5197c292d36b23448e84273a022af4f68269f7f391ab619e2759f8bf4291328e6e7eaeb085a307b7ba868d54d88a984809edfbdad0c82a8469a49807d7243c867a36ea18e80b2c873e44601b68034767f68668f19f89395623a66610a80da374d8e008c31eff4cd4d0da4438136abfca5dd6831e5a21ea05b442bb68547899e238ede98126adb7cb785f4e8d9ef7b77c2963254e72f42bff29487225af23537905456c6c1ede99bf5543f340de82b0aeb33e703de267e244cd562b3b74337fd97899a45561aae2feeab858c115859b30c4a4eca4e564f2794746b258c680348a412b9f01cd931d78dadba720139d7fd019ccc5eb9ed2de729430ed3cd4457cf9e11c617436550be0c4ce3ad3928c603dc9a7688a2347499e9ca96ca0269de3eb4f4ce87a3c7330bca4d7e9fb8540ea39b6244a2a6ae74659da9128e6e56e83ae8b8521ab606684536d323df7049b1206bd535613307b04a0f9ca5a620fc1fba80b73003f465527e1a1a6f3573f812e7680645de0365b72fd3b6c4ab5fa18e45f2af205bc979a8bd872befea3052793ff43fd8ddd0512f4d611e7ef547baf84df5ce9ebedc76d952faad57058e971a98a73ec0dac702360f8eb471f4a3feb1ef619b15e7e12f3a65060f1377a501f8e4d2b5f0347084fa589a633c1219d9164c10ee8d0f152003db63771d8aa0e87357d4fffe38ed67b21ee9f5184aaa2c2fd86e28f8b3dfed49e9b932b4405be488ff87b357dc2ba2927973415e72cfbe1bca78192d8bedb55956d47db31860887e0c53380fa4eca86831afc0364a3e74eb64cd780f171efcd50da76929019d3bfd853b2a9480652a9efa895d4ef09d4d6e3639d7fe5297e54c0922421055d8c03b87d11036791eba7f44f3a9a6636e972109cf52e15e2833d122c84c8c023409261ee4d25cdd584c11ef47c0bc6d6c842ad0d352d1675e9329a321a71025757c3177b65c4db8a7701c3b8d510e518668ce5816b7caf2bacbcf730d2308033b5ffb67ccd9dcfb99ffdf85a931b598cf3ea02c73b14e129f5c01a1de9f4c05f19550d8e24333643e57eff66feaa9788ce61013ac3bb6c026c703b77329391622c5370b0c453cc6da4e0186cf2bf67b9393d210792208bdf6c9c28114f8dd6fcb19612804b6e36be22cdcfddb4f934f8063c1121f1d381c7e1e7fe5ef5a3247840661fd0189d6b9044cd3fe50a64cf655f4fb8ba6f141d7e5b5e8ab376cfa882963514ad0b060a0971c8f25c3b91c22cfa6fee08cafa7da4051b6499262495eb76d3abc6c13f597fcac997edbdadafa591c341ec736ed12e3c09158c27ba02ca72da486b618c4146f1edd293fd74d31219526c23ef650421df9ee2655fc9672599940366e6c85ce5871eba329c1de67a4b995fe16ed35967532bd56b1992bf5fb386e945c4c8f1e73ce9962c04d8483c0f9e3469771021feb07bada93c6e0380f977ec7426d067dc25cc6927bf51ddd14e4b498a6223d2df614b31795d2939b8d9c88b4d679568942f1225ce4510ae748d165721691c5f89be5f84074e8da4427f3bb96021d461584303d59eaf7a4ec63a3eed0260a3da6a64e269d3114f6a8daeee4833efedd6d8a883f5bfc85dfba46452dc963fe3c4e65e063639376d17cab3db352288c448472a8935609c8bc77c3a2d1f8246b3b1494d1aa40d804ec782656916f395bc7423d72bb1ab6116c3d6a1553ee5ea47b5c09ab180f7b503d16015d1d07d2657f7efc9d3ed1dffc5ff5097a931f894fbabe0239a4a3ffb5c40260dac88ac073ba9dd2972205276df6887a161941f73da3edb19d61cb09e0730a00026199a2e529a98ff743483ba22876a0ddff857f1d6fb14991cfd3c58408593d104c7172731dc72dc59a5c595b7b52ca2db8fc66148bf5d54492f0ec2066fc8ca9ba47c549f5f4507bec682b1e61572a481767c1c8dd6cdc87f7b073141dd7b1aabefb1552d117f4b7d4e5b937808a3cad0f6da547bcd4375d094444c9f5aad3b76d3280475a2e6b42de3ea336b661d07c5fc26f6098c292e29e72b04c00308e35afe3720b243f5168cffaf714fb326d11d238607b33ad08162de287a0a995a0bb60249ecf55027898d0ebb887730ccd003d99a78a3fbfd0a2d6c144194b176244370f338ee7b75a9ba8807ecaa02d2ea4e99fb1ad869e5e63eff470c78aada61e9cdf6abb52130c8eb691a25721949f26c4a090032737a37e1d9934c224721ff1045df1f4dbc8332544e99593fbad12d30e535ea8099309db2c5bf57541669b38c21548f532ffb47eb7634e70b437e66ff041b8c769e10c0b56702f1b5660fe991f59c4c846