000021 qualification=0000000000000000 [ 438.131808] IDTVectoring: info=00000000 errcode=00000000 [ 438.137258] TSC Offset = 0xffffff138b56bff4 [ 438.141630] EPT pointer = 0x00000001ba2a801e [ 438.158999] *** Guest State *** [ 438.162414] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 438.162430] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 438.162442] CR3 = 0x0000000000000000 [ 438.183962] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 438.190017] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 438.195990] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 438.202863] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 438.210902] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.218919] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.226913] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 438.234948] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.242985] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.251027] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 438.259100] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 438.267058] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 438.275110] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 438.283117] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 438.289572] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 438.297023] Interruptibility = 00000000 ActivityState = 00000000 [ 438.303294] *** Host State *** [ 438.306486] RIP = 0xffffffff81223c27 RSP = 0xffff8881b3767350 [ 438.312516] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.318984] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 438.326780] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 438.332742] CR0=0000000080050033 CR3=00000001b0111000 CR4=00000000001426f0 [ 438.339802] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 438.346458] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 438.352552] *** Control State *** [ 438.356005] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 438.362744] EntryControls=0000d1ff ExitControls=002fefff [ 438.368197] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 438.375179] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 438.381878] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 438.388439] reason=80000021 qualification=0000000000000000 10:23:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x100000001, 0x400) write$eventfd(r3, &(0x7f0000000080)=0x1, 0x8) ioctl$TUNDETACHFILTER(r3, 0x401054d6, 0x0) 10:23:00 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:00 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:00 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:00 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) mkdirat$cgroup(r0, &(0x7f0000000040)='syz1\x00', 0x1ff) 10:23:00 executing program 0: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3f, 0x80000) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000180)={0xd5, &(0x7f0000000080)=""/213}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000001c0)=0x20008000) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 438.394821] IDTVectoring: info=00000000 errcode=00000000 [ 438.400312] TSC Offset = 0xffffff138b56bff4 [ 438.404625] EPT pointer = 0x00000001ba2a801e 10:23:00 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:00 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:00 executing program 2: ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:00 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000080)={0x9, 0x8001, 0xffffffffffff8000, 0x26cac986}, 0x10) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) prctl$PR_SET_TIMERSLACK(0x1d, 0x203) 10:23:00 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:00 executing program 2: ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 438.641047] *** Guest State *** [ 438.644389] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 438.723742] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 438.752624] CR3 = 0x0000000000000000 [ 438.761185] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 438.779654] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 438.803095] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 438.837727] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 438.847613] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.867515] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.876968] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 438.885076] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.893237] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 438.901257] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 438.909266] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 438.917243] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 438.925277] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 438.933983] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 438.940458] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 438.947910] Interruptibility = 00000000 ActivityState = 00000000 [ 438.954194] *** Host State *** [ 438.957480] RIP = 0xffffffff81223c27 RSP = 0xffff888180147350 [ 438.963496] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 438.969926] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 438.977714] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 438.983641] CR0=0000000080050033 CR3=00000001bd069000 CR4=00000000001426f0 [ 438.990711] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 438.997369] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 439.003458] *** Control State *** [ 439.006932] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 439.013649] EntryControls=0000d1ff ExitControls=002fefff [ 439.019130] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 439.026040] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 439.032747] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 439.039452] reason=80000021 qualification=0000000000000000 [ 439.045754] IDTVectoring: info=00000000 errcode=00000000 [ 439.051541] TSC Offset = 0xffffff13049bc28d [ 439.055919] EPT pointer = 0x00000001cf32901e [ 439.109196] *** Guest State *** [ 439.112654] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 439.124488] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 439.133440] CR3 = 0x0000000000000000 [ 439.137156] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 439.143170] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 439.149371] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 439.156054] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 439.164099] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.172440] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.180496] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 439.188472] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.197349] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.205393] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 439.213973] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 439.222006] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 439.230023] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 439.238034] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 439.244588] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 439.252069] Interruptibility = 00000000 ActivityState = 00000000 [ 439.258285] *** Host State *** [ 439.261522] RIP = 0xffffffff81223c27 RSP = 0xffff8881afc97350 [ 439.267508] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 439.273957] FSBase=00007f5bb4316700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 439.281791] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 439.287677] CR0=0000000080050033 CR3=00000001bd069000 CR4=00000000001426f0 [ 439.294758] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 439.301880] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 439.307918] *** Control State *** [ 439.311426] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 439.318089] EntryControls=0000d1ff ExitControls=002fefff [ 439.324411] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 439.331494] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 439.338164] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 439.344813] reason=80000021 qualification=0000000000000000 [ 439.351155] IDTVectoring: info=00000000 errcode=00000000 10:23:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffffbc, 0x40, 0x0, 0x1fe) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYRES64=r2], 0x1}, 0x1, 0x0, 0x0, 0x400000000000}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:01 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:01 executing program 2: ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:01 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:01 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) 10:23:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r0, 0xffffffffffffffff, 0x0) splice(r2, &(0x7f0000000080), r1, &(0x7f0000000100), 0x1f, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x64, 0x3, {"4218226902d7ba1b0f18b72bb34f9ec267d1ada33891a51b5e004ac5ac1b399f3e122b658baf50dc13b2fbcbf151b7d42592886a3de3b73ba11b8a047e5afc8d4bf3d06e91318854acddd1"}}, {0x0, "38d3ec7ac6efe466d289362fff6c53c10193c7fd68296412a7b0399f375b28e85793316e703d7b5519ebcaaf2b0e4b16c69dc55f5b3b734af2c5858916433bb0b334586ee6a300b596ff22fde89c076a994bdb0ca6419e70e4651509449dbe00ec167f292ca1c1dffe13b405118d363d1953c52f2cf491345a0bed5823d4bba5194d64e92776d9c85ba60f57aa9e1abe9c8eaa759d591d6c364a2a8fb5acd34d7355637ebf941cda20c37cae575e00c942"}}, &(0x7f0000000340)=""/54, 0x117, 0x36}, 0x20) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r5, 0x84, 0x18, 0x0, 0x0) close(r5) close(r4) modify_ldt$read_default(0x2, &(0x7f0000000140)=""/130, 0x82) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 439.356589] TSC Offset = 0xffffff13049bc28d [ 439.360970] EPT pointer = 0x00000001cf32901e 10:23:01 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:01 executing program 2: r0 = syz_open_dev$vbi(0x0, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 439.422203] validate_nla: 4 callbacks suppressed [ 439.422213] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:01 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @reserved}) 10:23:01 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:01 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:01 executing program 2: r0 = syz_open_dev$vbi(0x0, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 439.595829] *** Guest State *** [ 439.608908] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 439.619126] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 439.708574] CR4: actual=0x0000000000742c4f, shadow=0x0000000000742c0f, gh_mask=ffffffffffffe871 [ 439.735357] CR3 = 0x0000000000000000 [ 439.765124] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 439.793446] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 439.816459] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 439.830607] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 439.847770] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.858881] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.866883] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.898786] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.906823] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 439.938793] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 439.946892] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 439.968884] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 439.983469] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 439.998848] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 440.013628] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 440.028817] Interruptibility = 00000000 ActivityState = 00000000 [ 440.041972] *** Host State *** [ 440.045257] RIP = 0xffffffff81223c27 RSP = 0xffff8881b3017350 [ 440.058918] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 440.065346] FSBase=00007f8a16ebd700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 440.077715] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 440.086035] CR0=0000000080050033 CR3=00000001b728a000 CR4=00000000001426e0 [ 440.097015] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 440.107638] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 440.116297] *** Control State *** [ 440.120127] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 440.126922] EntryControls=0000d1ff ExitControls=002fefff [ 440.132830] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 10:23:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x20}, &(0x7f00000000c0)=0x8) ioctl$EVIOCSABS2F(r3, 0x401845ef, &(0x7f0000000200)={0x100000001, 0xe45, 0xffffffffffff0000, 0x1ce7, 0x2004, 0xffffffffffff0f57}) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000100)={r4, @in={{0x2, 0x4e20, @remote}}}, 0x84) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/uinput\x00', 0x802, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:01 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_G_ENC_INDEX(r0, 0x8818564c, &(0x7f0000000180)) 10:23:01 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:01 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:01 executing program 2: r0 = syz_open_dev$vbi(0x0, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 440.140249] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 440.147157] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 440.154131] reason=80000021 qualification=0000000000000000 [ 440.164246] IDTVectoring: info=00000000 errcode=00000000 [ 440.170162] TSC Offset = 0xffffff127c69baf0 [ 440.170172] EPT pointer = 0x00000001b802801e 10:23:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) rt_sigprocmask(0x2, &(0x7f0000000000)={0xddee}, 0x0, 0x8) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:02 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 440.240866] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:02 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:02 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) [ 440.301836] *** Guest State *** 10:23:02 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 440.342918] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 440.397053] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 440.433889] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:02 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:02 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) [ 440.446634] CR3 = 0x0000000000000000 [ 440.457596] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 440.476970] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 440.509406] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 440.546136] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 440.565140] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 440.581335] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 440.600147] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 440.624243] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 440.634086] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 440.642584] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 440.650851] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 440.658879] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 440.666858] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 440.674895] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 440.681331] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 440.688836] Interruptibility = 00000000 ActivityState = 00000000 [ 440.695067] *** Host State *** [ 440.698251] RIP = 0xffffffff81223c27 RSP = 0xffff8881b1827350 [ 440.704280] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 440.710723] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 440.718507] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 440.724432] CR0=0000000080050033 CR3=00000001b58cb000 CR4=00000000001426f0 [ 440.731485] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 440.738167] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 440.744282] *** Control State *** [ 440.747752] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 440.754453] EntryControls=0000d1ff ExitControls=002fefff [ 440.760587] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 440.767513] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 10:23:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = memfd_create(&(0x7f0000000000)='GPLuser\'system\'selinux\x00', 0x7) getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:23:02 executing program 4: lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="00fb920704fbf22be21240eaaec2cdc3dc095769579aad8ffe225dbfb658a495de13b3c67bdf3590c38bcfc34b9cd17128bf4c7fbd2f735d76b6ce0ae45b01cbdb81c6e488057af8ccd97f28444fc0e31fb7675c2a204e701b8c130901687a4562c2ddcf6d27cd7c989129c15b45fa2c37777c1af1ec52b29ab5cf53205b825cd90d0e895bcc5d56dbff3069ea29c7325a90e2f073339d7687d78275bdf22b31ce4b0d9c02a805259131f3ee97be27c238bdb8a29acd9e4e8f0ee0333b5916f68a8b38bc3e2e38c800a660ff3e1da2930c1a64eb4343f9d0305717e15e10ffade743661243d5a53ced9f9a7a43754cd5944f094afced84f351f43b8b9ab2192d95cbf50b7e4e24fbefa1bafcaa742be58274e603fdf8aea2f4e7f0fc49aa9aa74ae0ac23dc88fc5a5e2fc371d4bfccff8a79fe318388595d33a90027ae15c16a3f6460361a67ec4ccb104556f31870423a73a1b089c7ad7c7a482756f28c8e50c34595f3e98181428f4c7e38974e793f92c723192fa9a4bb3947f1b7a837b8cac59faa2cadc0830d86304562e285c22d3267b9ae85528e208ff8d960efe8e5c33eb04a5c9799dfe283aca21a9dad751528f21a8308d95bf9036e7dda9a624026301630e5cc69fd41a12a7d46fe08f076bca36fd2e05e5307e03596af1f085370af35787f44b0bb16be3d73a2dc0cb43ecd73155a73843d73fc446ff3e40004"], 0x92, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:02 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:02 executing program 2: syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:02 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 440.774243] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 440.780886] reason=80000021 qualification=0000000000000000 [ 440.787206] IDTVectoring: info=00000000 errcode=00000000 [ 440.792691] TSC Offset = 0xffffff121ccc7291 [ 440.797010] EPT pointer = 0x00000001b07ba01e 10:23:02 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x0, 0x2) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x138) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) socket$nl_netfilter(0x10, 0x3, 0xc) 10:23:02 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, 0x0) [ 440.873398] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:02 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:02 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:02 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:02 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, 0x0) [ 441.020945] *** Guest State *** [ 441.025633] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 441.053039] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 441.061178] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 441.102206] CR3 = 0x0000000000000000 [ 441.118074] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 441.142179] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 441.166194] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 441.187897] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 441.195354] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 441.205117] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.217110] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.229758] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 441.241518] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.250197] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.258323] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 441.266938] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 441.276672] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 441.285152] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 441.294094] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 441.301125] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 441.309075] Interruptibility = 00000000 ActivityState = 00000000 [ 441.315639] *** Host State *** [ 441.319315] RIP = 0xffffffff81223c27 RSP = 0xffff88818560f350 [ 441.325559] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 441.332229] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 441.340100] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 441.345993] CR0=0000000080050033 CR3=00000001c1e4d000 CR4=00000000001426f0 [ 441.353084] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 441.359919] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 441.365961] *** Control State *** [ 441.369469] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 441.376140] EntryControls=0000d1ff ExitControls=002fefff [ 441.381640] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 441.388565] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 441.395291] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 441.401894] reason=80000021 qualification=0000000000000000 [ 441.408192] IDTVectoring: info=00000000 errcode=00000000 [ 441.413698] TSC Offset = 0xffffff11bcbe245b [ 441.418025] EPT pointer = 0x00000001cf2db01e [ 441.459125] *** Guest State *** [ 441.462429] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 441.471401] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 441.480326] CR3 = 0x0000000000000000 [ 441.484128] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 441.484141] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 441.484163] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 441.496148] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 441.496170] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.496188] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.526915] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 441.534957] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.543599] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 441.551767] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 441.559835] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 441.567903] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 441.575985] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 441.583998] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 441.590475] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 441.597964] Interruptibility = 00000000 ActivityState = 00000000 [ 441.604273] *** Host State *** [ 441.607468] RIP = 0xffffffff81223c27 RSP = 0xffff8881c316f350 [ 441.613493] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 441.619921] FSBase=00007f5bb42f5700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 441.627706] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 441.633776] CR0=0000000080050033 CR3=00000001c1e4d000 CR4=00000000001426e0 [ 441.640848] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 441.647513] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 441.653599] *** Control State *** [ 441.657057] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 441.663751] EntryControls=0000d1ff ExitControls=002fefff [ 441.669868] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 441.676784] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 441.683566] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 441.690871] reason=80000021 qualification=0000000000000000 [ 441.697186] IDTVectoring: info=00000000 errcode=00000000 [ 441.702722] TSC Offset = 0xffffff11bcbe245b 10:23:03 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, 0x0) 10:23:03 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000000)={0x6, 0x1}) 10:23:03 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:03 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f00000002c0), 0x10000000000000a6) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="882d3116fdff25f8ff4e20476bc54135396e7cedf36acde2e7af4a33cf87d15e"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 441.707137] EPT pointer = 0x00000001cf2db01e 10:23:03 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:03 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x2, 0x2) chroot(&(0x7f0000000000)='./file0\x00') ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:03 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x0, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) [ 441.785366] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:03 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:03 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x0, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:03 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:03 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) io_setup(0x7, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f00000002c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f0000000180)="83d228adaedd8d7ef3824915b0d9db0708005cffb584fb35759895812a3e1d62de68684afba46dab58b7c9533e0689c30bc67e1062da6646cb514dbebfc36204d3d0fb4cfdf4354d182c27d7409a92ff01c5343f1d0bc42c4692dad66f", 0x5d, 0x1, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x81, r0, &(0x7f0000000240)="5360e8928b3b37348f", 0x9, 0x6, 0x0, 0x1, r0}]) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x931, 0x80000) [ 441.981817] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:03 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x0, 0x6, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:03 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:03 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$audion(&(0x7f00000059c0)='/dev/audio#\x00', 0x40, 0x100) setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000005a40)={'filter\x00', 0x7, 0x4, 0x480, 0x280, 0x0, 0x140, 0x398, 0x398, 0x398, 0x4, &(0x7f0000005a00), {[{{@arp={@loopback, @empty, 0x0, 0x0, @empty, {[0xff, 0x0, 0x0, 0xff]}, @mac, {[0x0, 0xff, 0xff, 0x0, 0xff]}, 0x800000000000, 0x9, 0xfffffffffffff8f4, 0x26, 0x3a, 0x1000, 'vlan0\x00', 'vcan0\x00', {}, {0xff}, 0x0, 0x40}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @remote, @multicast1, 0x0, 0x1}}}, {{@arp={@multicast2, @rand_addr=0x10000, 0xff, 0xffffff00, @empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}, @empty, {[0x0, 0xff, 0xff, 0xff, 0x0, 0xff]}, 0xffffffff, 0x3e, 0x1, 0xffffffff, 0x400, 0x8, 'ip6gretap0\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x218}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={[], 0x18}, @empty, @empty, @multicast2, 0x4, 0x1}}}, {{@uncond, 0xf0, 0x118}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00'}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4d0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000000)=0x9, 0x4) [ 442.210960] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:04 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:04 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x1, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:04 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x0, @bt={0x6, 0x6, 0x1, 0x3, 0x20, 0x7, 0x2, 0x5, 0x5, 0x0, 0xffffffffffff7f07, 0x800, 0x2, 0x10000, 0x11, 0x9}}) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000000)={0x3, 0x7}) 10:23:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000080)={0x80000001, 0x3, {0xffffffffffffffff, 0x0, 0x6, 0x3, 0x9}}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000380)=[@in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e21, 0x3, @mcast1}, @in6={0xa, 0x4e23, 0x68, @empty, 0x40}, @in={0x2, 0x4e21, @broadcast}], 0x58) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="882d277d78caba752e"], 0x1}}, 0x0) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x100000001, 0x2) ioctl$KDGKBSENT(r4, 0x4b48, &(0x7f0000000240)={0x1, 0x3, 0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r5 = syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0x2, 0x2) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f00000001c0)={0x7f, @loopback, 0x4e24, 0x4, 'wrr\x00', 0x0, 0xd768, 0x2e}, 0x2c) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:04 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x1, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:04 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:04 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = shmget$private(0x0, 0x1000, 0x78000001, &(0x7f0000ffc000/0x1000)=nil) shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000180)=""/157) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:04 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 442.735396] *** Guest State *** [ 442.755305] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:23:04 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) [ 442.792256] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 442.819606] CR3 = 0x0000000000000000 10:23:04 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:04 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000180)) r1 = eventfd2(0x0, 0x800) ioctl$int_out(r1, 0x5460, &(0x7f0000000000)) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0xfffffb, @reserved}) r3 = getpgid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@empty}}, &(0x7f0000000440)=0xe8) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = gettid() getresuid(&(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)=0x0) r8 = getegid() r9 = getpid() ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f00000006c0)=0x3) r10 = geteuid() stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r2, &(0x7f00000007c0)=[{&(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)="03e4d3b7bdbfccab06b8a4b3ea3fe4d4e6cc916a91107699d251625d9ac46405102fcf79763c5f680cd4b584a083ed860afb1ff1f8b2303b8eecf11380f027f1d2dc3c67d7a73b0f594323", 0x4b}, {&(0x7f00000002c0)="d9c8cc2dd16d7c42767e5bade3032b", 0xf}], 0x2, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000000020000000000000000100000002000000400a55ab087f1fea6ad9230a92b31b41df9c32b8794758b4d2a7dfcbca4587d3dbdcaa3e0a06d666", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="20000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB='\x00\x00\x00\x00'], 0xe0}], 0x1, 0x4c810) [ 442.872330] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 442.910845] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:23:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 442.948902] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 442.996071] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 443.027879] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 443.067204] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 443.075545] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 443.087794] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 443.108894] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 443.134156] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 443.154144] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 443.165117] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 443.173894] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 443.185234] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 443.192123] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 443.200127] Interruptibility = 00000000 ActivityState = 00000000 [ 443.206517] *** Host State *** [ 443.210031] RIP = 0xffffffff81223c27 RSP = 0xffff88818635f350 [ 443.216172] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 443.223609] FSBase=00007f5bb4337700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 443.231721] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 443.237910] CR0=0000000080050033 CR3=00000001b0b9b000 CR4=00000000001426e0 [ 443.245246] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 443.252252] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 443.258459] *** Control State *** [ 443.262243] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 443.269261] EntryControls=0000d1ff ExitControls=002fefff [ 443.274907] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 10:23:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$md(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0\x00', 0xc2, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000200)=""/135) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r4 = socket$inet(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="240000002e0007041dfffd946fa2830020200a0009000000001d8568ff0f000000000000280000001100ffffba16a0aa1c2009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x28, &(0x7f0000000000)={0x0, 0x0}}, 0x10) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000140)={[0xc48c, 0x401, 0x7fff, 0x7, 0x8, 0x5, 0x9, 0x0, 0x59f, 0x5, 0x8, 0x1, 0x1000, 0x5, 0x8, 0x276], 0x0, 0x100000}) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r5, 0xbe, 0x8}, 0xc) [ 443.282363] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 443.289787] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 443.296577] reason=80000021 qualification=0000000000000000 [ 443.303316] IDTVectoring: info=00000000 errcode=00000000 [ 443.309267] TSC Offset = 0xffffff10d1d3ea3f [ 443.313758] EPT pointer = 0x00000001b2f4a01e 10:23:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) fsetxattr$security_evm(r1, &(0x7f0000000000)='security.evm\x00', &(0x7f0000000080)=@v1={0x2, "6fe10d9a4db9f7c7216f3ff083fe31805a2e6d"}, 0x14, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:05 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:05 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:05 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:05 executing program 4: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0x2, 0x0) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000080)=0x7f) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000180)={0x54, 0x4, "1cfa6f2af3ac50a8164d5bfe02b281cf1a53b226238813048bd121e1a3911915", 0x2, 0x1, 0x8, 0x49, 0x8}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000007, @reserved}) ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0) [ 443.467657] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. 10:23:05 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:05 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:05 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x8, 0x100) sendto$packet(r1, &(0x7f0000000180)="d3a5cc07bd4ba96b5df9bb07d9c00baa0fb623715d509151004b2c91cbbeb7a4379a291196a6c9bf3bd66f33ca58876bd3f41e45a74668ca8fc72245b96134fc4c61e9e07d80648faf243e5713ba7a0770d617ac335a7443242c6baa9803d7af261d15ce8b0756b462d917b913868c429ed37017ff3512fe9b782b1df414fc6d61ba1993f4c3392f43da24944d990ff4f06e59d18700f5ee826a06fcb160807cd4c2be1b487637a6c3eb40f6176f6609afe6ee4995d3276fe35e9d61dddbf3da1c501c099375c2637d27230163db722008efeb7f074096580170382a69c41bceb2aa7cf5cb27aa02ebc68a99619825fea5c0442b", 0xf4, 0x20000800, 0xfffffffffffffffd, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:05 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:05 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:05 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fsetxattr$security_ima(r1, &(0x7f0000000000)='security.ima\x00', &(0x7f0000000240)=@v1={0x2, "c2b72317d3349dbe8cadeac342c0d158"}, 0x11, 0x3) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x800, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000200)={'\x00', 0x600}) connect$inet(r3, &(0x7f0000000280)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}, 0xfebf) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f0000000080)={0x1000, 0xffff, 0x1}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000060919d474605ad60738e0d98d68a5ae054d682b78bc81e7212b8a67e537868f7f06c0ce1d1a5946d3091d5490ddeac604d80e5cc2534cf625b2187ecc880b4a034bc85c2fc476b0f0f95cb658728b75e20fdba432e886c78efbb4c69b935bf709bcb2998ac2a9db8918201efd0f1552f2e010cd06276f2a7280000000000000000000000006f97a6155e5c60692ec015ff55c85dc8d2ab812e7200c3df0d94802b24b4a138c82fbabac002fd999186b7da28e85ba27cb12c46b0c0ac393c2ec8b28439e5e4982b47ad2ebecef2b50d57754b72e7"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:05 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:05 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) sysfs$1(0x1, &(0x7f0000000000)='/dev/vbi#\x00') 10:23:05 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:05 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:05 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000100)={0xe987, 0x1fc}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/250, 0xfa}, {&(0x7f0000000080)=""/58, 0x3a}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) [ 444.038119] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. 10:23:05 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:05 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:05 executing program 4: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x20000, 0x0) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000200)) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r2, 0x101}, 0x8) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000240)={0xfffffffffffffffd, 0xacf2, 0x3, 0x0, 0x0, [{r0, 0x0, 0xfff}, {r0, 0x0, 0x4}, {r0, 0x0, 0x7}]}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:05 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:06 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x3, 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000001c0)={0x8, 0x0, 0x3, 0x5, 'syz1\x00', 0x81}) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) setpriority(0x2, r2, 0xcc) 10:23:06 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200000, 0x0) ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x10000000000) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x3a33, 0x0) 10:23:06 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:06 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:06 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff81, 0x9, 0x4, 0x20}}) 10:23:06 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x440) fcntl$setpipe(r0, 0x407, 0x80000000) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$RTC_UIE_OFF(r0, 0x7004) ioctl$void(r1, 0xc0045c79) syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x1, 0x2) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004804}, 0x10) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = creat(&(0x7f0000000200)='./file0\x00', 0x10e) write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000240)={0x24, 0x3, 0x0, {0x5, 0x3, 0x0, '\\^{'}}, 0x24) r4 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x200000, 0x0) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x7c, r5, 0xf00, 0x70bd27, 0x25dfdbfe, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x90}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40010}, 0x8804) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:06 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x20}}) [ 444.697461] validate_nla: 9 callbacks suppressed [ 444.697471] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:06 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:06 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x200000, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000180)="449ae72a1449c736c25168a75d289d1e47d3d9f465cdb8d2a9df510017fc67a18fdd48a9d420e636fcf0a8b50a6927bbaff0f286427b17e20268fb", &(0x7f0000000340)=""/229}, 0xfffffffffffffdac) fcntl$dupfd(r0, 0x406, r0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x0, 0x6, 0x1, "3ca220b5b975d83d7cf9066df3b3272ae21606dd0ec0d8e7898cbae8bbe9ca34", 0x38416761}) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xc8b0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0xffffff}) openat$vicodec1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video37\x00', 0x2, 0x0) 10:23:06 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:06 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20}}) 10:23:06 executing program 4: r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/attr/current\x00', 0x2, 0x0) fsetxattr$security_smack_transmute(r0, &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@mcast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6}}, &(0x7f0000000340)=0xe8) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/qat_adf_ctl\x00', 0x80000, 0x0) r3 = creat(&(0x7f0000000440)='./file0\x00', 0x4) renameat2(r2, &(0x7f0000000400)='./file0\x00', r3, &(0x7f0000000480)='./file0\x00', 0x1) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='security.capability\x00', &(0x7f0000000380)=@v3={0x3000000, [{0x3}, {0x40, 0x3f}], r1}, 0x18, 0x0) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x1000000}) [ 444.906750] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 445.003207] QAT: Invalid ioctl [ 445.057645] QAT: Invalid ioctl 10:23:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="8e1f0bd0f7a297b8c4"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r1, 0x6685) 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:07 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}) 10:23:07 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d31ffff0000"], 0x1}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:07 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000200)="1ab2fbf5d108600030b47b250c6bb4975a9c765cb5f5cc6b3e9c9989b0a031fb95786caf2b6242ba413af4a0b3f6290acc0b4e54ebc602dcce1d5f8b599be364da448c139d152e19800ed4b01c4a692b0d60896c22d8a5453b767d3fb02ffd287079cc2032e6efc27880d32ff319a28f456c9e293be5fb1d8a79a7fefa051352b8f4d84562589db992207261c7ebd3ac2631106ccac7fd47158ad7719eb2f2a08dd27582155a925dd4d673bc060a76bb326e970078e63886577df2abb15ebb06eba41a39c6d03155fed3849a6ef38c71863494aa386ccad2648041c315f166d3f64eb33ec27ffd3f207051f0f36c92baa6d9bd62257f4a82d94fad621588b34d") ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000180)={0x5f, 0xcb90, 0x8000, "502835182682c97fc8fba44f6b2e0460b552002b69b471d47d570d3c60371122e753ef400073f3daa1281ec67b7939bb9dae5403b9634f83b643c88dfda994742c6e3de26e1b8978b69321752255960d1e172fb07ef31fe5f002834419df1c"}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) tkill(r1, 0x1b) fadvise64(r0, 0x0, 0x3, 0x1) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000000)) ioctl$VIDIOC_RESERVED(r0, 0x5601, 0x0) 10:23:07 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000180)=""/186) [ 445.343465] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:07 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:07 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x200000, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000180)="449ae72a1449c736c25168a75d289d1e47d3d9f465cdb8d2a9df510017fc67a18fdd48a9d420e636fcf0a8b50a6927bbaff0f286427b17e20268fb", &(0x7f0000000340)=""/229}, 0xfffffffffffffdac) fcntl$dupfd(r0, 0x406, r0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x0, 0x6, 0x1, "3ca220b5b975d83d7cf9066df3b3272ae21606dd0ec0d8e7898cbae8bbe9ca34", 0x38416761}) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xc8b0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0xffffff}) openat$vicodec1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video37\x00', 0x2, 0x0) 10:23:07 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) [ 445.623198] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffd62, 0x0, 0x0, 0xfffffffffffffd25) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) setxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x1) 10:23:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = creat(&(0x7f0000000000)='./file0\x00', 0xc0) ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f0000000080)={&(0x7f0000fe6000/0x3000)=nil, 0x200, 0x5, 0x1, &(0x7f0000ff4000/0x2000)=nil, 0x9}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x80100, 0x0) 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:07 executing program 4: ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000000)={0x5, 0x19, 0x1, 0xffffffffffffff9c}) r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x1ff, 0x0) r2 = dup(0xffffffffffffff9c) r3 = socket$nl_route(0x10, 0x3, 0x0) poll(&(0x7f0000000180)=[{r0, 0x80}, {r1, 0x4}, {r2, 0x20}, {r3, 0x1001}], 0x4, 0x4) r4 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:07 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000000)={0x1000, 0x5, 0x9, 0x802, 0x754b, 0x3, 0xfffffffffffffffb}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xffff}}) socket$inet_icmp_raw(0x2, 0x3, 0x1) 10:23:07 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 445.813917] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xff, 0x208040) write$P9_RMKDIR(r3, &(0x7f0000000080)={0x14, 0x49, 0x2, {0x0, 0x2, 0x1}}, 0x14) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={0xffffffffffffffff}, 0x106, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r3, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {&(0x7f00000000c0), r4, 0x2}}, 0x18) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000240)={0x3, r3}) 10:23:07 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @reserved}) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000200)=ANY=[@ANYBLOB="0100c50014850320420bdb7d910ca1dff2e2b83701e2686c21ab5aa01e0c4674988b27b4e126c2f68e8d60d530653eb2f7817795c07288811dea9cda76df1691047036f1f9083cfd1199e3279a47b3eec8b8486c11e7c1a0663bb61a368a5e5189eae8a512a171989889e45b5c2c95bdaacd45aacd2ee267f3561c01bf16256e6003bfa988dfa23716b16760c8be78482dbc1c3d0700000000000000a9f897b1f77d5660b5d8037a82255e7443aec316d108387eea33f9c3bf6787d61959c900000000000000000000"]) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x10001}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={r1, 0x7}, 0x8) setsockopt$packet_buf(r0, 0x107, 0x16, &(0x7f0000000180)="695b6713036fd98e2e71ca4b4ff571c239a85e27f08c2853499c334c8c1b3cabdb33fea39b2e953dcfc917ccce511f8b75d951371bea3899524b85fdeefa768d902fe145bffe170306a91cd8426a7b2f8df03f7e346d936e4ee2753ce0ed8dc85f16aee2450af585a60a9f624714a2a1fe44ab18dfc5cb8d751f95cf48", 0x7d) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0xf61) linkat(r0, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00', 0x400) [ 445.867888] *** Guest State *** [ 445.873438] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 445.907831] CR4: actual=0x0000000000002060, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 [ 445.917742] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 445.953403] CR3 = 0x0000000000002000 [ 445.963893] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000004000 [ 445.971566] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 445.978526] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 445.984868] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 446.003940] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 10:23:07 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)={0x0, @aes256}) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040), &(0x7f0000000080)=0x4) fcntl$setflags(r0, 0x2, 0x1) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0)=0xdeb6, 0x4) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000200)) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 10:23:07 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:07 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) [ 446.015897] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 446.043530] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.060272] *** Guest State *** [ 446.082974] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 446.096807] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 446.110014] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 446.120242] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.131449] CR3 = 0x0000000000000000 [ 446.135825] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 446.147761] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 446.148159] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 446.163469] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 446.164890] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.170702] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 446.182264] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.203269] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 446.223452] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.233115] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 446.253027] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.258428] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 446.268811] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 446.283037] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 446.297446] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 446.303545] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.306034] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 446.319919] Interruptibility = 00000000 ActivityState = 00000000 [ 446.324234] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 446.328622] *** Host State *** [ 446.335457] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 446.337675] RIP = 0xffffffff81223c27 RSP = 0xffff8881b37df350 [ 446.345946] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 446.351826] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 446.360399] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 446.366886] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000 [ 446.374736] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 446.382496] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 446.390673] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 446.396385] CR0=0000000080050033 CR3=00000001cc8f4000 CR4=00000000001426f0 [ 446.403995] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 446.409973] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 446.417434] Interruptibility = 00000000 ActivityState = 00000000 [ 446.424145] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 446.431060] *** Host State *** [ 446.436680] *** Control State *** [ 446.440326] RIP = 0xffffffff81223c27 RSP = 0xffff888185667350 [ 446.443406] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 446.449629] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 446.456771] EntryControls=0000d1ff ExitControls=002fefff [ 446.463525] FSBase=00007f8ddede6700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 446.468753] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 446.476790] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 446.483561] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 446.489707] CR0=0000000080050033 CR3=00000001b2344000 CR4=00000000001426e0 [ 446.496171] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 446.503458] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 446.509998] reason=80000021 qualification=0000000000000000 [ 446.516778] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 446.523100] IDTVectoring: info=00000000 errcode=00000000 [ 446.529826] *** Control State *** [ 446.534760] TSC Offset = 0xffffff0f1e66def8 [ 446.538174] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 446.538186] EntryControls=0000d1ff ExitControls=002fefff [ 446.542617] EPT pointer = 0x00000001bb3f501e [ 446.550571] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 446.566576] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 446.574200] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 446.581046] reason=80000021 qualification=0000000000000000 [ 446.587363] IDTVectoring: info=00000000 errcode=00000000 [ 446.593496] TSC Offset = 0xffffff0f0d029662 [ 446.597821] EPT pointer = 0x00000001bb85601e 10:23:08 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:08 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0x2b, 0x0, 0x3, "63cae3b638a84867659d6d21ae4091c8", "dcdd9e15d61940e1c7ad5cfd4412b5d84910c1b7f0c7"}, 0x2b, 0x1) 10:23:08 executing program 0: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x101002, 0x0) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) sendmsg$xdp(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x2c, 0x2, r1, 0x3e}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000140)="b9990f8db3dc83570346083a1ffd25fcca4c3bcdf7", 0x15}, {&(0x7f0000000180)="1ca12108675764ee8f1e60ae2ae7e2d8514ccd50091be8a30da19eb2e04e8aefe208efd2da7f847af214dc6fa24ab2ffc1e3a0e4f5493f2a54dd2974277d26e6db88fb04af87711f4865beb0a983bd04", 