afb9a32a63a590f122bc6643651d4280c72ca7df7ac84cc30e16c561d5d6fbc0ffc559b9fda55fb14e7c392983d4463ff604538353277d7aee559c1251efa5762cf2d04c796a652873e46d05c5edbfb1da8d7806010fedbdd621519511373de8ce3537721a78676aefdade84c412db0dbaf2dbfc645299f42e3a70526625fc0eb2686408d099f0811eba444c6b7a6e937c88f4ec80856b42c673c00412fb78ffb411198e9605ed04f4c30a0cfb83d6176bce249e21f1ef7d32f1bc2ea7160f8223d4e25ffd9594c73dfcb3108dadbcb2de01e7c934af69a66c77eb5dcec71945ec2a2bd043b9fc0dbb8cb48ac952ece2e49d1639c153c17ab43a58099336e270f9e84f5382224782074eee2e8e67348980318976eff7bdea2e4308d7b5d83b19ae8cc70428c643af9d2bdfb1d7fa62f19644685a962e0c4c4de83670feddda4a9061e0cbae7188d495367cf3e41abd0252b4ea80cf9d883cda2e93682b28cec7a692626dbf389067fa8320cf3a58e412201b3e8bb6e47e023e973801050b7d0978fdd11aaf9b18fbd49a8a42b1c6cebea194f6d6b91caa211f546a37ce669e9de4e558ffd3a5809dbfe85608749e3f2607da3efc0646bf72b5a0332eabbad8d89ff49f0056b964ec4a333f55d62155bf52c6aba39406e0bc397223b2440c95640d79aa68480f4f96c501617b0f7c5db794401a10411b44a9b3da1983e574a50fff7353b7ec28756609eb0f0899a66e2a1467f5e8985446c99208533c108342fccca576731c73e36b0cf1416c366de1ce1379a91309ae17ba4ad5ede50acd3d62a614fbcba906d23432add87839c637bb46abc860eac9c7f9c33e45c6b8bc515cbc05df5e36609ebaf93061f8757da985e45e61dd35fc0bae8ecfe4f6a63619e3d789c52c311695bc8e67c0bbe55b4b630ddc7124422d16075160acec22574ceba171d170312e452e157c6a30157e18792b6ceb6a0fb16366cf017d673fb2870d5b3f4c59747da19f4d8434f73186c883db7be0f362e0ad8326ca95957bd2300827b6df8c4d84980f767dce8f2cb2a011fd02663afda342061a85157476887c01c8adcea0262e20396cbdd71517cb9c00ce140185a9cb95a867b609b61e992881fef6b7e37e2d2b74c64518e0e9cd3620fea47eab12862a5fe2e84f10335fa3cde84f49fcdcf5abc3370f50a737e7b0220fcc5ebd1f7a81967e9ab77bbf2c37219385ff4a93325bdf48a16cd43dfd45e19e358cbf45e45abcfe021817d0b0874812ab628aa379ab98ca5e81bcf10927b0283fd46b5a3d52d394b4e8bf89bf95ebd4fe982f95caf1bb4dce548106ef69af909c02a11db95b1f4cb8e48558e445cf0b8ddaaa9290296de9efc0b7c023c4a71899cb033de28fd03685854a02ae803181ac86909e8bdc822db10d575c3a80e1ad2e8d88a8e7b5a753d0a58cf5cb5094f755f239e08e40f1fe708d9a12b5ae73ec07a9d4f6d590d5d99fdc82dfe0a43bf55d24583f1ea7efeb971befd774588b48aaaa4bfa5ed954f6fa076ced7f3143aaa91cb6ba522cff6144635e8c8107480df25f9b0811af6f9d5093462bece7af9553743ad594d08b717d9351221d465b89996e87aeda0bfdd79bed7d6780ea028704a89933394f57be3f6e5e85b27e9ac1cbce6c38bb33f67eb8438c8a2e7bddc5140b8d722c7195817d3d2285c16adc879d6f82f96dc4b4e983951d4d684c25a56fea3901ac64545faeb15a03026a2a2d6d5b00969e3ea82ddee666fdda079c20edb5fc19c39f0e37f7317a955e119e0e02c0c8bdb4933de2ca9d3faea92632637e9eceb6fe05db23be00cb0b0e347bf1e2b001fb43e500037bd7cd4c99b309b328511e429874ee5a1e971e0998747fa7e6508748ec91deaa712c87b2177c70421836e7d0825e5fd2b589241f9d813e4600e40a59fc68378476c8d9d6f882dff5dca285c9384b1c1d7475ab01c7edb5c3a6d92e067b3d38418b23b1fa5a9f4542418cecb4ca4ec232e07cc74aada", 0x1000}, {&(0x7f0000001700)="5bfcb2f5d9932300d4f91ae298066da1bb89b61e47e7af5cf6f7b743a408b9a13d12af7f3b2f02048f8ec4ebce30e6276e7f2b5453d0d664657d30a8349da6b221f302d5c69625677c6821a8a5a8cd58ff7fe8a42370906af8bd770259a2fdc054900397ca733c320b6cb2a3b39e69", 0x6f}], 0x4, &(0x7f00000018c0)=[@dstaddrv4={0x18, 0x84, 0x7, @broadcast}, @sndinfo={0x20, 0x84, 0x2, {0x400, 0xc, 0x7, 0x10001, r3}}, @sndinfo={0x20, 0x84, 0x2, {0x3, 0x2, 0xffffffffffffffff, 0x0, r4}}], 0x58, 0x4000}, 0x40890) r5 = memfd_create(&(0x7f0000000540)='eth1nodev].