0x50}, {&(0x7f0000000900)="41422cb18550d7f5e501d1727a7c2f011333f128452afef0481d497ee229b18fb6ef47e0938a541713bc3b2afb96f44f7578d555457c71939ce4f7f073dd5b552c37aaf823f99013dde20b9a542473a2d8bd6c38442d199bf0c567265d6c371852f2373d0fa343682382cb05962443791be2572c4a31073ddecb3719790a27af9af2b8e56cfedc9ce6909a5f49032153a7116510e3a8f860a407789b0bf2840f069a30bf39135a924484684f8369445c7a18f129f723066058f975df27c3a04efdfc1af307d4bee34be85fb4f98a9ffbb53c1a5a24e3dc8e2a75a18ae2ccb6b156afda0445a40576b1e50390d3aff87f203dd2d8b6ca72571f053b44c71ebf33d5e93f4814c96d76fca2064dd83dcd62692f55ca1f19dbdcf6c98aed654c5cfb61547929005c860ff59434133c0c2d97b66d019c627fd404f210606f6e847d85ce557b77e8ec78e87109f80cda13e7580a69d9256037d2f7979666bfa9e6f7b61001d017db06089ade4a421b0a36a9be3a520a5f34a335057ff95679b7d0fbe3641aeaef879e52b414ada2429b3dc161516842cf4f967f7966657e80884ea059a32e20b03485435ab68cc6a059089748484963e842e5fec4965f55a8ff374d9d3c687d403c4b0bdc99ff9a860c5246586966c78c7dc5e8b5f9f95caa191e6b09f2b85adb2873b00e271268b8e0c4a46b092e48f0bedfb392298e695b931ab8339f1e62cea20305404f4a058b61693fc79b2c4e2dd832291ca1e384de9e240a1e6b8417f9d7c1b78ebd445379d06d3c2ed5e1d8f31c1438f5b1404634d51fac118d00ac2cf13fa8482b6f37474bf780823555c79bc04eab2892f4c7fcec771c289b371b5f76372db8f96908e03bd9e80ae901291541daf751b728c92544bcc660ae82339ee988bb49c2bb245110ac1f715c3a70306cf832ee990b9e1620f692ee99fb6166c9e0aa5c5b7100d2a4fcf178160f6664de4e21341f1eb3230c9120ea3b7f87738c854e21476265ebcc42b168809494c7724488e9a8d11813913302e04a224c348b5962ce459459a6ae3b71131a58c83d8320d35515a0ae74aa65d4ab053aed81041871f81791ddedc4d776324b91485af2a9635d39c42a2c4e01b83dc4b51f55019715750400987e693e20bf5a86df3cddb44fe1035fcf3646861f92deb0e61e97228beadbb4d11ae4ce9fcd4e60d863f66397c74e67b4fe650a2a556b749edb642ec5a7cb98419f39b9da8657f1013a785114238183576d2d97d44a5f632b2a72c8e9ede6ec3c053172547dceb01e951dbe8cad59222b93d68d31edc6d8b2591de4e1a3f79117792a074f9d587321c19d9cd842f2c231aab99cb2017ae726426be7e8007e6239bd5ab6505b3d46dfbb16c18bce1b9ddc1dbbc72615836b831b66c4f99d974a13b350529553498df29ccb0ad2c834c314e1f54e9414413b09fdc3c77b8ae1dc40087d41ad1cf569222f6702dc08586c3add241175b39ac8d284a5fd85fd5dd34b367f955a21a38c429c1be94c0f6e61abb19cd4471378b46208af8dc277f46c17affbeaf228c126a0a4fd4bb5b578441064349c013fecb12f7b66fba3e61253f21668a5d2c581b9a2760d8e4a668a4f77e0c444d7450b6febd9fc2fe0d168d5fd27db69c6aa2b3857473faabe9b2d2c201225de83e27d7bdd0fd4c607b81d9169768a561066428d7372a7c80d7397bf8d04f0472fead473d297f8ca55d1abfba26d83a1a79c03a4fc681c6238a02948877e792017fedd70e4c944d20b4d893feeeccada39824ff39bef1498b292a9366134a9e3412f4faaf3bc7c75672e3a3596b9dde6c7ab24a89fe74be4fb9ba995004d999e2be99b7cdcaeb5b523236bbe58061fd57af5472f9044c82ee72dce75e7dc6a8176a543f0c0cdf67db892a3c70759ed0ee8626b41f2e52883e3d817a2e0c114cf96f862afa7a4bd6e44cc475631d43caacf4dd0340b2124c959dcab3c80411720e2977ba10ea30e23044f6722cee01fe50432cbeaabc88d4c10e430370b43aefafca45a1256ef6aca959a50ff4604e0c5abd24256dfd3726c8e561fd18fcf81b5ac7cdbe068d8a06d70d80cd95ec7becacd87dbd6ae4ae90deed6550269cf0558eb07ff2ecf6e31064f1e8c664db9f0cd9de6affb060288d080656fb5d2c47afbc7ff5b014cb8d4f63baa23c1af8b3bf98099a2716b915855b75af06cdf4f5590e842924bea0ace33e47afee2525a04e9f9682f7b38f37040833fc147db13ce45eafe60cb4bf708c2cb7f78e228372fffd5bf32358c8bd8c946ed56b7a9fca88122299d743eb5ada40ec4b458aa5e02c2eb8b6185de0fa69a779d39813356e6b15e6915a2b8b11faac6b6b0f673ffd672428623bd3e2a8d5a3272b013d46bb466f87de62df25b5650c3055047e7072ea023becafab6543b1f800ede60637ba0e104988371d145cf1552a0aa11e7f875537a2d357d577667ebd4fa2883b9230c9510d8f7c7afaa7ac9df56ab522a4439cb02174057760e19efa17d4bac78739874af1a628c0bdbc88f899df6d92b5d1a8a620a8dce73f481e169d269b1c5a0d26be3550d7508645bad26635693d962f1fd2cebe78fb4076d07d40ec28661cc7a1ce8d7d914457cc57c8d0d7faf34a6ee07c83af1fcbb5f8fba5475b5da16d21b702e246a26f109003ff78123ec7086e3702d47d13d5c899aa93fb75ab4a544fc2eab87083d3394c4cabee25b9187532b61a7a599a6e681df06d7952b97d3dd804c178676e38b34a746edd53ab86cc2799cc964bed8131bdf3928daa73108fbd6c498866d729e73c27fecc76410349f256f2fd4cc8f93f50f28f2fddc2a52ff1858eaf6cf442165996b3b3c1df663d80811c7dcc3a38f3df68aad108eb795d83f366f5d299646e0d9af89f17c92b058384446f270415f7d4756e6a86f86a9ac12c7063eebf5a71462f1ba75abc878846ba0f3bf2bbcc0f2724a847b65bf63dfbbdd042c19b6fee50dbc256074103f519a180297d3e016cd4d45e1fdc25273aea1b606233b3eb58f55cb647736646551cb9b0ad196d6b74a5eb89ae8ed023cc616cbb2bf92bb472bbd7f243d9aad0faa2df697db034030a4d447097f2937a55699165f0771e49def44ab86507754cf02dc560c4abb036f64fdee34438de3b415439cc666d9fd8ec1c0eefedd32528f0bbec250fa0b4c81450e3a1d254998671b5184d945778541b29fd6dfa2f44f2a29715bde0db40d6eaec0ccdeec4ff261183f008eae09b6ffe68eba90fe5775bec37963f43a57e0ea81ff5abd6851e00d513a3cdcca6342862e939af790ba577e1e008df43cbb436c0e0036ece2f865eb85197b78ea86db663abc51a030ce8f039caabdf444838fc417d5ae3a710dec84d8c54a336423dfbcde5dd6e3d7d7edaf8e3904c194f2af333771bf9ece28fc0538bdaff118469e3b13f8841bf07bc7652dc343b6994e47c2b532918de7c3fb7989c615ce71ef48bdf6206255882e5ddd935d615051042c442daa98213b2a8d27ea730b7a7670ad0c70a4f56f5730fd6a988670e397a33586286affa55892d8968c3a694a58373ee0450fcc1c78b6d1eb927df82a72eb5e0721b9776b0b39c72daa7689e155f13f4116f4ada118a4bcb4dab508644d871dd2de20b69437306071958812e961acf654ad01eb222279868033c06911a85af73896578598d4bb0c569776eb83c481dca9067a3b720ad85c3ef396e1573b8d16195dc56a612fe7646843d21a1a1edbca709ec75f9fb703be45bc1c0c3ca4a5835c0335437e525e809ac2553f43ac8a9ac395282b354996a18070d8b06e1cd40791ad5d7c0081afdea6200ac86fd0504c2cd07257f201f7034c14a2c8aca15105150a3c016017daa20c7f4a64858c8fb9bb9af80f0f58a090dff2857edd104d28f86a283edd5d596cc4806338307653eb6043a78f3d3f06a182c482d1444d9868e2b48d184b46b05c2785a9dc009b57894d4bcc3fc8e35f08ca0a0082d39d5860a43f0429f12efc59d1f8767b6f3e4a15de92cc1f94c78abf6c2f57d80cf4ae2e3b62e71e116bbbe0a2d1b79aae882d9ba9d86c36288c23e536c8f255f937d1f08b6ad25827c2fc3a747df4259061f28cfda7175568b9a5a527e1a6c75472fec64c70f885c8f097100f80f9f8d6a0e62cb2f09e2cd438a9dd9f9b4f4a7cfeeff6a9c4cb150d2daf81279aeb519bf5f83b414dfffeaccf11b37b51deff0df3601564027eacc800ee7cdb125ed52dd0810de373e11fd93705893045840bf8783bc2f02c5996dd3854a5c99da1769624af883cf0ef432f5924be9987c41ad27ebd16a092d53576013b7f2b49d950423395565f0317e3a179a38eef84e6fa2d04c79bb6f8e3ee7bf37187f23d167bf9434b65d048347480212c66f157695a131273d03e49927278269f204ba699a13044338e734b2e0497c83da7731fc9e10c9ae735bc624fd84261545190ac51d4aaea77130680187371cb7eb11529865972177ec46b1d5eac8d981a163ab0f38f29016953744e5b1aa741771744cfea0ba131971ec30a7636008f4500741586d30efddb99fc23ff3e1fe689ed75bd7c438d280c119806b7602e933379f74e6bf81de8bed1b32b611e63ccbe3439f81e9a79d353dd1119b6607138b8a04c8685c7b78212fe5719588ee073dad516a24d10936b2b41369a6df0c4de37cadfa45034eb22cbeae613eac8376d058793cd1186f29439ab619b0577fb7b1bb00e3ae96c86bdbe8335af07f3461c83517978bbf38c466c43cff98712d1d98df0e7559099d066fed414e6d8cfb27ec722e5ce78ddefc9ac16430163794a4824642c1cfbca7c6323358089a218bca26a1e5b912f2571034b1b520ba909a26e2550a98ca4f597bc2d5d56383cf274175886469288ff84d72fa5b55c6d6d86632219e8fb699994cecc41f62f409ec224757cc8676b7f0be0ed6603ce7c26001b20fe6b69e30ca47fb509b8b05b201ad3395b5b9d15c06b1caf0b41acb1290efaddcdb432f0f53b5fff06ceaf458b991a15573b9bd101c6a778bbc2232e65bc90f4017001f3e8068ba66c8e359919bfd592b31bbda35d284c372fec65bfb3c825e9e19af2a23f5673a21c1e42badeaf00054cf59245e1e5c17fafb08e45e42c9bc24dee1bef52173ccfa834bf3cb66bf5982778ac6f63188e7d9f67ea1b4ed1edfdf26bbe1ebb1184200b195ae404f3eed714e9131729ce44feda2d63771d0b2d295d5b710d2969bc681c64877f292bcfd516a813e6b7080b8d6ba6e8abb4191438a42ddf34b944b765a3f0e4600535c30a9638b2dc76337b0489a446088300177505291a3b166982f3f4e71b42eef27fcc3627f1c3552422432127165de8b934ea740b4f2d3fc2d47023599cc7586b8612219c9f3d9126d37ec21044e6461bdf1b8a6dc16fe0fea14074dfc2624d4b467d69bfec448011129c3f734695c7adf24f890187b6c146e61deb5b4d832380865a23d9b98c1c12aa51b436d5a32b1767a151d37a5afc63f7c0d7c8081d26570670d8ef3c2c82bd437d0542a1af0195a2c077ccc8e05b85e37864b251b252bcd77591bf7d44114f4a3081a71ed1df800e9ee54ed2809de68dc734893457bd398f7fa3d51764996fd5003815eb995102b8bfbc6b38adb71e07dfa2527fb85d32e0361d72a5bd2383f0cda9a5545daa4d5a2836b3337c59da57b08412465ec4256a35d097583fad19b59e46ff9024e45c17cf76c2cce75b1252809a5a6309d10011bb3007934fb116f279257fc70a4dbc8d9ffa1d0638d260f3", 0x1000}, {&(0x7f0000000440)="51e3a96a905be3f2d8407ac0ec0843435be963696c44e9d3a3f9e9ffc71b55efce66b09ae74daa27174821def5f15e980d77921e5d530f55c9aec87c12b01f637b603c462cbfdceda57b20a4dcb383fbf76dd9b64b08e0dae224320e64b00b3adbbb6ed72755db346f2608a7bd1365c971057b78a6b80f8362bd9b84f1674ec461fd81e0855b937893b4655e663c78c2cf188358fcdc6dbec46a7cd63f7d34f752a104479be03869db9cc5459ca6478c6dce8a4a30d3a2dc9160cea8a3fce7038a595098256e124aca5d4b9dd932dde789646af24ec79042a481a86982d102cd7fb94fb4312e7789a884f066a0be27820518", 0xf2}], 0x4, 0x0, 0x0, 0x1}, 0x4040810) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:23:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x6c00, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x102) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={0x0, 0xff}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r2, 0x9}, &(0x7f0000000140)=0x8) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r5 = add_key(&(0x7f0000000180)='id_resolver\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="a1", 0x1, 0xffffffffffffffff) r6 = request_key(&(0x7f0000000680)='pkcs7_test\x00', &(0x7f00000006c0)={'syz', 0x2}, &(0x7f0000000700)='/dev/kvm\x00', 0x0) keyctl$instantiate_iov(0x14, r5, &(0x7f0000000600)=[{&(0x7f0000000440)="a9cf1b7dd09ac79f8a4086c9b8987c07c953d0313cfe73e9928301c7d5a4c67331970a4244d03e976596303e7d4b904382660f9641ad3a818d616eae4dedbfdeb4246d410d6a69b85956ed7473be93a098110bece7dd7b78d109b887ee6a39f60524a37be9622246d3276d5cc56e5ac0a61f2cf179f6ed6ba41b49bb9fe8f34ad5bd5c87952019cef226504c905fcc3113fc8108b9475f7480c776ba38962af0", 0xa0}, {&(0x7f0000000240)="f4bb8c8f0fc5c458ff267ad3c755ba98d37159d0", 0x14}, {&(0x7f0000000280)}, {&(0x7f0000000740)="ae6142a72dd403b90392ecd87ffd1a9f28431d0febd00be8038c3d1f6a3396f8726a1e52f35e348333af70ebe6cb102ed11e6aeed028f0016505e285d559cfb24715dd15d5d5b6d4b8f25700", 0x4c}, {&(0x7f0000000900)="12b55b2bee1be25a08d61cd3dc2dbec7caadbd7e1bc69b9c644a50c0c97263cbfd1784c9c1bc49d84ba627076ab7ebfc22313f53b03844d41db2a991b5e611d05602cd0d4492bf4b82eaf862d313fef0241500beba6c2d0da48d41760d20f0a202f7e19b40d7cda98fe91b8fd9591336eb1a20cf7a0d32d91f2b21d8e7ab40ba38813b0387e2e95759a665115f0530e01f1cf88974a11c8dd9b0e9f72d44d6d360ae712be049b3aee848a6f57a23f134d32f46ca0ceb911210b0b83cedfcf5d69eced29a6549dd5df140488b7e561da7d97ac6", 0xd3}], 0x3, r6) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="080000000f2fd5c7c4554f000000009000"], 0x1}, 0x1, 0x0, 0x0, 0xfffffffffffffffc}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) fcntl$setpipe(r3, 0x407, 0xcb8) 10:23:08 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) [ 446.690975] netlink: 'syz-executor2': attribute type 1 has an invalid length. [ 446.718564] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:08 executing program 4: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0xd7, 0x60}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={r1, 0x401, 0x20}, &(0x7f0000000200)=0xc) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x1000000, @reserved}) 10:23:08 executing program 2 (fault-call:1 fault-nth:0): r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:08 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:08 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 446.887836] FAULT_INJECTION: forcing a failure. [ 446.887836] name failslab, interval 1, probability 0, space 0, times 0 [ 446.906997] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="e03f030003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 446.972863] CPU: 0 PID: 21292 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #384 [ 446.980267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 446.980275] Call Trace: [ 446.980297] dump_stack+0x1d3/0x2c6 [ 446.980320] ? dump_stack_print_info.cold.1+0x20/0x20 [ 446.980348] should_fail.cold.4+0xa/0x17 [ 446.980369] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 446.980386] ? print_usage_bug+0xc0/0xc0 [ 446.980426] ? find_held_lock+0x36/0x1c0 [ 447.018542] ? ___might_sleep+0x1ed/0x300 [ 447.022725] ? arch_local_save_flags+0x40/0x40 [ 447.027327] ? mark_held_locks+0x130/0x130 [ 447.031595] __should_failslab+0x124/0x180 [ 447.035848] should_failslab+0x9/0x14 [ 447.039674] kmem_cache_alloc_node_trace+0x270/0x740 [ 447.044788] ? check_preemption_disabled+0x48/0x280 [ 447.049827] __kmalloc_node+0x3c/0x70 [ 447.053649] kvmalloc_node+0x65/0xf0 [ 447.057487] video_usercopy+0x35c/0x1760 [ 447.061648] ? v4l_s_fmt+0x990/0x990 [ 447.065373] ? _parse_integer+0x180/0x180 [ 447.069535] ? v4l_enumstd+0x70/0x70 10:23:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="00f0ff7f03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 447.073277] ? find_held_lock+0x36/0x1c0 [ 447.077350] ? __fget+0x4aa/0x740 [ 447.077366] ? lock_downgrade+0x900/0x900 [ 447.085032] ? check_preemption_disabled+0x48/0x280 [ 447.090057] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 447.095111] ? kasan_check_read+0x11/0x20 [ 447.099291] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 447.104596] ? rcu_softirq_qs+0x20/0x20 [ 447.108635] ? __fget+0x4d1/0x740 [ 447.112205] ? ksys_dup3+0x680/0x680 [ 447.115969] ? video_usercopy+0x1760/0x1760 [ 447.120319] video_ioctl2+0x2c/0x33 [ 447.123960] v4l2_ioctl+0x154/0x1b0 [ 447.127609] ? video_devdata+0xa0/0xa0 [ 447.131518] do_vfs_ioctl+0x1de/0x1790 [ 447.135441] ? __lock_is_held+0xb5/0x140 [ 447.139532] ? ioctl_preallocate+0x300/0x300 [ 447.143955] ? __fget_light+0x2e9/0x430 [ 447.143972] ? fget_raw+0x20/0x20 [ 447.143991] ? __sb_end_write+0xd9/0x110 [ 447.155458] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 447.160998] ? fput+0x130/0x1a0 [ 447.164289] ? do_syscall_64+0x9a/0x820 [ 447.168290] ? do_syscall_64+0x9a/0x820 [ 447.172280] ? lockdep_hardirqs_on+0x421/0x5c0 [ 447.172297] ? security_file_ioctl+0x94/0xc0 [ 447.172317] ksys_ioctl+0xa9/0xd0 [ 447.184727] __x64_sys_ioctl+0x73/0xb0 [ 447.188651] do_syscall_64+0x1b9/0x820 [ 447.192550] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 447.197938] ? syscall_return_slowpath+0x5e0/0x5e0 [ 447.202880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 447.207726] ? trace_hardirqs_on_caller+0x310/0x310 [ 447.212745] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 447.212763] ? prepare_exit_to_usermode+0x291/0x3b0 [ 447.212784] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 447.212810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 447.232831] RIP: 0033:0x457669 [ 447.236027] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 447.254933] RSP: 002b:00007f8ddede5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 447.262650] RAX: ffffffffffffffda RBX: 00007f8ddede5c90 RCX: 0000000000457669 10:23:09 executing program 0: r0 = request_key(&(0x7f0000000380)='big_key\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f0000000440)='\x00', 0x0) r1 = add_key$keyring(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0x0) keyctl$unlink(0x9, r0, r1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x800, 0x41) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb0, r4, 0x110, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xcb}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffffffffff8}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x21}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x8}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x164}, 0x1, 0x0, 0x0, 0x40000}, 0x40) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000280)) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) set_thread_area(&(0x7f0000000240)={0x3, 0xffffffffffffffff, 0x400, 0xea3, 0x1, 0x5, 0x8000, 0x2, 0x5, 0x1}) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r6, 0xae80, 0x0) 10:23:09 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = gettid() ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=r1) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000240)={0x21, 0x2, 0x98e, 0x106}) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f0000000180)={0x482, 0x4, 0xff, 0x5}) 10:23:09 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="5100000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 447.269924] RDX: 00000000200001c0 RSI: 00000000c0845657 RDI: 0000000000000003 [ 447.277199] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 447.284475] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ddede66d4 [ 447.292110] R13: 00000000004c9f88 R14: 00000000004d3db0 R15: 0000000000000004 10:23:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x1, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req={0x7, 0x10001, 0x7, 0x3}, 0x10) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}) prctl$PR_GET_SECUREBITS(0x1b) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000140)=0x5, 0x4) ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000080)=0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:09 executing program 2 (fault-call:1 fault-nth:1): r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f0000000000)=[@dstype3={0x7, 0xa}, @cr4={0x1, 0x100000}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:09 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x5, 0x109040) getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)=0x0) getresuid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0) r3 = getuid() getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000500)=0xe8) r5 = getgid() lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000600)='./file1\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000006c0)='\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000780)={{}, {0x1, 0x7}, [{0x2, 0x2, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}, {0x2, 0x4, r4}], {0x4, 0x4}, [{0x8, 0x1, r5}, {0x8, 0x2, r6}, {0x8, 0x1, r7}, {0x8, 0x2, r8}], {}, {0x20, 0x2}}, 0x64, 0x1) ioctl$NBD_CLEAR_QUE(r0, 0xab05) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f00000001c0)) r9 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r10 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x200000, 0x0) ioctl$EVIOCGABS0(r10, 0x80184540, &(0x7f0000000800)=""/157) syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x8, 0x1093c0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r9, 0xc0845657, &(0x7f00000000c0)={0x1000000}) umount2(&(0x7f0000000000)='./file0\x00', 0x9) 10:23:09 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="0f00000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:09 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:09 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:09 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="effdffff03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:09 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) [ 447.759544] *** Guest State *** [ 447.779601] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 447.781531] *** Guest State *** [ 447.792206] CR4: actual=0x0000000000102040, shadow=0x0000000000100000, gh_mask=ffffffffffffe871 10:23:09 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_CREATE_OPEN(r0, &(0x7f0000000280)={0xa0, 0x0, 0x5, {{0x3, 0x0, 0x5, 0x80, 0x2, 0xfffffffffffffffc, {0x4, 0xd49, 0x80, 0x3, 0x3ff, 0xffffffffffffff7f, 0x2, 0x1, 0x401, 0x1000, 0x800, r1, r2, 0x0, 0x8}}, {0x0, 0x2}}}, 0xa0) [ 447.822518] CR3 = 0x0000000000000000 [ 447.830850] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 447.844211] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 447.861928] RFLAGS=0x00000002 DR7 = 0x0000000000000400 10:23:09 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="c000000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:09 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) [ 447.881183] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 447.903145] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 447.914375] CR3 = 0x0000000000000000 [ 447.929198] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 447.939253] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 447.959535] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 447.966015] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 447.974642] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 447.983054] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 447.993759] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.003464] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.012047] ES: sel=0x002b, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 448.020718] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.030053] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.039303] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 448.047482] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.056707] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.065287] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.077352] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 448.085866] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 448.095449] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 448.103970] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 448.112700] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 448.121150] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 448.129634] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 448.137669] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 448.137682] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 448.146108] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 448.159143] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 448.165541] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 448.166847] Interruptibility = 00000000 ActivityState = 00000000 [ 448.175563] Interruptibility = 00000000 ActivityState = 00000000 [ 448.180849] *** Host State *** [ 448.186745] *** Host State *** [ 448.190315] RIP = 0xffffffff81223c27 RSP = 0xffff88817c8e7350 [ 448.193456] RIP = 0xffffffff81223c27 RSP = 0xffff8881b377f350 [ 448.199836] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 448.205298] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 448.205312] FSBase=00007f5bb4358700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 448.205325] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 448.205342] CR0=0000000080050033 CR3=00000001cd4a0000 CR4=00000000001426f0 [ 448.205359] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 448.211878] FSBase=00007f8a16eff700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 448.211890] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 448.211905] CR0=0000000080050033 CR3=00000001c39af000 CR4=00000000001426e0 [ 448.211920] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 448.211933] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 448.211937] *** Control State *** [ 448.211947] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 448.211955] EntryControls=0000d1ff ExitControls=002fefff [ 448.211973] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 448.218964] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 448.226672] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.232428] *** Control State *** [ 448.239521] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 448.246181] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 448.254060] reason=80000021 qualification=0000000000000000 [ 448.259959] EntryControls=0000d1ff ExitControls=002fefff [ 448.267170] IDTVectoring: info=00000000 errcode=00000000 [ 448.274776] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 448.279999] TSC Offset = 0xffffff0e1fba8493 [ 448.283452] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.290601] EPT pointer = 0x00000001b9bbc01e [ 448.296098] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 448.316321] reason=80000021 qualification=0000000000000000 [ 448.325877] IDTVectoring: info=00000000 errcode=00000000 [ 448.325886] TSC Offset = 0xffffff0e1d26900b [ 448.325896] EPT pointer = 0x00000001b9a8e01e [ 448.399308] *** Guest State *** [ 448.403086] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 448.412953] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 448.422169] CR3 = 0x0000000000000000 [ 448.425877] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 448.431927] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 448.437909] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 448.444652] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 448.452688] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.452707] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.452726] ES: sel=0x002b, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 448.452744] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 10:23:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@textreal={0x8, &(0x7f0000000080)="ba4000b000eebaf80c66b8f2c3e48166efbafc0cb8a6caef0f992c66b96108000066b80080000066ba000000000f3066b9800000c00f326635004000000f300f94f60f01c966b91d0300000f320f16e40f30"}], 0x1, 0x0, &(0x7f0000000000), 0x269) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:10 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5460, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:10 executing program 4: syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:10 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="c00e000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 448.469069] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 448.469086] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 448.502288] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 448.557199] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 448.569198] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 448.577363] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 448.599173] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 448.619961] Interruptibility = 00000000 ActivityState = 00000000 [ 448.626326] *** Host State *** [ 448.641171] RIP = 0xffffffff81223c27 RSP = 0xffff88817be67350 [ 448.647391] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 448.662994] FSBase=00007f8a16ebd700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 448.671814] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 448.677822] CR0=0000000080050033 CR3=00000001c39af000 CR4=00000000001426e0 [ 448.686995] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 448.694032] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 448.700535] *** Control State *** [ 448.704103] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 448.711179] EntryControls=0000d1ff ExitControls=002fefff 10:23:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="88ab0c0f65e022"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:10 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:10 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0045878, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:10 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c01002003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:10 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000000)={0x0, @bt={0x100000001, 0x1000, 0x1, 0x1, 0xca, 0x3, 0x3, 0x7, 0x7, 0x800, 0x2f81c5ad, 0xfffffffffffffffc, 0x6, 0x9, 0x3, 0x20}}) 10:23:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="844f572e88a7086c7f22280ce0ef2dff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0xffffffffffffffe8, 0x100}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x400000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000140)={0xff, 0x8, 0x839}) [ 448.716776] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 448.724156] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 448.730948] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 448.737558] reason=80000021 qualification=0000000000000000 [ 448.737567] IDTVectoring: info=00000000 errcode=00000000 [ 448.737574] TSC Offset = 0xffffff0e1fba8493 [ 448.737590] EPT pointer = 0x00000001b9bbc01e 10:23:10 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:10 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x2, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:10 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c04000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:10 executing program 4: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x80, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100), 0x10) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000080)=0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r2) 10:23:10 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0585609, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:10 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d2416fdbf25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:11 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c08000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:11 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) prctl$PR_SET_THP_DISABLE(0x29, 0x1) setxattr$trusted_overlay_opaque(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.opaque\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2) 10:23:11 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:11 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0205647, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000000080)=""/241, &(0x7f0000000000)=0xf1) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:11 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc058565d, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:11 executing program 4: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f0000000180)=0xfffffffffffffff8) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) set_mempolicy(0x4000, &(0x7f0000000000)=0x1, 0x1f) 10:23:11 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00030003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:11 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:11 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc058560f, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:11 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c007a0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000), 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:11 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:11 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000300)={0x8000000000000002, 0x3, 0xc6c}) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000180)="6505494383aef3537b6c92f8f8682e5e9f42b0ee3c1694f884f1a96115b208138561a40e2f172fcc9600bc688e0286b66ca135038872404bd44dd18e4d0a82d5f0f8b99d0f3861c76355adfc9bf266878d9bbad2a9378ae97100cfc011e6e44464a777363d47ded98debd1849eebebfe999b7c730e4ce758b1a0579f3664319c906303c80923c6debd6b351847e476b8d91d76f0dc9a5506fdff0b2484c01c71a4457f6247b1cbf37ec6decb019d85a2f2d5f3639215379d8a14c2e5f3e0f656819426b5f9c8866669195d97f22fc995c2c2a47c3862dbd64aded769d0f817716a510cd4ba6cb87bf4268a0422b60646655ba58407865ef1b4a46da53e981f09") r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_SIOCGSKNS(r2, 0x894c, &(0x7f0000000280)) ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f00000002c0)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:11 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c006c0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:11 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x2082, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9c002000", @ANYRES16=r3, @ANYBLOB="020026bd7000fddbdf250200000008000400070000004800020014000100e0000002000000000000000000000000080002004e210000080002004e210000080009000400000008000800ff0f000008000900ff7f000008000500a6000000080005000700000028000200080002004e23000008000900080000001400010000000000000000000000ffff000000000800060009000000"], 0x9c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008010) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ff0000000000000000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:23:12 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5452, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:12 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) socket$rds(0x15, 0x5, 0x0) 10:23:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00070003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="882d3116fdff2591152b5ffd7b4751dda0bd"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = add_key(&(0x7f0000000200)='blacklist\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)="a915ddd08b2ac29f9ad6dfb06112231431fb9eb239906c1857e9ac57754cfca53e9d8dd07d75c5ae7cd6be32baef9b0874801e29c517b8233f084b47a16875f130f6dcd0196384b3481586f2d15fe7458b319ec85f39d21fd82229370dbcb358ac2eb36049bf9804f1e788c59f3adc6fe992da7e78de45bee8958fd8967353b32046682ac3e72ab40ca3fb44d7f489d3fa47ba871a370ba3e5c9cff82064e613a6e7a46ce0a9d865c3ad09cc2dc4b5035d7a2b1da0e20df7e3624690b3b74d74f5b7b85a54", 0xc5, r3) 10:23:12 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:12 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5421, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:12 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:12 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x210140, 0x0) ioctl$BLKRRPART(r0, 0x125f, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000009060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:12 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0285629, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:12 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) [ 450.484853] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000600)='/dev/input/mouse#\x00', 0xc3f, 0x20041) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000640)="27f16c3ec98caf1dc63ed56883019b3299490880c644c3b7d09727326730682ea72307acbf726bc1a1e62f6733f29e8f9954e2da1059622698e877e9bc95ae39dcee78a284bbba874e768691cba10911a667a5a0a764f85aaf187fa08e1bed355826fa9c8884414ecd477c37707d8d28245fcfef9516", 0x76) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x2, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:23:12 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5450, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:12 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) bind$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x0, {0x4e24, 0x1}}, 0x10) 10:23:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c6c000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:12 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) [ 450.744509] *** Guest State *** [ 450.747837] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 450.811975] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 450.839438] CR3 = 0x0000000000000000 [ 450.843281] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 450.856722] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 450.866408] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 450.884734] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 450.892950] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 450.901142] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 450.909418] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 450.917547] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 450.925753] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 450.934287] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 450.942506] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 450.950729] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 450.958911] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 450.967016] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 450.973727] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 450.981408] Interruptibility = 00000000 ActivityState = 00000000 [ 450.987759] *** Host State *** [ 450.991162] RIP = 0xffffffff81223c27 RSP = 0xffff8881895e7350 [ 450.997475] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 451.004079] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000 [ 451.012017] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 451.017957] CR0=0000000080050033 CR3=00000001d9063000 CR4=00000000001426e0 [ 451.025047] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360 [ 451.032050] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 451.038133] *** Control State *** [ 451.041741] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 451.048424] EntryControls=0000d1ff ExitControls=002fefff [ 451.048440] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 10:23:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e21, @remote}, @in={0x2, 0x4e22, @empty}, @in6={0xa, 0x4e20, 0x3, @local}, @in6={0xa, 0x4e21, 0x7f, @mcast2, 0x3}], 0x68) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) getresuid(&(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000100)) fsetxattr$security_capability(r0, &(0x7f0000000000)='security.capability\x00', &(0x7f0000000140)=@v3={0x3000000, [{0x5, 0x6}, {0x8, 0x2}], r3}, 0x18, 0x2) ioctl$DRM_IOCTL_MARK_BUFS(r2, 0x40206417, &(0x7f0000000180)={0x2, 0x9, 0x100, 0xe5, 0x1, 0x7}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:12 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5451, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00f00003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:12 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet6_buf(r0, 0x29, 0x2e, &(0x7f0000000040)=""/32, &(0x7f0000000080)=0x20) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f00000001c0)={'veth0_to_bond\x00', {0x2, 0x4e23, @multicast2}}) 10:23:12 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 451.048455] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 451.048468] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 451.062638] reason=80000021 qualification=0000000000000000 [ 451.080772] IDTVectoring: info=00000000 errcode=00000000 [ 451.086219] TSC Offset = 0xffffff0c85db7f99 [ 451.086232] EPT pointer = 0x00000001bb4e301e 10:23:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="050000000000000800"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:12 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c02000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:13 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:13 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0585611, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:13 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) 10:23:13 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00740003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00007eaf0efe3d"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:13 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0189436, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:13 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:13 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00680003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r2, @ANYBLOB="00022cbd7000fbdbdf250c0000001c000200080002004e230000080009000400000008000900040000002800020014000100fe8000000000000000000000000000bb08000b00020011000800030004000000400002000800060008000f0008000b00000000001400010000000000000000000000000000000000080008008100000008000500100c000008000b000a0000001c00010008000900430000000800020000000000080006006e710000080006000100000008000400000000002f3ca35233db7c99edc716cf4d65efab4941bc84c06370b8a3ac209144e5318b8f895d4f36d3f72d0804b92a2dee865dc405f03de4eb05fb919a1480"], 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000280)={r5, 0x6}, 0x8) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:23:13 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:13 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000140)=0x54) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x250800, 0x0) ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f0000000180)={0x0, 0x0, {0x0, 0x100000001, 0x1, 0x4, 0x5, 0x3, 0x1, 0x7}}) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) init_module(&(0x7f0000000200)='(/]/.#.keyringppp1\x00', 0x13, &(0x7f0000000240)='wlan0usermime_type%wlan0\x00') 10:23:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00050003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:13 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845667, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:13 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000e060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:13 executing program 0: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0xedf3db00d24f351a) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x24) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) dup(r3) 10:23:13 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x4020940d, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:13 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c68000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:14 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x7, 0x3, @start={0x5, 0x1}}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x1000002, @reserved}) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000180)={0x990000, 0x0, 0x8, [], &(0x7f0000000080)={0x0, 0xd54, [], @p_u16=&(0x7f0000000000)=0x8}}) [ 452.183909] *** Guest State *** [ 452.187226] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 452.296285] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 452.347983] CR3 = 0x0000000000000000 [ 452.370972] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 452.398838] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 452.404944] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 452.438898] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 452.466373] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.488950] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.508921] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 452.522736] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.545771] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.578642] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 452.598822] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 452.606850] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 452.622294] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 452.641121] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 452.655804] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 452.663723] Interruptibility = 00000000 ActivityState = 00000000 [ 452.670454] *** Host State *** [ 452.673764] RIP = 0xffffffff81223c27 RSP = 0xffff8881895e7350 [ 452.680107] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 452.686645] FSBase=00007f5bb4337700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 452.694832] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 452.702021] CR0=0000000080050033 CR3=00000001cb864000 CR4=00000000001426f0 [ 452.709411] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 452.716211] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 452.722616] *** Control State *** [ 452.726190] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 452.733209] EntryControls=0000d1ff ExitControls=002fefff [ 452.739016] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 452.746044] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 452.753179] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 452.760081] reason=80000021 qualification=0000000000000000 [ 452.766509] IDTVectoring: info=00000000 errcode=00000000 [ 452.772288] TSC Offset = 0xffffff0bc2d5cd94 [ 452.776720] EPT pointer = 0x00000001b00f501e [ 452.798461] *** Guest State *** [ 452.802926] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 452.811958] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 452.820849] CR3 = 0x0000000000000000 [ 452.824565] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 452.831337] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 452.837305] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 452.844030] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 452.852130] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.860218] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.868186] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 452.876203] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.884212] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 452.892229] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 452.900232] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 452.908186] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 452.916218] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 452.924260] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 452.930724] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 452.938173] Interruptibility = 00000000 ActivityState = 00000000 [ 452.944442] *** Host State *** [ 452.947644] RIP = 0xffffffff81223c27 RSP = 0xffff8881b379f350 [ 452.953688] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 452.960780] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 452.968653] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 452.974746] CR0=0000000080050033 CR3=00000001cb864000 CR4=00000000001426e0 [ 452.982451] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 452.989341] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 452.995549] *** Control State *** [ 452.999086] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 453.005749] EntryControls=0000d1ff ExitControls=002fefff [ 453.011956] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 453.018965] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.025631] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 453.032254] reason=80000021 qualification=0000000000000000 [ 453.038594] IDTVectoring: info=00000000 errcode=00000000 [ 453.044163] TSC Offset = 0xffffff0b65a9162a 10:23:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25f8ff"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:14 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0285628, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:14 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c4c000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:14 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:14 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)) 10:23:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x7) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x2, 0x2) ioctl$DRM_IOCTL_GET_MAGIC(r3, 0x80046402, &(0x7f00000000c0)=0x3) [ 453.048497] EPT pointer = 0x00000001bc8ac01e 10:23:14 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:14 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0205649, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:14 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c10000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:14 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x0, 0x0) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000180)={0x6, 0x2}) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) [ 453.202860] *** Guest State *** 10:23:15 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) [ 453.230551] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 453.280050] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 10:23:15 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x40049409, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) [ 453.334168] CR3 = 0x0000000000000000 [ 453.355433] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 453.384724] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 453.404734] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 453.411793] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 453.421677] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.431286] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.453909] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 453.479899] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.504218] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.517229] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 453.525455] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 453.533606] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 453.542075] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 453.550519] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 453.556987] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 453.564545] Interruptibility = 00000000 ActivityState = 00000000 [ 453.570828] *** Host State *** [ 453.574025] RIP = 0xffffffff81223c27 RSP = 0xffff888181967350 [ 453.580064] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 453.586470] FSBase=00007f5bb4358700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 453.594373] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 453.601054] CR0=0000000080050033 CR3=00000001c409b000 CR4=00000000001426e0 [ 453.608065] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 453.614798] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 453.620916] *** Control State *** [ 453.624384] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 453.631383] EntryControls=0000d1ff ExitControls=002fefff [ 453.636842] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 453.643845] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.650584] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 453.657236] reason=80000021 qualification=0000000000000000 [ 453.663621] IDTVectoring: info=00000000 errcode=00000000 [ 453.669118] TSC Offset = 0xffffff0b34b9d462 [ 453.673436] EPT pointer = 0x00000001d31d901e [ 453.719225] *** Guest State *** [ 453.722647] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 453.731762] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 453.741091] CR3 = 0x0000000000000000 [ 453.744824] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 453.750901] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 453.756884] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 453.763610] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 453.771624] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.779645] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.787623] ES: sel=0x002b, attr=0x000ff, limit=0x0000ffff, base=0x0000000000000000 [ 453.795736] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.803829] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 453.812489] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 453.820545] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 453.828518] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 453.836625] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 453.844622] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 453.851107] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 453.858613] Interruptibility = 00000000 ActivityState = 00000000 [ 453.864887] *** Host State *** [ 453.868088] RIP = 0xffffffff81223c27 RSP = 0xffff8881b3647350 [ 453.874198] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 453.880663] FSBase=00007f5bb4316700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 453.888472] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 453.894412] CR0=0000000080050033 CR3=00000001c409b000 CR4=00000000001426e0 [ 453.901489] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 453.908157] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 453.914269] *** Control State *** [ 453.917720] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 453.924428] EntryControls=0000d1ff ExitControls=002fefff [ 453.930749] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 453.937711] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 453.944478] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 453.951144] reason=80000021 qualification=0000000000000000 [ 453.957469] IDTVectoring: info=00000000 errcode=00000000 [ 453.962969] TSC Offset = 0xffffff0b34b9d462 10:23:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="a882cf50d1"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:15 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c05000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:15 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:15 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0045878, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:15 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, r0, 0x0, 0x7, &(0x7f0000000000)='%:em0:\x00', 0xffffffffffffffff}, 0x30) getpgrp(0x0) openat$vicodec0(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/video36\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000200)) setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000280)=0x5, 0x4) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000240)=0x0) r3 = getpgid(r2) perf_event_open(&(0x7f0000000180)={0x4, 0x70, 0x3, 0x0, 0x11, 0x20000000, 0x0, 0x401, 0x10000, 0x0, 0x81, 0x2, 0xffffffff00000000, 0x8, 0x10000, 0x2, 0x9, 0x6f, 0xdf, 0xcd7f, 0x3, 0x6, 0x800, 0x87f, 0x3, 0x4, 0x1100000000000000, 0x200, 0x2, 0x9, 0x3, 0x8000, 0x3ff, 0x1, 0x80000001, 0x8, 0x8, 0x4, 0x0, 0xe0, 0x6, @perf_config_ext={0x6, 0x8}, 0x30, 0x5, 0x7f, 0xd, 0x1, 0x8, 0x2}, r3, 0xb, r0, 0x2) 10:23:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x100) sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYRES32=r0], 0x1}}, 0x44000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 453.967312] EPT pointer = 0x00000001d31d901e 10:23:15 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c74000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:15 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc020660b, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd}}) 10:23:15 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x9, 0x82000) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:15 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:15 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x870, @bt={0xfffffffffffffffd}}) 10:23:15 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000a060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 