^ppp1securityvmnet1vboxnet1\x00', 0x7) getsockopt$EBT_SO_GET_INIT_ENTRIES(r5, 0x0, 0x83, &(0x7f0000000440)={'nat\x00', 0x0, 0x3, 0xe8, [], 0x7, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000340)=""/232}, &(0x7f0000000280)=0x78) getsockopt$inet6_int(r5, 0x29, 0x77, &(0x7f0000000580), &(0x7f00000005c0)=0x4) 06:11:07 executing program 4 (fault-call:8 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 443.266385] FAULT_INJECTION: forcing a failure. [ 443.266385] name failslab, interval 1, probability 0, space 0, times 0 [ 443.278073] CPU: 1 PID: 10884 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 443.285047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 443.287819] Call Trace: [ 443.296044] dump_stack+0x32d/0x480 [ 443.296044] should_fail+0x11e5/0x13c0 [ 443.296044] __should_failslab+0x278/0x2a0 [ 443.296044] should_failslab+0x29/0x70 [ 443.309126] kmem_cache_alloc+0x146/0xe20 [ 443.309126] ? mmu_topup_memory_caches+0x109/0x880 [ 443.309126] mmu_topup_memory_caches+0x109/0x880 [ 443.309126] kvm_mmu_load+0xb5/0x34a0 [ 443.309126] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 443.309126] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 443.309126] ? kmsan_set_origin+0x83/0x130 [ 443.309126] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 443.309126] ? kstrtoull+0x6fe/0x7e0 [ 443.309126] ? kmsan_set_origin+0x83/0x130 [ 443.309126] ? __msan_poison_alloca+0x1e0/0x2b0 [ 443.309126] ? put_pid+0x71/0x410 [ 443.309126] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 443.309126] ? put_pid+0x330/0x410 [ 443.309126] ? get_task_pid+0x19d/0x290 [ 443.376723] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 443.376723] ? do_vfs_ioctl+0x187/0x2d30 [ 443.376723] ? kvm_vm_release+0x90/0x90 [ 443.376723] do_vfs_ioctl+0xf77/0x2d30 [ 443.376723] ? security_file_ioctl+0x92/0x200 [ 443.376723] __se_sys_ioctl+0x1da/0x270 [ 443.376723] __x64_sys_ioctl+0x4a/0x70 [ 443.376723] do_syscall_64+0xcf/0x110 [ 443.376723] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 443.376723] RIP: 0033:0x457569 [ 443.376723] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 443.376723] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 443.376723] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 443.376723] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:07 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="2f30edd0fa09361d0e"], &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='/dev/vhost-vsock\x00') ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000040)) truncate(&(0x7f0000000080)='./file0\x00', 0x101) [ 443.376723] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 443.376723] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 443.376723] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:07 executing program 2: unshare(0x8000000) r0 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x5}) lseek(r0, 0x0, 0x4) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x105000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000080)={{0x80000000, 0x4}, {0x80000000, 0x5}, 0x0, 0x2, 0x1}) 06:11:07 executing program 4 (fault-call:8 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 443.942386] FAULT_INJECTION: forcing a failure. [ 