454.266273] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r2 = add_key(&(0x7f0000000100)='.dead\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="ee9c1c5ee6be6d4e1e6621e96701b42f673dd2fd2c4ace025b24c607c428779ebd194f8869e15c66231d2fcfb0de69c72c46076008df9b9c505e11698cae11ae82086bb8ad4ed6d2eeb6059003272eaf7973deabf527565cc408e57b8acdf4244d9b26c7abbfa8f49a1d3ee8e55b89920599ea24c0385db715504e01ffa8498e3a26292fd2f21d8599a3ac6d0bafda4d7f8c5a8ab23807145452a118", 0x9c, 0xfffffffffffffffd) r3 = add_key(&(0x7f00000002c0)='rxrpc\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0), 0x0, 0xffffffffffffffff) keyctl$search(0xa, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000280)={'syz', 0x3}, r3) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000005b59557daf064c4317fd5db7a449350f878d8cf1b28de4029472c5a54a1ec3113e9843596a1f369df68a7bf82df109b11f674a3f1f1b092bdb81d255f63a1ce10e468f6436ab29a950b7ae95e14eab4b095f96329eb35c6b14d0191745e9a11ff58a1496eb69065f4042975738174"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000000)={r0, 0x0, 0x5, 0xffffffff, 0x61a}) 10:23:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:16 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0xfffffffd, @bt={0xfffffffffffffffd}}) 10:23:16 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) sendfile(r0, r0, 0x0, 0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x0, @reserved}) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000080)=0x49, 0x4) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@int=0x5, 0x4) ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)=0x1) 10:23:16 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c60000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x6, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff259f2638e8432e0d0600dafb0d8edaefcac8be8774dda4b52103c93bc36f6b1d8653e4740a7b0353f18d3eaf30f2a31b434e508a1c680ced133fe794b1cacc945d8b8e43b2cdfc13af32db918b6264d7b296c9f6c622fcd5970df71b2c26e81aeb686da32f42363ff830f11688a741ba6e4de26b8c0fecf769597ecebe5da36446b24ea611cf08004f"], 0x1}}, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f0000000140), 0x912781f6ccaf4bb) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1f, 0x4, 0xfffffffffffff866}) 10:23:16 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x3, 0x2, 0x3, 0x8}) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20020}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="e4010000", @ANYRES16=r1, @ANYBLOB="21002abd7000fddbdf2504000000c4000100100001007564703a73797a3200000000100001006574683a697036746e6c30000800030007000000540002000800010004000000080003000600000008000300070000000800040062b30000080001001f00000008000200ff07000008000300d603000008000200010400000800010012000000080003000400000008000300ff07000008000300ff0100001c0002000800030007000000080003003f000000080001001c000000100001007564703a73797a310000000008000300010400003400050014000200080003000004000008000400008000000800010075647000140600000800030030430000080003008e0000008c00050054000200080003000600000008000300060000000800040000000000080001000b000000080002009c000000080002000100010008000100030000000800040001800000080003000500000008000300070000000c00020008000200030000000c000200080001000000000008000100657468000c00020008000100100000000800010065746800100007000c000300ff0f0000000000003c00090008000200ffffff7f08000200ffff000008000100000000000800020040000000080002007f00000008000200ff0300000800020004000000"], 0x1e4}, 0x1, 0x0, 0x0, 0x40}, 0x80) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x10000, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x2, @bt={0x6, 0x8, 0x30035e1a32825ffe, 0x0, 0x400, 0x8000, 0x3, 0x3, 0xfffffffffffffc00, 0xffff, 0x5, 0xa212, 0x4, 0xfff, 0x10}}) getuid() 10:23:16 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x7008000000000000, @bt={0xfffffffffffffffd}}) 10:23:16 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c003f0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:16 executing program 1 (fault-call:1 fault-nth:0): r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)) 10:23:16 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2cf0000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:16 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)) fallocate(r0, 0x40, 0x10001ff, 0x4) [ 454.859923] FAULT_INJECTION: forcing a failure. [ 454.859923] name failslab, interval 1, probability 0, space 0, times 0 10:23:16 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x100000000000000, @bt={0xfffffffffffffffd}}) 10:23:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) [ 454.972221] CPU: 0 PID: 21760 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #384 [ 454.979716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 454.989080] Call Trace: [ 454.991776] dump_stack+0x1d3/0x2c6 [ 454.995435] ? dump_stack_print_info.cold.1+0x20/0x20 [ 455.000659] should_fail.cold.4+0xa/0x17 [ 455.004752] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 455.009881] ? print_usage_bug+0xc0/0xc0 [ 455.013986] ? find_held_lock+0x36/0x1c0 [ 455.018083] ? ___might_sleep+0x1ed/0x300 [ 455.022251] ? arch_local_save_flags+0x40/0x40 [ 455.026844] ? mark_held_locks+0x130/0x130 [ 455.031093] __should_failslab+0x124/0x180 [ 455.035347] should_failslab+0x9/0x14 [ 455.039164] kmem_cache_alloc_node_trace+0x270/0x740 [ 455.044283] ? check_preemption_disabled+0x48/0x280 [ 455.049334] __kmalloc_node+0x3c/0x70 [ 455.053146] kvmalloc_node+0x65/0xf0 [ 455.056876] video_usercopy+0x35c/0x1760 [ 455.061066] ? v4l_s_fmt+0x990/0x990 [ 455.064799] ? _parse_integer+0x180/0x180 [ 455.069056] ? v4l_enumstd+0x70/0x70 [ 455.072797] ? find_held_lock+0x36/0x1c0 [ 455.076968] ? __fget+0x4aa/0x740 [ 455.080459] ? lock_downgrade+0x900/0x900 [ 455.084630] ? check_preemption_disabled+0x48/0x280 [ 455.089789] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 455.094728] ? kasan_check_read+0x11/0x20 [ 455.098888] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 455.104174] ? rcu_softirq_qs+0x20/0x20 [ 455.108181] ? __fget+0x4d1/0x740 [ 455.111669] ? ksys_dup3+0x680/0x680 [ 455.115412] ? video_usercopy+0x1760/0x1760 [ 455.119746] video_ioctl2+0x2c/0x33 [ 455.123399] v4l2_ioctl+0x154/0x1b0 [ 455.127030] ? video_devdata+0xa0/0xa0 [ 455.130909] do_vfs_ioctl+0x1de/0x1790 [ 455.134785] ? __lock_is_held+0xb5/0x140 [ 455.138840] ? ioctl_preallocate+0x300/0x300 [ 455.143237] ? __fget_light+0x2e9/0x430 [ 455.147212] ? fget_raw+0x20/0x20 [ 455.150658] ? __sb_end_write+0xd9/0x110 [ 455.154713] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 455.160238] ? fput+0x130/0x1a0 [ 455.163510] ? do_syscall_64+0x9a/0x820 [ 455.167478] ? do_syscall_64+0x9a/0x820 [ 455.171444] ? lockdep_hardirqs_on+0x421/0x5c0 [ 455.176020] ? security_file_ioctl+0x94/0xc0 [ 455.180420] ksys_ioctl+0xa9/0xd0 [ 455.183984] __x64_sys_ioctl+0x73/0xb0 [ 455.187875] do_syscall_64+0x1b9/0x820 [ 455.191776] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 455.197135] ? syscall_return_slowpath+0x5e0/0x5e0 [ 455.202051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 455.206888] ? trace_hardirqs_on_caller+0x310/0x310 [ 455.211981] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 455.216992] ? prepare_exit_to_usermode+0x291/0x3b0 [ 455.222198] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 455.227042] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 455.232223] RIP: 0033:0x457669 [ 455.235409] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.254325] RSP: 002b:00007f5bb4357c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 455.262020] RAX: ffffffffffffffda RBX: 00007f5bb4357c90 RCX: 0000000000457669 10:23:16 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x7, 0xd0fb, 0x1, 0x2, 0xffff, 0x5, 0xffffffffffffffc1, 0x8, 0x7, 0x6, 0x101, 0x6, 0xc252, 0x5, 0x17, 0x15}}) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x198, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x239a}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffff}]}, @TIPC_NLA_MEDIA={0x50, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_BEARER={0x80, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @multicast1}}, {0x14, 0x2, @in={0x2, 0x4e20, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffffe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x6c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x81}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8d2f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x100}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xe1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1000}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x10}, 0x850) getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000080)=0x4) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x20000001000000}) 10:23:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) [ 455.269290] RDX: 00000000200000c0 RSI: 00000000c0845657 RDI: 0000000000000003 [ 455.276551] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 455.283810] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5bb43586d4 [ 455.291553] R13: 00000000004c9f88 R14: 00000000004d3db0 R15: 0000000000000004 10:23:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = semget(0x1, 0x4, 0x408) semctl$IPC_INFO(r3, 0x2, 0x3, &(0x7f0000000000)=""/17) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x9, 0x4800) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000005c0)={0x8001008, 0x7fff, 0x3}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000000)=""/28, 0x1c}, {&(0x7f0000000080)}, {&(0x7f0000000200)=""/242, 0xf2}, {&(0x7f0000000300)=""/234, 0xea}], 0x4, &(0x7f0000000440)=""/143, 0x8f}, 0x100) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x8) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000540)={0x6, 0xe, 0x4, 0x8, {0x77359400}, {0x1, 0x8, 0xffffffff, 0x64, 0x6, 0x46, "be24900a"}, 0x2c, 0x2, @offset=0x1ff, 0x4}) 10:23:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000063060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x200000000000000, @bt={0xfffffffffffffffd}}) 10:23:17 executing program 1 (fault-call:1 fault-nth:1): r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)) 10:23:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x7008, @bt={0xfffffffffffffffd}}) 10:23:17 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x102, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c07000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:17 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)) 10:23:17 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, 0xfffffffffffffffe) rseq(&(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2, 0x4, 0x81, 0x7}, 0x1}, 0x20, 0x0, 0x0) 10:23:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x600000, 0x0) ioctl$EVIOCGID(r2, 0x80084502, &(0x7f0000003600)=""/4096) recvmmsg(0xffffffffffffffff, &(0x7f0000003440)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/223, 0xdf}, {&(0x7f00000001c0)=""/9, 0x9}, {&(0x7f0000000200)=""/39, 0x27}, {&(0x7f0000000240)=""/64, 0x40}], 0x4, &(0x7f0000000380)=""/83, 0x53}, 0x81}, {{&(0x7f0000000440)=@can={0x1d, 0x0}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000004c0)=""/228, 0xe4}], 0x1, &(0x7f0000000600)}, 0x10001}, {{&(0x7f0000000640)=@ax25, 0x80, &(0x7f0000000b00)=[{&(0x7f00000006c0)=""/16, 0x10}, {&(0x7f0000000700)=""/241, 0xf1}, {&(0x7f0000000800)=""/77, 0x4d}, {&(0x7f0000000900)=""/130, 0x82}, {&(0x7f00000009c0)=""/42, 0x2a}, {&(0x7f0000000a00)=""/254, 0xfe}], 0x6, &(0x7f0000000b80)=""/103, 0x67}, 0x80000000}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000c00)=""/132, 0x84}, {&(0x7f0000000cc0)}, {&(0x7f0000000d00)=""/119, 0x77}, {&(0x7f0000000d80)=""/126, 0x7e}, {&(0x7f0000000e00)=""/192, 0xc0}, {&(0x7f0000000ec0)=""/205, 0xcd}, {&(0x7f0000000fc0)=""/226, 0xe2}], 0x7}, 0x100000000}, {{&(0x7f0000001140)=@nfc, 0x80, &(0x7f00000033c0)=[{&(0x7f00000011c0)=""/152, 0x98}, {&(0x7f0000001280)=""/77, 0x4d}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/98, 0x62}, {&(0x7f0000002380)=""/4096, 0x1000}, {&(0x7f0000003380)=""/34, 0x22}], 0x6}, 0x7ff}], 0x5, 0x0, 0x0) r4 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000003580), 0x80800) bind$xdp(r2, &(0x7f00000035c0)={0x2c, 0x7, r3, 0x6, r4}, 0x10) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0xae) write$nbd(r0, &(0x7f0000000000)={0x67446698, 0x1, 0x1, 0x4, 0x4, "0749ba59b58c818a05b9918e9b066796f6e73274c7c8c67df0ee19dbeb16f19a0613b9ce7c72"}, 0x36) r6 = request_key(&(0x7f0000000600)='big_key\x00', &(0x7f0000000cc0)={'syz', 0x1}, &(0x7f0000004600)='/dev/kvm\x00', 0x0) keyctl$restrict_keyring(0x1d, r6, 0x0, &(0x7f0000004640)='\x00') sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r5, 0xae80, 0x0) 10:23:17 executing program 4: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x8000, 0x0) mq_notify(r0, &(0x7f0000000940)={0x0, 0x40, 0x2, @thr={&(0x7f00000007c0)="868c80924cbcc4f9b862d6d8b409672878c6232ec0250f627d04dca2bfea6a73db577b9377d206942cfd8f0d1f28a84ef1abefb98cdb3524555f7faa7dd04dcca2f53a7416d63ffe2680739fbe771cc4bc2a9af4ba58abf3", &(0x7f0000000840)="c6481117f56184edad3c9869aa10bccfe49e20f55f9b479799ed5e2f9c751dd1c53a029ab05d7ad2788fc47dc3d86e59504a346f8c3c6082f9f568f2ab22ce9ed04e3dce1bcc6e3881631f3b94afff632a68396b726e0626d99dd2b3ec53e7120a1f9879c2cb826a3524ea3ace38e424486686a0b69f16bbcf5a8870339f1e477ad994afefafcb187a25d9be4852f7efe203b61c9e86f447908c950077ce052d48cea90f0fc296e38a72c35cb9e9a594a5bdb73dbb322d38bf5ef61352f7ae0519de691ce3776bb800d7"}}) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e22, @loopback}}}, &(0x7f0000000080)=0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000700000004000000a8040000400100004001000080020000c0030000c0030000c003000004000000", @ANYPTR=&(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001de44e00000000000000"], @ANYBLOB="e0000001ac141417ffffffff00000000aaaaaaaaaabb00000000000000000000000000000000000000ff00ffe7ff000000000000000000008dfdf5a24206000000000000000000000000000000000000ff00ffffff0000000000000000000000000700000001ffff0003000079616d300000000000000000000000006970366772653000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000800000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaaaaaaaaaa000000000000000000000000000000000000000000000000000000009794ac14141a0f00000001000000e0000001e000000200000000ffffffff000000000000000000000000000000000000000000000000ffffffff00ff0000000000000000000000000000000000000000000000000000000000000000000000ffffffffff0000000000000000000000040005ffff000500020007697064647030000000000000000000006272696467653000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000200000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414aae00000020f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414100000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x4f8) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000240)={r1, 0x200}, 0x8) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x2, @bt={0xfffffffffffffffd}}) 10:23:17 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x4020940d, &(0x7f00000000c0)) 10:23:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c06000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:17 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:17 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0xfdffffff00000000, @bt={0xfffffffffffffffd}}) 10:23:17 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0189436, &(0x7f00000000c0)) 10:23:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0f000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:17 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000200)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000100), 0x3) r1 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000240)={0x0, 0x5, 0xc9eb}) r2 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EDID(r1, 0xc0285629, &(0x7f00000002c0)={0x0, 0x6, 0x5, [], &(0x7f0000000000)=0xec}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000000c0)={0x1000000}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x0, 0x1, 0x1, 0x2, 0x40, 0x4, 0x80000000, 0x5b, 0x7, 0xf901, 0x100, 0x1, 0x6, 0x8, 0x7, 0x20}}) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5451, &(0x7f00000000c0)) 10:23:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2aba, 0x2000) setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f0000000080)=0x9c7, 0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x70080000, @bt={0xfffffffffffffffd}}) 10:23:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c48000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) write$P9_RCLUNK(r0, &(0x7f0000000000)={0x7, 0x79, 0x1}, 0x7) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5460, &(0x7f00000000c0)) 10:23:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x40049409, &(0x7f00000000c0)) 10:23:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0xfdffffff, @bt={0xfffffffffffffffd}}) 10:23:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2cfd030003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:18 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @reserved}) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@int=0x4, 0x4) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={r0, 0x2, 0x1, 0x91, &(0x7f0000000000)=[0x0, 0x0], 0x2}, 0x20) 10:23:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="11ac405db63adccc320cc7a7a4432ab54c0e2ce691bd045d04220323f32fb4dd2710e1f12e736b477345a9f804be49dcb90200edd40e1aa863024eb8000000000000000000000000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0205647, &(0x7f00000000c0)) 10:23:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x1000000, @bt={0xfffffffffffffffd}}) 10:23:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c7a000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:18 executing program 4: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x16) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:18 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc058560f, &(0x7f00000000c0)) 10:23:18 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00480003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:18 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x2000000, @bt={0xfffffffffffffffd}}) 10:23:18 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xf7, 0x10000) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000180)={0x7, 0x0, [{0x80000000, 0xffffffffffffff81, 0x2, 0x2, 0x800}, {0xc0000001, 0x9, 0x3f, 0x3, 0x2}, {0xa, 0xfa9, 0xb1e7, 0x9, 0x4f}, {0xc0000001, 0x8000, 0xffffffff00000001, 0xfffffffffffffffc, 0x7}, {0x40000007, 0x2, 0x4, 0x0, 0x10001}, {0xc0000009, 0x16fc, 0x0, 0x100000001, 0x4}, {0x0, 0x7, 0x5, 0x7fff, 0xfff}]}) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:18 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5421, &(0x7f00000000c0)) 10:23:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1) 10:23:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0xfffffffd}}) 10:23:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000000)=""/22) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000051060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:19 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0585609, &(0x7f00000000c0)) 10:23:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x2}}) 10:23:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c03000003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:19 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000180)={'security\x00', 0xf7, "0dab2b07ba26e7e637de20bdd8700138a231bf2662a681ff866ec7beb9974964f136d336f6dd896c794a3bbfab1e5388a390a1989f463c64cf61629c5f04efa9e9a3d779c8ab058b642da6da5f984c84b6924fd583ca0e71b574dba4a20a6bd74b0ace663e0dc17b99ef34ee97fa7f51728c0e359382d1b824683a77ef2dfbfc771453d0adbf0c4b131f652787e6bf347160fa4e5c304b21d331ddd561b1ce3acca753af8b65f00b3030587803749b5d37e802a8a0d69b1c53e28a9f058bc3811143f28cf09dce34272d72362dbfc73c04d3d5c86f09a4cb119c92301524b3f6d08b7751b76c96e12a22be06495442b313e0a2bb1d29af"}, &(0x7f0000000000)=0x11b) r1 = add_key(&(0x7f0000000540)='big_key\x00', &(0x7f0000000580)={'syz', 0x3}, &(0x7f00000005c0)="7c62ac1b54819c8b45e1294a87179cf91b5fbee0aa517e84e0914cb218fda1a8e1264f5389a6e1e1d76674e9f11f82824e4afa8cff89442108ee8ed1cc08f8a565", 0x41, 0xfffffffffffffffb) keyctl$update(0x2, r1, &(0x7f0000000640)="f0db8038e7e215602c780deda2dfd7916ddfac247025710663bd29c94e81969ab6df9806e9c65e85bded34f4315102714d6e182a1b8ae784056c817a1bf164e92c178fb98ff4cb285cbab81673f587f91523457ec9b1129e36172f95cfb9567386bf1da3a2d945ea164ba9fdb51a40dc8c933f6ecd9d041283", 0x79) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000002c0)=""/210, &(0x7f0000000080)=0xd2) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000003c0)={0x0, 0xca, "82277fa0b4f7858cf9a14be2abd3f3866eb2cc1a39d6bc7e13293611bfcaf4990108c15887bc77d54a7120b02ec65ead9d015eb24dcb73c4d718ae5fa4d8562c8c9f8a9fd99f9aab50a1af69d10731b45bba274a25007cd790781aea2180120355614ef1c8c36d335fe0a6b2764a15d4c855d66efb2cac5749c4ebf03479fda209b2a457521ccc578b290b0b4909c1874a64628c2356b993ec467b182ae0c1fdacb3955a5215447d2c736885add6fd8764dbf9e055e8d6bb9b3b5cb46357bbbe26a4d9793a557f6b27d1"}, &(0x7f00000004c0)=0xd2) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000500)={r2, 0x1}, 0x8) 10:23:19 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845667, &(0x7f00000000c0)) 10:23:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x200000000000000}}) 10:23:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0xc1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x6006c3, 0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000100)) 10:23:19 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0045878, &(0x7f00000000c0)) 10:23:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:19 executing program 4: r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) getsockname$netlink(r0, &(0x7f0000000080), &(0x7f0000000180)=0xc) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000000c0)={0x1000000}) fremovexattr(r1, &(0x7f00000001c0)=@random={'security.', 'eth0,\x00'}) 10:23:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c004c0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x2000000}}) 10:23:19 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0205649, &(0x7f00000000c0)) 10:23:19 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:19 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x7008}}) 10:23:19 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00600003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:19 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000000)) ioctl$UI_END_FF_ERASE(r0, 0xc06855c8, &(0x7f0000000300)={0xffffffffffffffff}) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0, 0x0) getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f0000000140), &(0x7f00000000c0)=0x60) 10:23:19 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5450, &(0x7f00000000c0)) 10:23:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) prctl$PR_GET_TIMERSLACK(0x1e) 10:23:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x870}}) 10:23:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000002060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:20 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x5452, &(0x7f00000000c0)) 10:23:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4000, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r2, 0x5) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, &(0x7f0000000300)=0x14c) r4 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vhci\x00', 0x80000, 0x0) ioctl$EVIOCGKEY(r4, 0x80404518, &(0x7f0000000280)=""/20) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)=0x0) r6 = syz_open_procfs(0x0, 0x0) mprotect(&(0x7f0000104000/0x3000)=nil, 0x3000, 0x0) pread64(r0, 0x0, 0x373, 0x0) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f0000000180)={r3, 0x9}, 0xffffffffffffffaf) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000600), 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="d80f0000000000001701000002000000bf0f0000a06c3c18138327b6e9ac3b660ffe3ab0dcfcf353793c9095578ffbc1ecccf3957febfc06af38f44c60722697280c5a8c66f1fc9d4ce88e0ac0186f65ef571afa03d3b856b132beb1a20fb9a4909f165e5a343f4fefe9425b98cb7fda340bfb03117365a208429927018da0c2404805394ca4b4e9e4742aa2358b859b36b77387e99b63948cfd3e4c4e09d9999f8f0614f0e1ae9e454984ddc215bd92a523bb8e9074750b4b393e8883563c37dd6701e8bd602653396edc7fad2f798af71f786562aa20d052a89e2e1b2fd3a6a0feca0582610f6f6b250913ba359b1b65746e25cff05c57f36ee4ef3298480ecb4223eeb356b52962af994924c3ad9585db0ee02106145585df3744fae03f8b2ceb3bcfe0c4d40630b586f0f0e9425b69900e0c022ed651fd55cab210f0ecfa13a32a903f32169c3de3212c91df7594e6110f63587e8b1d80f0105fbc158a82d8f79fa8b8ea0580525c1867987a41a5f5529598ff3c7d00006f1b6c69672bda9ddeadb4e8306a9cf0f798e79695e54d10e6afaa8d7fc1b29e661074600b000bbf7755ebfd39e898db673133e10c0db8c582553c712ae9e99182abac6fe312bf04544f773e571335d7441eab5f5ad61135f463a7a4e315f4dc6ef7a275716107c612e1b528d74ca258451278d104675f3b8848637d3839629e0858bf530da1678389acb270001b57a27ac79a412876c905edbe5dc21b229a932c010b6efc57923c9bd2cbfbfc630c7f444230d43748bf592430c2bc21d7fcd9c7a0a19b21746a2ae843a838157651955e84eac98dcbbcc2043a011ceecf5b299074d6c5682db58d7cf3c32a0c4959b7fa4289e8ba7fda61a61b3f14f502180479130214d4e151a330027294f290f63d910473fc652818a791732da0e4361ad5e444f859bc2c0e5a6b73169b8a1c0e9b2d70d18ccf71ef62d97259bfb68f9acb9919d3429ab09d58dbe0b070b179d8d2d3de4478efbd47caff5861eba3fa1b77706c2038001c165a3a2daf4b58ccf96807102d2dfa0d98bf3a9acb508b6bd9a096926081aa9e07ee429c38452cd67fab23e61bd5109f478a3f183dd9e60b6690e0024bf17e60533106d57bbee96f5b0970acaf3ae7874fb1b40134761ccdb5b51e725e60bfdee9bd2429b324cb904221e2db5bd6373cdade980e1398956c6abf794eb783129b97ffe5f3ed58d217310bc2d9989973fdb2919c5c14ca3f61cf39ee3f3d6a2845abc69c76fb04e9fb33ce8a6a03eb562f4ae1b13c05a16b438d4c07441563e8603cbcd221b25fb68074fdf611d5d7cf51131f69cecc9427a79cffab8c2de6165249e701812a43c437e2f7e401b24e8440a5efed74dfedeeb17a48ee4048aca3ca5a2678b440915540ea120f5802b51d4d2cfd0ae5bb2f0d0b6b60797b71382e05cc101425e811fa1ee896c3a4ca61980439244641d2c9736d8e626389447e0e632e15670257cf55fee8d0a39bdab65695391be3abae8b62a5c78f954795ad795fd3dd4bc9001221209cef4d61936a290cc3bf26fbc8974363c8071a710687a7eb5e2e2f4b7aa22e68789ec0638b4b7e13b3ec0fe4871490dff9dca084bd42b6097b6caa5e0ccd4795f1053a4d636757112d4ce1147c1e1475b3e79fcff65e331ddbe5d5fb6e2c062460c15a32255a741a17bcd8ecd1f20ea22fa42240f6d43ea12e11aa0472cdd73d0485df8f122df9d8de815f97413574e865f0b3f00241961f46dd3b5b0ae616862fd5e3d5f26008d27de4ee0c4c623cadd4bc71eb99a55425c86f16ce5708b2bfe12ca898702080454b1ba698d04a0741a91d68a6826ee54e93d4f0e05aa60c0e1d2cba3f6af4efc0dc07e83be09c4745bb309aa3f43ca1fa8f55935317cfc462c1ddead07544f9d22bcd4653da2d401c2e34af88fb5ebab5779c5fbd8d2918ee01cff65c0e3fccd4c1ddd9523196783f08c029ff7bc971651f1a7cf0e6d2060e3f4c0da75939019f78d7761a0abc082f1c40b7ef4f98dd74dfe302ff87db7fbc549ca5c3f9a983ffae1e07b7d6c9033d613aa0f34039f20987827c523b8875203ec6a40734e32c10b8601d6cde0b664b3bb7177beb27f73939aeba4dd67f9f9c2d10b74f67fe45801b7aabc6c60dd26cb57ab79512f70173150a31f65062c5240e1078430d4c040ba63d6d0ce02ce08111f54b11663cb5a8ede81a5224fe301e94f3046928acb2a98675cbd5e20cf4914ec31ba8b349e1dd71574fd77b2848eb0f1656135834cdf73b7968a3ac1a84e1b0eedaf4b5317406de962dbfce4c666e22fb44c4ae9363f4dabedd32870196a75164593adb1ca2fbea29df30228794610fac5c03b5d15eab8102c52b7b4978cd9ed494a255d399d47cc4a1762d2bdca51f6aa24a5978a4a03305deca96cb3e47c46e0eab4ba095e12ddd6a825a05327bdc219d2b3ebf4da6f696660367cb676efddf4b614aeaeda77d63be2a3a26a0585175057be3433825851ac2376ceaf55384cde0aeae9a1b2066f0751af2cd32322e0facddf087121930eef702e85e05f5c931516e174bed331d5041e0d9b869e507f0845e3e601494294c7f5c8899e6960f47e407aabeccf887c1d1d5bbf892236732980e09bb1c5ec260639c39b8d61ca78101f0b8ad5996675148bfab5eda660d58864b153576bf22842ffe09d68e108b8aa1c73293e2f7c8cb9e37d8930fb3d40ca3c32ecadc7f03d364c0cc69cd4f91aa50503f57cced001456ddfb40ab3aab88a40ae74ea6c4a2c2177ba46d480bd9cff29da9142e1c3d93c36cf3afb93f17bacb1cea177556be06309c18d2443a3b052118f5b0246cc073874dd66dd9a6bb0b87a59b4b89657ef47ec9e64256bc9808645414c0b71808871a4912eba749ef2990d9583199c93f6ea84ce420000000ce03ed17e390999bac40328a5d7f43bc6d388652445ca6933abc20eb4003a49c1e6c708536994e42e39955dc283614a7c6974b05ef3fe773338898e38e65489d1fc8ab050a2f3169f356b3ffffdde52d1fc40f3cbdb8ffd3d45d29eb8ce0eb5b5969ed87cade63a83dd754fc3af4220490f3c974e43d686c79a08044cc255e76efb4560d10a84ed653aae0e81454dc65e8bda8840d4e086768b803f87f225b28867d5a3b5b55845bcf82e6c80bdc6a061e93a0310c0809da1ac54a6d89570aa470f5a6398d135f809e365223ad3454e79708d6ea535ca56f869f02964e3b787b4faedc793420062a1f6aabf5c2e876273a53becdb861eb1ee652b11451336bb8fdd5dc7aed13c6a7a9f003511671e7b50afa41ac6489873002afa8fdf1cb7c2307cf83703fecda095264f6478b99551aa19a4fb4bd5b1f69051b0640d17bbbe1877446e62110a5d8e94d7a6615c093584afcb83217235f1f60f53e1204f4a6167f8ddc5a29f0d54f15b537e15471e7dcdfb7a84e9c5e07b0279a5feee3d0036ae9979e8840ddc42a3e695c79d7f08c910ffebd12296f6aaf3aefe499bf31fb5e67d87655dea4b559af276461d2e52fb4afd19290b11b78098bcd8bbc571b67f4a8e6c5331303d0d478529dde7d3c2b1647342471160c1632e45e03bcf1fdc5fe37e8482db7415cbac6639a434288e6002059952b1ff9c2c9419b0f193dcec14519d8fcd2fcd59f7ee1534561cd904b26831abff4ef44d1cdd74509d59651adecd623f0f2d0d14afab74f8515d7988688aaad6bcefaa56ace881b4a399e48315d7ef6ae106cd664a7844e2df2e71b6ae47261cc787fea50138035317071a92d625b37139bc3b1be0c60927f9c9148b0134f05e021b7cf830f0c36a078e5f90d0648503cdfe7eba1eb4a7d768724f777c902349d8ec72850f7b2d74ceade208eab59ba03c8425ad85d05edeee376a45f1b227615330dde778ab7d812f041be41891d9d595c6e15c4b6e1dfcac6b07a20f8e8725aaa717c706475f9976a03dbb31bcb9e41341965e36addc5471810ce63aebcdf6c557bbfa9c573c95c19659db16d7e7a94f181a455924b27641af5a7d4e0d9ba0909da05afb9432bc0ceb9d835bb1b29534c074fc470032a69b60aea3845f5ad0e434e7641d099bae6d4514f13d63687269fee01cf8a3934100d21146f6cb13cc3677257f44bf935637e2552d368b94edbb98b4692f904838748e2585e375d9de478254ae1c1bb089070670e6bb7e3d276200d91d9d673037d2c113a13afa09804fa3a0654a60650be4802e0d8ff3e491bbe9f6d003a442d3d61ab7278d9a812ed1beba17a395344fff3d71cbbdea9ffd13e23e32e8d3fefba6761299b2040c6ebf6bb75c5ec5040cdad96b4e5098f87fa9b8735a6afcdd2726e5b8f6cc21989b16aa383141d59c15e06490c2cca8732354bf9311958edd72b2fff9552613e100a460dfaaee05fd7e3bb365d9c7dc79fee1d0cabda280ce1093d0be4ee7def409a6a591e81a9ce07e65ab4d0e96f2d3ddac585ab31073434fd285c3850342fccb24699b1ca1026484d4edbe35a8945ad0fbf3c11d5d59e3e97310f707956827942cbfe5d136a3f0e591d998f44345a4d90b4496f459911411e6709ee9615644ea171c5785f61f1be3c1c74439792a54ea970d09eaed9f43443a5646dc44a600ac19ba903000000769dae0bd8d4d410bcaeb0ccaaaedbcbd2e0913b87300ae38920880ea7f23ac4df679f606f2fe4717da5d3e15c600f69c6c8f2a40e7ee73e2c16c2c3d82c588619bd518fe93bc67d1d51f3c57ce11a0a48a5d5aba8274f419c66432971bbd03100c86ded401e6ffe986c785bd1b08fc02a9d9436575585ef21495f997c105021a34c0c19be00ba1b3174b4cf3c885f6f151ff729177ea64f9a9356852e71a4d1904e62c60ea5ceaec4bd34eaef4316388b6343f6b0c433444fb6e9c5ebcb19005e0c5009442c9480d6c6491ac2cd1794a8c56408d1d43ae16891de2b8a3fde53f7166fb71cc4cd9d8bee90729402999502cb5e30e4b049ce69b51bc7c5e9a70e58b368f837d57e983cc44ce13be98505f7be8006690f3272f534d3faae6b69e35b43489fa63f13dc5aa92d1ae87d663d410c78d9741fd07c7578e0da36026760270fcbd27c0ebc3059eab530c4127185c37b68c308c3e4d96a383c9540b5345e0a3b7cf16787d04e13db892658fffac0ec682a9688615f36ea8e28ee21bd00d08ed734481b61e50ceabdd095402bdd229412a79c86811a43cc9c1837e359e221cd1c680355e206d985e58d889e875e7bfdbf4df7186fe4dfb90acb2e99d0a3ed1c479aa1922d8bd3326cc3959f13d7fb099c1835f8c11cd41b401f689c6c9c1e7b037934f1410277bc2e178a5c927412512073a80850f49950d188413da529e2e350a6418b6ef5f7de28f12c9d9a88e5a689c2d9718e58f8da08c2aaf5a628935f15570f4b9e6a8002aa7e433f487cab02c34c3736bca4627dcb6ea57a496e247a5d81bb7106c51e25e6497f880ff79ba3cd733997c76ec7f1f593a5b14682e82372864098dcd4a0871a05e7431b81063f9c770422716a5a6f9cea301992c3da278bc899c56cd2dcdcbd6f844f3127c799817b43c7029f1122ac81a9c299b2f7dfe5a191d74cfe3794c0619518fd642bc6a3c8112aa423a23fc80fff436fb95f446aad8e16886e7c4b32669cde2891cd8bb07df1f7181cad1c920640a5f0357b4716b6d636b2dd4e49cf0f5bf1fbdbb23e722c90b298919c0a13b345fb00630461b3e7814dd7"], 0xfd7}], 0x1, 0x4010) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_flowlabel\x00') ioctl$sock_FIOSETOWN(r7, 0x8901, &(0x7f0000000240)=r5) r8 = syz_genetlink_get_family_id$team(&(0x7f0000000440)='team\x00') getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000480)={{{@in6=@mcast2, @in6=@remote}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f0000000580)=0xe8) getpeername(r2, &(0x7f00000005c0)=@hci, &(0x7f0000000680)=0x80) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000940)={{{@in6=@ipv4={[], [], @loopback}, @in6=@ipv4={[], [], @remote}}}, {{@in=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000840)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000880)={'team0\x00'}) accept4$packet(r2, &(0x7f0000000b80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000bc0)=0x14, 0x80000) getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000c00)={0x0, @empty, @loopback}, &(0x7f0000000c40)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000d40)={'team0\x00'}) getsockname$packet(r7, &(0x7f0000000d80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000dc0)=0x14) getpeername$packet(r6, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000ec0)=0x14) getpeername$packet(r6, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000f80)=0x14) getsockopt$inet_mreqn(r6, 0x0, 0x20, &(0x7f0000000fc0)={@broadcast}, &(0x7f0000001000)=0x331) getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000001040)={0x0, @multicast1}, &(0x7f0000002080)=0xc) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000020c0)={'veth0\x00'}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000039c0)={'bond0\x00'}) getsockopt$inet_mreqn(r7, 0x0, 0x27, &(0x7f0000003a80)={@local, @multicast1}, &(0x7f0000003ac0)=0xc) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000004100)={{{@in=@remote, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}}}, &(0x7f0000004200)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000004240)={{{@in6=@remote, @in=@remote}}, {{@in6=@mcast1}, 0x0, @in6=@local}}, &(0x7f0000004340)=0xe8) getpeername$packet(r6, &(0x7f0000004380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000043c0)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000004d40)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000004d00)={&(0x7f0000004400)=ANY=[@ANYBLOB="94000000", @ANYRES16=r8, @ANYBLOB="020028bd7000fedbdf250200000008000100", @ANYRES32=r9, @ANYBLOB="780002003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r10, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e0000000000080403000100000007000400fdffffff000000000000000000000000"], 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x1) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f00000008c0), &(0x7f0000000900)=0x10) ioctl$KVM_CREATE_PIT2(r11, 0x4040ae77, &(0x7f0000000100)) ioctl$VT_RESIZE(r6, 0x5609, &(0x7f0000000400)={0x2, 0x81, 0x33}) ioctl$VIDIOC_LOG_STATUS(r6, 0x5646, 0x0) dup2(r0, r11) 10:23:20 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0585611, &(0x7f00000000c0)) 10:23:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x7008000000000000}}) [ 458.622246] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00400003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:20 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc058565d, &(0x7f00000000c0)) 10:23:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0xfdffffff00000000}}) 10:23:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000080)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000f0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:20 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0x2, &(0x7f00000000c0)) 10:23:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x100000000000000}}) 10:23:20 executing program 4: r0 = accept4$unix(0xffffffffffffff9c, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x80800) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000340)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xe8) recvfrom(r0, &(0x7f0000000280)=""/149, 0x95, 0x1, &(0x7f0000000440)=@xdp={0x2c, 0x4, r1, 0xa}, 0x80) r2 = socket$netlink(0x10, 0x3, 0x800000010) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', r1}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x2000, 0x0) write$cgroup_int(r4, &(0x7f00000004c0)=0x40, 0x12) sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x34000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r3, @ANYBLOB="e003ff000a000200aaaaaaaaaaaa0000"], 0x28}}, 0x0) 10:23:20 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x70080000}}) 10:23:20 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00200003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:20 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc020660b, &(0x7f00000000c0)) 10:23:20 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:20 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000083, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sndctrl(&(0x7f0000000240)='/dev/snd/controlC#\x00', 0x0, 0x0) 10:23:21 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0285629, &(0x7f00000000c0)) 10:23:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$binfmt_elf64(r0, &(0x7f0000000900)={{0x7f, 0x45, 0x4c, 0x46, 0x1ff, 0x7, 0x2, 0x5, 0x80000001, 0x3, 0x6, 0x3, 0x1b8, 0x40, 0x171, 0x7, 0x401, 0x38, 0x1, 0x8, 0xfffffffffffffffc, 0x1000}, [{0x1, 0x2, 0x9, 0x8, 0x4, 0x1, 0x20, 0x8}, {0x60000000, 0x401, 0x1be, 0x9be, 0x401, 0x9, 0x6c, 0x5}], "8c7a0168acbd28ba4100b8be7882d9c4ce975324645eeb44cb3f998da72da1ea9e4803373d87acc64372d1692cb3662f5a24cc751a4c503a96189a8d6d6f95f1becd6d516fa645870797f491fd572bc42ef738964ae5108f10f1e02f76efde66b2c3d677cca68868c6fcd040a3a3e51318d07e3e33a9074c84de5115491f7fa35b221a7510e72ba40b2c385f2fb8b5103d388d40bf596d1af91b47472f2aa4a2b63a45a94a1ebbc3d7acf26b4580bab658117b0db1b03391c4336cf05a3574517d7c9362e03066166a4ea01b9d1a44f690ec0908", [[], [], [], [], [], [], [], []]}, 0x984) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x400000, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="882d0716fdff25be0fe4a0f9f8c5fad7ccddbad2a63fd82bad53dc3699ddd114c7629eb7efc480d8fba9fed5dae7290d53f8263182a2a538ed4e324bafa239c2a038fb9175690927a42b19d71da30000000001000000211fc2f07ebc6e65d8d2acd6abc3e7229bc8180ce8d06f31a61366bb9edd954a06e628706dcb960d17c91e518048655184ea4e0a15c15a900e32bb217adda788720c14edb989a514b1510305bd236d43d91b835ad4468ed8a2781fbe"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0xfdffffff}}) 10:23:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:21 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0045878, &(0x7f00000000c0)) 10:23:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c03fd0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:21 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) recvmsg(r4, &(0x7f00000000c0)={&(0x7f0000000480)=@vsock, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000600)=""/89, 0x59}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000700)=""/99, 0x63}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x5, &(0x7f0000000800)=""/83, 0x53, 0x3ff}, 0x102) 10:23:21 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0285628, &(0x7f00000000c0)) 10:23:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00060003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) [ 459.515246] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x1000000}}) 10:23:21 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x870}) 10:23:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000f003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x728, 0x141481) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f0000000100)={r4, 0x101, 0x30, 0x4, 0x80000001}, &(0x7f0000000140)=0x18) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:21 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x2000000}}) 10:23:21 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:21 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x200000000000000}) 10:23:21 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x870}}) 10:23:22 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x809fd50000000000}) 10:23:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00007a03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) [ 460.273234] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:22 executing program 0: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhci\x00', 0x80, 0x0) ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f00000002c0)={0x4, 0x50c1, 0x8502}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="882dedb614b7b2af4d585c951e869002f407fe22dbbe2ba5b61b39b43d8198480322873e68f629fa71722569f682a91845d5ce10de40f049233629658ea6288ab350e3f74ad24c59b8a85ae0000000000000000000000000c7e7966bbc21f22d4faf5ee05037f7a59955c418aebb4a26f345eade37e130c50109c87217e04c34d3cbd565b6ec3050176ab42ffe710a47f471701d63965fcc07a62825fdd834280095049607f17e7c8e7cd2ee348e1e6b100075a3a24eba9e14df8cab1f83cb60876ec14963ae6343a4296cdcbcff620d4330f5333a819cfd65ea3396c8b0a0eaeb07e6a30da41da84a96cd370c5486e40a22ff1378064cea8f48dfbd4552ee6486839a4b710b7f93e45a6355f2dbab4e80a34ecbcfaf54a721fa9c2be94e9465fd9ed48eb44c4ec3dbfb5a83087d849f9d74b6c044d398330ac110ca6ea8cc1fd04446d6e4edc484584a93b23ecaaf506dd5132df9c2f2481f4374c184ededd97fe69f3903f47b7437e68400ba60b34add570a4a932cd61341ab49b1d61cadc2ebe3fec37a2e15b0da83c69a5e6891ec4629edd94e4e52dce0c5fc81"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x3, &(0x7f00000003c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r5 = accept$inet6(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x1c) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000440)={0x0, 0x7, 0x101}, &(0x7f0000000480)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f00000004c0)={r6, @in6={{0xa, 0x4e20, 0xbb9, @loopback, 0x891a}}}, &(0x7f0000000580)=0x84) r7 = socket$inet6(0xa, 0x1, 0x8010000000000084) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r7, 0x84, 0x70, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e21, 0x3, @mcast1, 0xf1c}}, [0x4, 0x8, 0x3, 0x4, 0x0, 0x7, 0xb1, 0x8, 0x0, 0x7, 0x2, 0x4, 0xffffffffffffff01, 0x0, 0x4]}, &(0x7f0000000200)=0x100) setsockopt$inet_sctp6_SCTP_MAXSEG(r7, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={r8, 0x5}, 0x8) ioctl$VIDIOC_DBG_G_REGISTER(r7, 0xc0385650, &(0x7f00000003c0)={{0x1, @name="9c9de8a36aa1ec3552bf12d9170bdab2416c048859e350b8020c30b176eacd0c"}, 0x8, 0x5601, 0xa8b}) symlink(&(0x7f0000000700)='./file0/file0\x00', &(0x7f0000000740)='./file0/file0\x00') getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r7, 0x84, 0x20, &(0x7f00000005c0), &(0x7f0000000600)=0x4) lstat(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)) bind$inet6(r7, &(0x7f00004c0000)={0xa, 0x3, 0x0, @ipv4}, 0x1c) listen(r7, 0x43) r9 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) setsockopt$inet_sctp6_SCTP_RTOINFO(r9, 0x84, 0x0, &(0x7f0000001680)={0x0, 0x3, 0x0, 0x3}, 0x10) sendto$inet6(r9, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f00000000c0)=0x3, 0x4) socket$unix(0x1, 0xfffffffffffffffc, 0x0) ioctl$sock_SIOCOUTQNSD(r4, 0x894b, &(0x7f00000006c0)) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') 10:23:22 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) recvmsg(r4, &(0x7f00000000c0)={&(0x7f0000000480)=@vsock, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000600)=""/89, 0x59}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000700)=""/99, 0x63}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x5, &(0x7f0000000800)=""/83, 0x53, 0x3ff}, 0x102) 10:23:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x2}}) 10:23:22 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x100000}) 10:23:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000703060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 460.489059] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:22 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0xfdffffff00000000}}) 10:23:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:22 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x7008}) 10:23:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006803060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:22 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:22 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0003fd03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:23 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x101000, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f00000000c0)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x4000, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r1], 0x1}}, 0x8000000000000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:23:23 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x2}) 10:23:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x200000000000000}}) 10:23:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00480003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:23 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) recvmsg(r4, &(0x7f00000000c0)={&(0x7f0000000480)=@vsock, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000600)=""/89, 0x59}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000700)=""/99, 0x63}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x5, &(0x7f0000000800)=""/83, 0x53, 0x3ff}, 0x102) 10:23:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:23 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x1000000}) 10:23:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x70080000}}) 10:23:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000f0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 461.388623] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x7008}}) 10:23:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:23 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x809fd500}) 10:23:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00080003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0xfffffffd}}) 10:23:23 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) recvmsg(r4, &(0x7f00000000c0)={&(0x7f0000000480)=@vsock, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/97, 0x61}, {&(0x7f0000000600)=""/89, 0x59}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000700)=""/99, 0x63}, {&(0x7f0000000900)=""/4096, 0x1000}], 0x5, &(0x7f0000000800)=""/83, 0x53, 0x3ff}, 0x102) 10:23:23 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x7008000000000000}}) 10:23:23 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:23 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x10000000000000}) 10:23:23 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c004c0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) dup(r2) 10:23:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x100000000000000}}) 10:23:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) [ 462.239381] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:24 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x2000000}) 10:23:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000f03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0xfdffffff}}) 10:23:24 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:24 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x70080000}) 10:23:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000503060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x1000000}}) 10:23:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="81000000fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:24 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x2}}) 10:23:24 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x10}) 10:23:24 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:24 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00fd0303060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 463.122988] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x200000000000000}}) 10:23:25 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0xd59f80}) 10:23:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00f00003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:25 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x7008000000000000}) 10:23:25 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x2, 0x0) 10:23:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00007403060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) [ 463.982027] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x1000000}}) 10:23:25 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x100000000000000}) 10:23:25 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:25 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x7008}}) 10:23:25 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x870}}) 10:23:25 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00050003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x870}}) 10:23:26 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00040003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:26 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x10000000000000}}) 10:23:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000080)) prctl$PR_MCE_KILL_GET(0x22) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0xfffffffd}}) 10:23:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x7008000000000000}}) 10:23:26 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00680003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:26 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x100000}}) [ 464.894273] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:26 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x100000000000000}}) 10:23:26 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:27 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = accept4(0xffffffffffffffff, &(0x7f0000000140)=@ipx, &(0x7f00000001c0)=0x80, 0x80000) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000240)='team\x00') clock_gettime(0x0, &(0x7f0000001c40)={0x0, 0x0}) recvmmsg(0xffffffffffffff9c, &(0x7f0000001b80)=[{{&(0x7f0000000380)=@hci={0x1f, 0x0}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/238, 0xee}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000000540)=""/98, 0x62}, {&(0x7f00000005c0)=""/140, 0x8c}, {&(0x7f0000000680)=""/188, 0xbc}, {&(0x7f0000000280)=""/60, 0x3c}], 0x6}, 0x4}, {{&(0x7f00000007c0)=@tipc=@name, 0x80, &(0x7f0000000840)=[{&(0x7f0000001900)=""/90, 0x5a}, {&(0x7f0000001980)=""/70, 0x46}], 0x2, &(0x7f0000001a00)=""/128, 0x80}, 0x9}, {{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000001a80)=""/3, 0x3}, {&(0x7f0000001ac0)=""/92, 0x5c}], 0x2}, 0x8}], 0x3, 0x40000000, &(0x7f0000001c80)={r5, r6+30000000}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001cc0)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000001d00)={{{@in=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@local}}, &(0x7f0000001e00)=0xe8) getsockname$packet(0xffffffffffffff9c, &(0x7f0000001e40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001e80)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000001ec0)={'team0\x00', 0x0}) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000001f00)={0x0, @rand_addr, @loopback}, &(0x7f0000001f40)=0xc) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000001f80)={@multicast2, @rand_addr, 0x0}, &(0x7f0000001fc0)=0xc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000002380)={'ip6tnl0\x00', 0x0}) getsockname$packet(0xffffffffffffff9c, &(0x7f0000002400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002440)=0x14) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002480)={{{@in=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@remote}}, &(0x7f0000002580)=0xe8) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000025c0)={@multicast1, @loopback, 0x0}, &(0x7f0000002600)=0xc) getpeername$packet(0xffffffffffffff9c, &(0x7f0000002640)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002680)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000026c0)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@mcast2}}, &(0x7f00000027c0)=0xe8) accept4$packet(0xffffffffffffffff, &(0x7f0000002800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000002840)=0x14, 0x800) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000002880)={@remote, 0x0}, &(0x7f00000028c0)=0x14) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000002900)={@remote, @broadcast, 0x0}, &(0x7f0000002940)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000002a80)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000002ac0)={'team0\x00', 0x0}) accept$packet(0xffffffffffffffff, &(0x7f0000002b00)={0x11, 0x0, 0x0}, &(0x7f0000002b40)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000002b80)={'team0\x00', 0x0}) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000002bc0)={0x0, @remote, @broadcast}, &(0x7f0000002c00)=0xc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000002c40)={'veth1_to_bond\x00', 