443.942386] name failslab, interval 1, probability 0, space 0, times 0 [ 443.953785] CPU: 0 PID: 10907 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 443.960766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 443.963667] Call Trace: [ 443.963667] dump_stack+0x32d/0x480 [ 443.963667] should_fail+0x11e5/0x13c0 [ 443.963667] __should_failslab+0x278/0x2a0 [ 443.963667] should_failslab+0x29/0x70 [ 443.963667] kmem_cache_alloc+0x146/0xe20 [ 443.963667] ? mmu_topup_memory_caches+0x109/0x880 [ 443.963667] mmu_topup_memory_caches+0x109/0x880 [ 444.000747] kvm_mmu_load+0xb5/0x34a0 [ 444.000747] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 444.011783] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 444.014533] ? kmsan_set_origin+0x83/0x130 [ 444.014533] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 444.014533] ? kstrtoull+0x6fe/0x7e0 [ 444.014533] ? kmsan_set_origin+0x83/0x130 [ 444.014533] ? __msan_poison_alloca+0x1e0/0x2b0 [ 444.014533] ? put_pid+0x71/0x410 [ 444.014533] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 444.014533] ? put_pid+0x330/0x410 [ 444.014533] ? get_task_pid+0x19d/0x290 [ 444.014533] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 444.014533] ? do_vfs_ioctl+0x187/0x2d30 [ 444.014533] ? kvm_vm_release+0x90/0x90 [ 444.014533] do_vfs_ioctl+0xf77/0x2d30 [ 444.014533] ? security_file_ioctl+0x92/0x200 [ 444.014533] __se_sys_ioctl+0x1da/0x270 [ 444.014533] __x64_sys_ioctl+0x4a/0x70 [ 444.081749] do_syscall_64+0xcf/0x110 [ 444.081749] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 444.081749] RIP: 0033:0x457569 [ 444.081749] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 444.081749] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 444.081749] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 444.081749] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 444.081749] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 444.081749] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 444.151754] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:10 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x0, 0x5) r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x6000000000, 0x2) ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000180)={0x1, 0x7f, {0x80, 0x6, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7}}) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = getpid() r3 = syz_open_procfs(r2, &(0x7f00000003c0)='task\x00') r4 = msgget(0x0, 0xc) fsync(r1) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000140)=0x0, &(0x7f0000000280), &(0x7f00000002c0)) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000400)={{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000300)=0xe8) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fanotify_mark(r1, 0x30, 0x0, r3, &(0x7f00000006c0)='./file0\x00') msgctl$IPC_SET(r4, 0x1, &(0x7f0000000580)={{0x9, r5, r6, r7, r8, 0x1, 0x2}, 0x10001, 0x100000001, 0x2, 0x8, 0x8, 0x2, r2, r2}) execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000680)=[&(0x7f0000000380)='/dev/adsp#\x00', &(0x7f0000000600)='task\x00', &(0x7f0000000640)='\x00'], 0x0) 06:11:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000001c0)="153f6234488dd25d766070") r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0) getgroups(0x1, &(0x7f0000000480)=[0xee01]) mount$fuseblk(&(0x7f0000000200)='/dev/loop0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='fuseblk\x00', 