0x0}) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f00000034c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000003480)={&(0x7f0000002c80)={0x7fc, r4, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [{{0x8, 0x1, r7}, {0x1e8, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r12}}}]}}, {{0x8, 0x1, r13}, {0x228, 0x2, [{0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0xc, 0x4, 'random\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x8001}}, {0x8, 0x6, r14}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r15}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x14, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r17}}}]}}, {{0x8, 0x1, r18}, {0x90, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x10001}}, {0x8, 0x6, r19}}}]}}, {{0x8, 0x1, r20}, {0x4}}, {{0x8, 0x1, r21}, {0xc0, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r22}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0xe00}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r23}}}]}}, {{0x8, 0x1, r24}, {0x180, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x413}}, {0x8, 0x6, r25}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0x1, 0x2, 0x5, 0x8}, {0x4, 0x4, 0x0, 0x80000001}]}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r26}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}]}}, {{0x8, 0x1, r27}, {0xcc, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x80000000}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r28}}}]}}]}, 0x7fc}, 0x1, 0x0, 0x0, 0x4010}, 0x40000) r29 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x23b, 0x40) ioctl$BLKREPORTZONE(r29, 0xc0101282, &(0x7f0000000080)={0x0, 0x2, 0x0, [{0x1, 0x6, 0x3, 0x4, 0x5, 0x200, 0x100000000}, {0x3, 0x100000000, 0x8f, 0x1, 0x7fffffff, 0x53d3, 0x1f}]}) 10:23:27 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00600003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:27 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x100000000000000}}) 10:23:27 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x70080000}}) 10:23:27 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:27 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x809fd50000000000}}) 10:23:27 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:27 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000603060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 465.755932] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:27 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0xfdffffff}}) 10:23:27 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x7008}}) 10:23:27 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00002003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x2000000}}) 10:23:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:28 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x10}}) 10:23:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00020003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff250f7f5c0bf96d0fdea2dd799390c7ee0ddfb8a539a31770dabff34a8b1240a09cf3324816b17d724bfc585ce82bf07fab6126390b74eb59b92378d7f5f45233b71ad745a7d4eb2a1f3ebdf251c0c182b950852f993fef6226925f89d24e6c9b80808a5c236e083ee06d69d7"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, &(0x7f0000000100)="660f70d6e866b80500000066b9867100000f01d9ea0d00990066b9ab02000066b8eb00000066ba000000000f30baf80c66b8fc79138b66efbafc0c66edf20f0866b9800000c00f326635000800000f30f30f3536660f67d10f01ca"}], 0xc54, 0x0, &(0x7f0000000000)=[@dstype0={0x6, 0xf}, @dstype0], 0x2c3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:28 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c006c0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:28 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x70080000}}) 10:23:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 466.670521] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00070003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:28 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7008}}) 10:23:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:28 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x1000000}}) 10:23:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f0000000080)="2cc012d6a92975281384f9420ec359c25056c63976b6aa74e845e4082b629b82c33d9e86773e80de0bd95f2c3b766823e9ba758877fe2a65ad5bdbae384334f4b4274a386f04b2549d8c8d2477c6c6eaa321175f") sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdda25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:28 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c007a0003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 466.996131] *** Guest State *** [ 467.019409] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 467.046785] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 467.059799] CR3 = 0x0000000000000000 [ 467.063721] RSP = 0x0000000000000f80 RIP = 0x0000000000000014 [ 467.071072] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 467.079178] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 467.090570] CS: sel=0x0023, attr=0x000fb, limit=0x0000ffff, base=0x0000000000000000 [ 467.102973] DS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 467.111261] SS: sel=0x002b, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 467.119414] ES: sel=0x002b, attr=0x000f1, limit=0x0000ffff, base=0x0000000000000000 [ 467.127394] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 467.135427] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 467.143442] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 467.151491] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 467.159491] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 467.167661] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 467.175663] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 467.182126] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 467.189618] Interruptibility = 00000000 ActivityState = 00000000 [ 467.195851] *** Host State *** [ 467.199092] RIP = 0xffffffff81223c27 RSP = 0xffff888184997350 [ 467.205077] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 467.211526] FSBase=00007f8a16eff700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000 [ 467.220167] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 467.226043] CR0=0000000080050033 CR3=000000017f246000 CR4=00000000001426f0 [ 467.233390] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 467.240131] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 467.246218] *** Control State *** [ 467.249702] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 467.256366] EntryControls=0000d1ff ExitControls=002fefff [ 467.262031] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 467.269014] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 467.275667] VMExit: intr_info=00000000 errcode=00000000 ilen=00000007 [ 467.282272] reason=80000021 qualification=0000000000000000 [ 467.289018] IDTVectoring: info=00000000 errcode=00000000 [ 467.294476] TSC Offset = 0xffffff03d45d141d [ 467.298841] EPT pointer = 0x0000000184f2001e 10:23:29 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x2000000}}) 10:23:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2}}) 10:23:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00004003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:29 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) accept(0xffffffffffffffff, 0x0, 0x0) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r1, 0xae80, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xffff, 0x4000) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000080)={0x0, 0x2}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000140)={r4, 0x38, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x2, @local, 0x8}, @in6={0xa, 0x4e22, 0x1, @mcast2, 0xff}]}, &(0x7f0000000180)=0x10) 10:23:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:29 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x2}}) [ 467.516429] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00004803060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:29 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000303060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 10:23:29 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:29 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0xd59f80}}) 10:23:29 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x200000000000000}}) 10:23:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00003f03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:30 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x7008000000000000}}) 10:23:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000200)='tls\x00', 0x4) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x0, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r2, &(0x7f00000001c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000440), r3, 0x1}}, 0x18) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) io_setup(0x3f, &(0x7f0000001140)=0x0) r7 = eventfd(0x9) r8 = syz_open_dev$media(&(0x7f0000000740)='/dev/media#\x00', 0x6, 0x20000) r9 = syz_open_dev$mouse(&(0x7f0000000980)='/dev/input/mouse#\x00', 0x7, 0x2000) r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000a80)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r8, 0xc0385720, &(0x7f0000001100)={0x1, {0x0, 0x989680}, 0x200, 0x6}) r11 = open(&(0x7f0000000cc0)='./file0\x00', 0x0, 0x10) r12 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/snapshot\x00', 0x20000, 0x0) io_submit(r6, 0xa, &(0x7f0000000fc0)=[&(0x7f00000003c0)={0x0, 0x0, 0x0, 0xf, 0x7ce4, r4, &(0x7f0000000380)="373f3a68d65ea9d9bc02f0f1492bf615be364281d248727a81f64596d41a9f95b9", 0x21, 0x7, 0x0, 0x2, r7}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000640)="1859efea2db6eeb09d207556dc80dafcc0776d1f6790cfc85226808f3e4bfd33b169850d1bbf89bd9873381847f1c87acc4760eae5d77fed4336bd58a4619d05be514f53fdc110d0112b98b17a0abe63d67c5589160a2d7ea8052715efbc13e40e02052a90953d06ac5953e1faeb2f47c2ee9089e913b9d462599d09450f48ffc9afdb3903f3ac88e0aa0444b7aeb5937de4f807e711da2202e77940b845c98aecb0eb817a466655130ab727ce76301325e997493e90cd0566945746c5539eb8c76fc2c69f789838988ee64f3410a0001acb2c1b8b3adff336c0abd2ede6fa0b3ee67c0756cb", 0xe6, 0x80, 0x0, 0x3, r8}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x45d, r2, &(0x7f00000007c0)="52b3778a707a6ebe4c6f", 0xa, 0x7, 0x0, 0x2, r0}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x8, 0x8001, r1, &(0x7f0000000840)="1264d0cb96b5b3d5cf11920f57189cf380eed93ce1524af21edffcbfa0672b50ad23b04bd33e37303491891c9ee3f94e22ad23a6e37804e1156160a357c76a5e5891817ea57dedd0f3ef43cae043e0c8cb061fa814e438b30291e3ddbc46e82c8b3c44b73693de", 0x67, 0x2}, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000900)="33238bd4724798967a3a534fb42aaa46fd2dfb282edd8f816ae7cc845a9045fa680486a98b73d0eaeacc24b10cc0539e4a639fb21ce06d1c0bb58c5245c5063a065bf618c1068dff76d34a067c0c5e142025e1d7a84aa7268a6d3e7dce3fb77bd50fa7d50f5f4dae308b48f80d5e8b190377", 0x72, 0x1ff, 0x0, 0x2, r9}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0xa, 0x100000001, r4, &(0x7f0000000a00)="9f765d56a92773f9dcbd370d8692e17deb037154ce757c32c43b8624f1140eac6bbb1a1b904cd3dddb2ceab7b15036d87fc4b562d6913191f5011c2f96de89dbd730d4ac96b2bec0f5ba5a12cffe36b8bbecbd5ea8cdb059be090a43eb09dc86d2f4a614911a845bfa5f8970fb1d", 0x6e, 0x200, 0x0, 0x1, r10}, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x2, 0x1, r5, &(0x7f0000000b00)="703e20c4a905072fea2444d92cbd656baf9e8345ebc31d289ae5453c27e8be437b20dbc09e790f41d98d75be7ede7ee90be397604a86c9451ff9811e7242034c4507215a42df5307bf09c8d9b72629553a65377b6031df004ad61218a160b7f9835951dab3d19fa39efcd624c6f3fa7c6abab896583673da2c68a95c9efd6a572bf55af68556df2419af3808c3677425127b43e0f86dca1a10574bb3e90f60935da61fc3b406a3167a6838a6a2c4a04d19b92317cd6218b8831f9eb492ba80952186627d21e7038e2af58fdd5e39755ded03920eb7ff2db56daaf6a67be5fe5226f4cf54afb7c34d528e0593af8c6630c1bb4e4c073f51c5", 0xf8, 0x1, 0x0, 0x1, r1}, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x5, 0x6, r0, &(0x7f0000000c40)="c8df0bbd708cc95845dde3c10f195d0bb6be151f988cdb13688a794dd6e9cc579fc243744243d86fc3e474e81d0ad5f9992f0ac5a5d07e0357ea8f6bc00c5fbfc023cbbf552bfcec309040c02d9422376c", 0x51, 0x7f, 0x0, 0x2, r11}, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x1, 0x736, r1, &(0x7f0000000d40)="df7f946687972b692d5ade365b9c19008e67ebe6686fe18a9893cc439b197d1adbf4eeb0115235149a6e0a941c83cd866cd9750f2c4611ae6f78b7a3a81844fa0deb75e2f96a0b0f2375fb82de18a1bb22bb48d1fef7c9835712e90ad844052c2e7c78b028203724a58d835f5899d727df70267289730589a933bae6ee5c9f464745d661c906edc93b1600bea5f362f062e6f8dd702542cb8729e2b6d900f854c232aceb5e", 0xa5, 0xfffffffffffffe87, 0x0, 0x1, r12}, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x550d, r5, &(0x7f0000000e80)="1291689cce1386abf1b24bd25145fed145de61e835e9641dacc19cf5d43fe6e7f3207e3d95909f15e634adb5ba0a7c663458f8a2fd928ab0edf8e63f9d2e614e52928394436ed7fd4bdf8fb2c1f8811141419216269576cc4fb97e92ea873518290f17d8c54cb2db04f94605deb889e40f18c6a3acfd9e9e9bda3204251b012e7284488776c5bf100f853dcc9f1cb2e1d9e4ea6f8f299bf90ccf44f7e1e9cec3fbc5f2a73d8370663a4097f345113e05c00a3f5540496b7e874ad670cbf0a664273e98040451b3aa621d1754a2d317a127cada4fd7852dafb01710843bf1f185f59b0c1ca83d5782add160", 0xeb, 0x60dc, 0x0, 0x2}]) ioctl$KVM_GET_REG_LIST(r11, 0xc008aeb0, &(0x7f0000001040)={0x8, [0x1c2, 0x8001, 0x7f, 0x80000001, 0x7fffffff, 0x1f, 0x188b, 0x3]}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) ioctl$SG_EMULATED_HOST(r10, 0x2203, &(0x7f00000010c0)) r13 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r13, 0x54a2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@textreal={0x8, &(0x7f00000000c0)="66b9c20d00000f3266b9cf0a000066b806b7e1e166ba3d3399040f300fc79b4b3aba420066ed0f32ba4200b86e33ef0f5d33b800088ed0baf80c66b874b9d58766efbafc0c66ed66b9740800000f32", 0x4f}], 0x1, 0x0, &(0x7f0000000080)=[@cstype3={0x5, 0x2}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$RTC_AIE_ON(r10, 0x7001) 10:23:30 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2000000}}) 10:23:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006c03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:30 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x809fd500}}) [ 468.439045] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. [ 468.478236] QAT: Invalid ioctl 10:23:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:30 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x809fd500}}) [ 468.582008] QAT: Invalid ioctl 10:23:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00740003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfdffffff}}) 10:23:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x5, 0x10800) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000080)=0x5, 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x40106614, &(0x7f00000000c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:23:30 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00100003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:30 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x10}}) 10:23:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:30 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdfb25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = memfd_create(&(0x7f00000000c0)='\x00', 0x6) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000100)=[@window={0x3, 0x4, 0x3}, @timestamp, @window={0x3, 0x4, 0x10001}, @sack_perm, @timestamp, @timestamp, @mss={0x2, 0x9}, @window={0x3, 0xfffffffffffffffe, 0x6}, @mss={0x2, 0x6}, @window={0x3, 0x4, 0x50a}], 0xa) r4 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2) accept4$packet(r4, 0x0, &(0x7f0000000080), 0x80000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:30 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x870}}) 10:23:31 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x7008000000000000}}) [ 469.277528] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00060003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffd}}) 10:23:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:31 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x70080000}}) 10:23:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00030003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffe78, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="882d3116bc1a6587a53a90f82b9956a019a4"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:23:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00004c03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:31 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x100000}}) 10:23:31 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00001003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) ptrace$poke(0x5, r3, &(0x7f00000000c0), 0x100000000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:31 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:31 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:31 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00004803060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:31 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x2000000}}) 10:23:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) [ 470.181619] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000403060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:32 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x200000000000000}}) 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfdffffff}}) 10:23:32 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x809fd50000000000}}) 10:23:32 executing program 0: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x101200, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000440)=ANY=[@ANYBLOB="b1000000dfa22d01f409e90505057b767fe3a9430dc414972a222471aa7c1e25da1d2a5cefe5a94fbff9113de395183fe6020d1f5d271b91066e0e372cf4f935d2feff8e9689fae0835e41b28ef67c0c6e932d25134c2e398f71c0e4455a42cfae7323ee724e5e9e114893830d3ab9d86ab33d884ebec6d2c15bd2c3d102963dcddf8e0762636a83308a0e0c3f4ae2fc01f6f85a234afbb88a86753c0db1fde9f3c67cf7104b6ead794a249b1c30c5f9f3dc8e4cd3660988029e1172af88ecdf7744b05604a11ad5c13b9e4f08c4be61cc77652d1e140341f5e23111b4ecb47ae997e8172ca4c95f7c8faaa4ef1d40dc7c6275a031ca06818d78a7e50a79eb8ea703c627786d28ab81d20c18e2aa89f8c7fee947944d2b927545227855419fa70c671f326d406f706d52cddf993087cec0bb091beb968d177c9049c8f926587a5f702d962057de95fb3957256457e1c9b1714045ede723ee9cda4f8417daacc15df334dadef9e7c464f039fb73d4018b57725dde0d3b704f4f693ac0d8c24e79e3dca9d1057c4fcf847bc02e5ac6"]) readahead(r0, 0x0, 0x9) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) set_tid_address(&(0x7f00000001c0)) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x400200, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0043f866a70000"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) chdir(&(0x7f0000000080)='./file0\x00') ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000140), 0x4) 10:23:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000703060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:32 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x1000000}}) 10:23:32 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x10001, 0x604000) ioctl$UI_SET_FFBIT(r3, 0x4004556b, 0xa) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x870}}) 10:23:32 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) [ 471.002574] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:32 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006803060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:32 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x7008}}) 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}) 10:23:32 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x200000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:33 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x870}}) 10:23:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000051060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:33 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x2}}) 10:23:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:33 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00007a03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000fe8000/0x4000)=nil, 0x4000, 0x2a97dfe76666192f, r3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:33 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:33 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0xd59f80}}) 10:23:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:33 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:23:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000f03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 471.888372] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:33 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x10000000000000}}) 10:23:33 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006c03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:33 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x100000000000000}}) 10:23:33 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x7008}}) 10:23:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000603060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:34 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x7008}}) 10:23:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x131800, 0x0) setsockopt$inet6_buf(r2, 0x29, 0xff, &(0x7f0000000100)="4b0526696d028d9393d4efc6eb0495", 0xf) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x68, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x870}}) 10:23:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 10:23:34 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000803060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:34 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x200000000000000}}) 10:23:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}) 10:23:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00007403060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 472.773980] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:34 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:34 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d3116fdff4369a3513a943fce3a45b84da649d825"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000000)=0x1f001) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_vs_stats_percpu\x00') setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e23, 0x4, @local, 0xa751}, @in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e22, 0x1ff, @local, 0x62f3}], 0x58) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:35 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x70080000}}) 10:23:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000503060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:23:35 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x8000000000000, &(0x7f00000002c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:35 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0xd59f80}}) 10:23:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000009060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 473.673753] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:35 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x870}}) 10:23:35 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008}}) [ 473.820386] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:35 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x809fd50000000000}}) 10:23:35 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:35 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000063060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:35 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) [ 473.960967] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:36 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x2000000}}) 10:23:36 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000303060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000080)={0x1d, 0x7, 0x20}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000000)=0x6, 0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r4 = syz_open_dev$cec(&(0x7f0000000680)='/dev/cec#\x00', 0x2, 0x2) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000700)='fou\x00') sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x148100}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x58, r5, 0xa00, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x89}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0xaf}, @FOU_ATTR_IPPROTO={0x8}, @FOU_ATTR_IPPROTO={0x8}, @FOU_ATTR_AF={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:36 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x7008000000000000}}) 10:23:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00002801060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 474.373239] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:36 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:36 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x100000000000000}}) 10:23:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00004c03060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:36 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x100000}}) [ 474.661747] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='%'], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:36 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x1000000}}) 10:23:36 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000203060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:36 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:36 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000e060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:37 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d4416fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f0000000000)=[@cstype0={0x4, 0xb}, @efer={0x2, 0x1000}], 0x2) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x109000, 0x0) ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f0000000900)=""/4096) setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f00000000c0)={@multicast1, @multicast2, @multicast2}, 0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:37 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x809fd500}}) 10:23:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) 10:23:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff}}) 10:23:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000a060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 475.471673] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:37 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x10}}) 10:23:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00006003060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 475.521216] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:37 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) [ 475.564610] *** Guest State *** [ 475.598441] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 10:23:37 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:37 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x2}}) [ 475.639510] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 475.671932] CR3 = 0x0000000000000000 [ 475.684709] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 475.709059] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 475.741600] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 475.760236] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 475.773451] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 475.781729] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 475.790149] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 475.798394] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 475.808323] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 475.816514] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 475.833958] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 475.842223] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 475.850644] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 475.858812] EFER = 0x0000000000001001 PAT = 0x0007040600070406 [ 475.865271] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 475.873060] Interruptibility = 00000000 ActivityState = 00000000 [ 475.879345] *** Host State *** [ 475.882538] RIP = 0xffffffff81223c27 RSP = 0xffff8881b109f350 [ 475.888510] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 475.894972] FSBase=00007f8a16eff700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000 [ 475.902830] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000 [ 475.908773] CR0=0000000080050033 CR3=00000001d20e0000 CR4=00000000001426e0 [ 475.915812] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360 [ 475.922576] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 475.928683] *** Control State *** [ 475.932198] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 475.938905] EntryControls=0000d1ff ExitControls=002fefff [ 475.944345] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 475.952062] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 475.958811] VMExit: intr_info=800000fd errcode=00000000 ilen=00000003 [ 475.965388] reason=80000021 qualification=0000000000000000 [ 475.971761] IDTVectoring: info=00000000 errcode=00000000 [ 475.977216] TSC Offset = 0xfffffeff3cd44e7f [ 475.981619] EPT pointer = 0x0000000182a8801e 10:23:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000002060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:23:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x10000000000000}}) 10:23:38 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) socket$inet6(0xa, 0x807, 0x5) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r3, 0x300, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xc0f0}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3482}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xb292}]}, 0x68}, 0x1, 0x0, 0x0, 0x8004}, 0x11) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) r4 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r4, 0x28, 0x2, &(0x7f0000000200)=0x9, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000a060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 476.341395] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 476.373396] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x870}}) 10:23:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0xd59f80}}) [ 476.474489] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) 10:23:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:23:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000051060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x10}}) 10:23:38 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000010000501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:38 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff]}) 10:23:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCGETNODEID(r3, 0x89e1, &(0x7f0000000080)={0x2}) 10:23:38 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x100000}}) 10:23:38 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:38 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008000000000000}}) [ 477.220033] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:39 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x2000000}}) 10:23:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) [ 477.285744] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000f000501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff]}) 10:23:39 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x809fd500}}) 10:23:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff}}) 10:23:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0xd, 0x0, 0x0, 0x0) geteuid() ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000080)={[0x0, 0x6002, 0x104000, 0x6000], 0x2, 0x1, 0x3}) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="88d18016fdff25"], 0x1}}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x800, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000340)={0x20, 0x1, 0x0, 0x4, 0x9}, 0xc) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x40000, 0x0) r5 = syz_open_dev$admmidi(&(0x7f0000000200)='/dev/admmidi#\x00', 0x40, 0x224000) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r4, 0x6, 0x1d, r5}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0x1, 0x0, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0x4, 0x0, 0x7d, 0x0, 0x5, 0x0, 0x96}, @cstype0={0x4, 0xf}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = accept4$alg(r5, 0x0, 0x0, 0x80800) setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000100)={0x0, 0x8}, 0x8) 10:23:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7]}) 10:23:39 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x7008}}) 10:23:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000009060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008}}) 10:23:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) 10:23:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="882d116931cb09fbd388f06e820c57a92c8bb0981900000000ffffffff65431ffef82eb57a66b45c60e0d633cd60dd70a2692aa688644351c50d77604a2d0d2008b84a86ef3dc09b2ec1be7c1aea6388a05c00dcada146307e0893addfa196cd594bd57802fb6871f58fcbaadfe1a4f71a49439c080ded4be65a3d32130b1887bf699c2615769e2a3738283c350cb3484e669a3d065631318f1d4a8afc96e978979e435f18a6bce5596caa94a462b8aa944e684fe36bacc242d9121faabf195d43e0"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:39 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) [ 478.118663] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:39 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}) 10:23:39 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}) 10:23:39 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x2}}) [ 478.164018] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:39 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000063060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff]}) 10:23:40 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000e060501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}}) 10:23:40 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7]}) 10:23:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRESHEX], 0x2}}, 0xfffffffffffffffd) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000900)=ANY=[@ANYBLOB="0900000000000000070000000500000007000000010000000000000001000000030000000000000000000000000000000500000001000000030000000000008007000000c600000000000000000000000000000000000000000000000200000006000000fbffffff5700000003000000040000000000b923d1e900000000000000000000fc1c8737f00f0000c00300000000080000000000000000000000000000000d00000006000000060000001f000000809453000800000000080000000000000000080000010000000900000008000000040000000500000000000000000000000000000200000058000000af76656602000000000000000000000000000000060000000004000001000000090002000000090000000200000000000000000000020000000700000009000000a600000001000100000000000000aa9d4f2923d0a26ea702b8000000000000000000000000000000000000000000000000000000000000000000000000000000000000002ea5264e819b955d9668a017d2ed07bf95628b6411ddc12bcff83d4c0a6c065fc9d372233978a0f698e1826146c9f40331a3cc26cbab58af6bf1fcdb998faf4a5c2cd87b6f8d179e4ed9a60e1618fe189968cdaca084dce3bfcc0e64dda02ccc98c1a79e62511e11f5291da92597eba5bf4fb26a658003948e5c10145792d1ec230699b82386530b6ccb1cacb6c569a058bb1c6dcf8fdc0134ab810e778de2f85a98d6a943b071dfe5"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = dup2(r0, r0) r4 = mmap$binder(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x2, 0x80010, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0xc4, 0x0, &(0x7f0000000440)=[@exit_looper, @dead_binder_done={0x40086310, 0x4}, @free_buffer={0x40086303, r4}, @exit_looper, @release={0x40046306, 0x3}, @acquire={0x40046305, 0x2}, @transaction={0x40406300, {0x1, 0x0, 0x1, 0x0, 0x10, 0x0, 0x0, 0x40, 0x8, &(0x7f0000000100)=[@fd={0x66642a85, 0x0, r2, 0x0, 0x2}, @ptr={0x70742a85, 0x1, &(0x7f00000000c0), 0x1, 0x3, 0x22}], &(0x7f0000000140)=[0x48]}}, @register_looper, @reply_sg={0x40486312, {{0x2, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x20, &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x18, 0x40, 0x0]}, 0x7}}], 0xfb, 0x0, &(0x7f0000000540)="5813fadb7e93d590a9388475f7bf7cf3f5b19b007043c00369905ba7a3e81cad1b93e82f2a785125e4cba1496b49a8df1cac2ce76518b185a7fb01dd71c37d19586130b9caca1c902f171039d60a06dfe1c63f9025fa67f1a6b27679e108748eed215d199a36f2c604bcf718fe77d1ddef10af34ebd89dd96c14ec0e15926361a24e96ab1e7dfa9c18428d40e842b2d3250db40245f04e5c445a2f177b51484532d765af43720e7b0aa863d156e06094e102f69e09cf583989882e49c10bb28cd969601869a66ad2595bf073e45374a3db4d9f5b9c075e62ccfd82b2268d02d9ef65ad81977163cca242229725147201a06277b9f73ac5a74061b1"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) dup(r0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffff9c, 0xc010640b, &(0x7f0000000000)={0x0, 0x0, 0x6}) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r5, 0x7ffff, r6}) 10:23:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000000030b0501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:40 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x70080000}}) 10:23:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7]}) 10:23:40 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x870}}) 10:23:40 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x870}}) 10:23:40 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}) 10:23:40 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003050501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 479.017525] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:40 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}) 10:23:40 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x10000000000000}}) 10:23:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003510501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:41 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x809fd50000000000}}) 10:23:41 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff00000000}}) 10:23:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7]}) 10:23:41 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x1000000}}) 10:23:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003090501ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116e0ff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}}) 10:23:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:41 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060901ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 479.907682] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:41 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x2}}) 10:23:41 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 10:23:41 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) [ 480.031394] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:42 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:42 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x4000, 0x0) write$P9_RAUTH(r2, &(0x7f00000001c0)={0x14, 0x67, 0x1, {0x1, 0x3, 0x3}}, 0x14) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x101000, 0x0) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000140)) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r3, 0x40086425, &(0x7f00000000c0)={r4}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="882d31160af782121ad3be8b80764f6acf8a8721951e63eb85f15eeaaa83472e4f83375fe3de0934e1d1955ed500c7e6209b6abe994c20bea92d447c5f44cbb69ad7959260b130a9452ecf7fe8b2050736d283922df3db77cfd768433b50f7bf9cf9a94f386be9a4"], 0x1}}, 0x0) syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x80400) ioctl$VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000240)={0xfffffffffffffff9, 0xe, 0x4, 0x1000, {0x77359400}, {0x1, 0xc, 0x8, 0x6, 0x7, 0xff, "e609a325"}, 0x10000, 0x1, @planes=&(0x7f0000000200)={0xfe36, 0x7, @mem_offset=0x2, 0x1}, 0x4}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 10:23:42 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) 10:23:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}) 10:23:42 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060601ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 10:23:42 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003065101ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:42 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70080000}}) [ 480.773517] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:42 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x809fd500}}) [ 480.880764] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:42 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}) 10:23:42 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdffffff}}) 10:23:43 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008}}) 10:23:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:23:43 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd]}) 10:23:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000306050aff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:43 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x809fd50000000000}}) [ 481.619997] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7008000000000000}}) 10:23:43 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff]}) [ 481.664196] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. 10:23:43 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060511ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:43 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x100000}}) 10:23:43 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}) [ 481.835221] netlink: 'syz-executor3': attribute type 1 has an invalid length. 10:23:44 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={0xffff, {0x2, 0x4e23, @local}, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20, 0x9, 0x4, 0x5, 0xbb6, &(0x7f0000000000)='lo\x00', 0x6, 0xe000000000000000, 0xff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x3, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000040)=""/80, &(0x7f0000000140)=0x50) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="24000000260007101dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0adb7a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socket$inet6(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x2, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 10:23:44 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70080000}}) 10:23:44 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000080)={0x0, 0x0, [], @raw_data=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}) 10:23:44 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000000c0)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x1000000}}) 10:23:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060525ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) r3 = msgget(0x2, 0x500) r4 = geteuid() getgroups(0x1, &(0x7f0000000000)=[0xee01]) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000180)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000280)=0x0) r9 = getpgrp(0xffffffffffffffff) msgctl$IPC_SET(r3, 0x1, &(0x7f0000000380)={{0x3640, r4, r5, r6, r7, 0x86, 0x3f}, 0x10001, 0x6, 0x8, 0x6, 0x7fffffff, 0x5, r8, r9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 482.451632] divide error: 0000 [#1] PREEMPT SMP KASAN [ 482.457410] CPU: 1 PID: 23481 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #384 [ 482.464861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.474355] RIP: 0010:vivid_vid_cap_s_dv_timings+0x60e/0x11e0 [ 482.480385] Code: c6 84 c9 0f 95 c1 40 84 ce 0f 85 ce 0a 00 00 83 e0 07 38 c2 0f 9e c1 84 d2 0f 95 c0 84 c1 0f 85 b9 0a 00 00 48 8b 43 14 31 d2 <41> f7 f7 48 ba 00 00 00 00 00 fc ff df 4c 8d 7b 40 89 85 64 ff ff [ 482.484229] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. [ 482.499298] RSP: 0018:ffff8881b3657628 EFLAGS: 00010246 [ 482.499314] RAX: 0000000001000000 RBX: ffff8881c6e66b00 RCX: 0000000000000001 [ 482.499323] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881c6e66b14 [ 482.499333] RBP: ffff8881b36576e8 R08: 0000000000000001 R09: ffffed1039614024 [ 482.499341] R10: ffffed1039614024 R11: ffff8881cb0a0123 R12: ffff8881cb0a0080 [ 482.499350] R13: 1ffff110366caecc R14: 0000000000000000 R15: 0000000000000000 [ 482.499369] FS: 00007f5bb4358700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000 [ 482.499383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 482.534567] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.534947] CR2: 00000000004ccaf0 CR3: 0000000181a84000 CR4: 00000000001426e0 [ 482.554378] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.557692] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 482.557702] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 482.557720] Call Trace: [ 482.557740] ? v4l2_prio_close+0x60/0x60 [ 482.557760] ? vivid_vid_cap_s_std+0x230/0x230 [ 482.567984] kobject: 'loop3' (0000000025c1a137): kobject_uevent_env [ 482.569852] ? find_held_lock+0x36/0x1c0 [ 482.569876] vidioc_s_dv_timings+0xa4/0xc0 [ 482.584732] kobject: 'loop3' (0000000025c1a137): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 482.586139] v4l_stub_s_dv_timings+0x4f/0x60 [ 482.586157] __video_do_ioctl+0x8b1/0x1050 [ 482.586178] ? v4l_s_fmt+0x990/0x990 [ 482.586201] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 482.631634] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.636049] video_usercopy+0x5c1/0x1760 [ 482.636066] ? v4l_s_fmt+0x990/0x990 [ 482.636088] ? v4l_enumstd+0x70/0x70 [ 482.636106] ? rcu_softirq_qs+0x20/0x20 [ 482.640723] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.644729] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 482.644752] ? find_held_lock+0x36/0x1c0 [ 482.644774] ? __fget+0x4aa/0x740 [ 482.644790] ? lock_downgrade+0x900/0x900 [ 482.662643] kobject: 'loop0' (000000008509c39d): kobject_uevent_env [ 482.664286] ? check_preemption_disabled+0x48/0x280 [ 482.667998] kobject: 'loop0' (000000008509c39d): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 482.671702] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 482.671716] ? kasan_check_read+0x11/0x20 [ 482.671727] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 482.671744] ? rcu_softirq_qs+0x20/0x20 [ 482.694457] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.697832] ? __fget+0x4d1/0x740 [ 482.697855] ? ksys_dup3+0x680/0x680 [ 482.697874] ? __might_fault+0x12b/0x1e0 [ 482.697895] ? video_usercopy+0x1760/0x1760 [ 482.702384] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.708536] video_ioctl2+0x2c/0x33 [ 482.708553] v4l2_ioctl+0x154/0x1b0 [ 482.708568] ? video_devdata+0xa0/0xa0 [ 482.708586] do_vfs_ioctl+0x1de/0x1790 [ 482.708607] ? ioctl_preallocate+0x300/0x300 [ 482.781640] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.784367] ? __fget_light+0x2e9/0x430 [ 482.784384] ? fget_raw+0x20/0x20 [ 482.784399] ? _copy_to_user+0xc8/0x110 [ 482.784417] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 482.784434] ? put_timespec64+0x10f/0x1b0 [ 482.788544] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.792705] ? nsecs_to_jiffies+0x30/0x30 [ 482.792723] ? do_syscall_64+0x9a/0x820 [ 482.792737] ? do_syscall_64+0x9a/0x820 [ 482.792752] ? lockdep_hardirqs_on+0x421/0x5c0 [ 482.792770] ? security_file_ioctl+0x94/0xc0 10:23:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000000306050bff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) 10:23:44 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280)='nbd\x00') sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000440)={&(0x7f0000000240), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x38, r1, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000001}, 0x80) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) fsetxattr$security_evm(r4, &(0x7f0000000480)='security.evm\x00', &(0x7f00000004c0)=@ng={0x4, 0x10, "75a9e9cd0689513b217936941bc1cd"}, 0x11, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)={{{@in=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, &(0x7f0000000000)=0xe8) ioprio_set$uid(0x3, r5, 0x7fffffff) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x40, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r6, 0xc0485661, &(0x7f00000001c0)={0x2, 0x1, @start={0x401, 0x1}}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 482.792787] ksys_ioctl+0xa9/0xd0 [ 482.792805] __x64_sys_ioctl+0x73/0xb0 [ 482.855952] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.857634] do_syscall_64+0x1b9/0x820 [ 482.857653] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 482.857670] ? syscall_return_slowpath+0x5e0/0x5e0 [ 482.857682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.857699] ? trace_hardirqs_on_caller+0x310/0x310 [ 482.865863] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.867795] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 482.867812] ? prepare_exit_to_usermode+0x291/0x3b0 [ 482.867831] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.867850] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 482.867864] RIP: 0033:0x457669 [ 482.882304] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 482.882959] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 482.882974] RSP: 002b:00007f5bb4357c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:23:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000080)={0x1, 0x2, 0x6, 0x0, 0x0, [{r0, 0x0, 0x7}, {r0, 0x0, 0x4}, {r0}, {r0, 0x0, 0x4}, {r0, 0x0, 0x4}, {r0, 0x0, 0x9}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2c2, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="882d3116fdff25"], 0x1}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, &(0x7f0000000880)="b805000000b98b9400000f01c19a01000000b0000f43d1b8000000000f23d80f21f835800000900f23f80f060f2140b9800000c00f3235000800000f3066ba4300b8f1ffffffefb9800000c00f3235002000000f30c4c3295f4da400", 0x5c}], 0xc54, 0x0, &(0x7f00000002c0), 0x119) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 482.882989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 482.882998] RDX: 00000000200000c0 RSI: 00000000c0845657 RDI: 0000000000000003 [ 482.883014] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 482.888248] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 482.897014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5bb43586d4 [ 482.897022] R13: 00000000004c9f88 R14: 00000000004d3db0 R15: 00000000ffffffff [ 482.897038] Modules linked in: [ 482.910437] ---[ end trace 25a25c2eac680886 ]--- [ 482.940241] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 482.945959] RIP: 0010:vivid_vid_cap_s_dv_timings+0x60e/0x11e0 [ 482.945981] Code: c6 84 c9 0f 95 c1 40 84 ce 0f 85 ce 0a 00 00 83 e0 07 38 c2 0f 9e c1 84 d2 0f 95 c0 84 c1 0f 85 b9 0a 00 00 48 8b 43 14 31 d2 <41> f7 f7 48 ba 00 00 00 00 00 fc ff df 4c 8d 7b 40 89 85 64 ff ff [ 482.959864] kobject: 'loop0' (000000008509c39d): kobject_uevent_env [ 482.961437] RSP: 0018:ffff8881b3657628 EFLAGS: 00010246 [ 482.968372] kobject: 'loop0' (000000008509c39d): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 482.975651] RAX: 0000000001000000 RBX: ffff8881c6e66b00 RCX: 0000000000000001 [ 483.010272] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 483.023882] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881c6e66b14 [ 483.041230] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 483.046624] RBP: ffff8881b36576e8 R08: 0000000000000001 R09: ffffed1039614024 [ 483.057464] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 483.061188] R10: ffffed1039614024 R11: ffff8881cb0a0123 R12: ffff8881cb0a0080 [ 483.087264] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 483.091227] R13: 1ffff110366caecc R14: 0000000000000000 R15: 0000000000000000 [ 483.098606] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 483.105860] FS: 00007f5bb4358700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000 [ 483.127193] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env 10:23:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060513ff0488fffdffff2e0a0000000c000100060000007d5500010c000200000022ff02f10000"], 0x2c}}, 0x0) [ 483.136256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 483.156798] CR2: 0000000001ae5e80 CR3: 0000000181a84000 CR4: 00000000001426e0 [ 483.169562] kobject: 'loop3' (0000000025c1a137): kobject_uevent_env [ 483.176204] kobject: 'loop3' (0000000025c1a137): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 483.181998] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 483.186351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 483.209359] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 483.216821] netlink: 'syz-executor3': attribute type 1 has an invalid length. [ 483.225175] kobject: 'kvm' (00000000274d15fe): kobject_uevent_env [ 483.233087] kobject: 'kvm' (00000000274d15fe): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 483.234179] Kernel panic - not syncing: Fatal exception [ 483.248713] Kernel Offset: disabled [ 483.252351] Rebooting in 86400 seconds..