0x0, &(0x7f00000004c0)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}, {@allow_other='allow_other'}]}}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x22101, 0x0) mknodat(r2, &(0x7f0000000100)='./file0\x00', 0x8000, 0x0) mbind(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x45, 0x2) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x0, 0x20a002) write$binfmt_misc(r1, &(0x7f0000000440)={'syz1'}, 0x12000) 06:11:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:10 executing program 4 (fault-call:8 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 446.860574] FAULT_INJECTION: forcing a failure. [ 446.860574] name failslab, interval 1, probability 0, space 0, times 0 [ 446.872214] CPU: 0 PID: 10922 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 446.879183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 446.882039] Call Trace: [ 446.882039] dump_stack+0x32d/0x480 [ 446.882039] should_fail+0x11e5/0x13c0 [ 446.882039] __should_failslab+0x278/0x2a0 [ 446.882039] should_failslab+0x29/0x70 [ 446.882039] kmem_cache_alloc+0x146/0xe20 [ 446.882039] ? mmu_topup_memory_caches+0x109/0x880 [ 446.882039] mmu_topup_memory_caches+0x109/0x880 [ 446.882039] kvm_mmu_load+0xb5/0x34a0 [ 446.882039] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 446.882039] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 446.882039] ? kmsan_set_origin+0x83/0x130 [ 446.882039] ? kmsan_set_origin+0x83/0x130 [ 446.882039] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 446.882039] ? kstrtoull+0x6fe/0x7e0 [ 446.882039] ? kmsan_set_origin+0x83/0x130 [ 446.882039] ? __msan_poison_alloca+0x1e0/0x2b0 [ 446.882039] ? put_pid+0x71/0x410 [ 446.882039] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 446.882039] ? put_pid+0x330/0x410 [ 446.882039] ? get_task_pid+0x19d/0x290 [ 446.882039] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 446.882039] ? do_vfs_ioctl+0x187/0x2d30 [ 446.882039] ? kvm_vm_release+0x90/0x90 [ 446.882039] do_vfs_ioctl+0xf77/0x2d30 [ 446.882039] ? security_file_ioctl+0x92/0x200 [ 446.882039] __se_sys_ioctl+0x1da/0x270 [ 446.882039] __x64_sys_ioctl+0x4a/0x70 [ 446.882039] do_syscall_64+0xcf/0x110 [ 446.882039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.882039] RIP: 0033:0x457569 [ 446.882039] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 446.882039] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 446.882039] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 446.882039] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 446.882039] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 446.882039] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 446.882039] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000001c0)="153f6234488dd25d766070") r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0) getgroups(0x1, &(0x7f0000000480)=[0xee01]) mount$fuseblk(&(0x7f0000000200)='/dev/loop0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='fuseblk\x00', 0x0, &(0x7f00000004c0)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}, {@allow_other='allow_other'}]}}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x22101, 0x0) mknodat(r2, &(0x7f0000000100)='./file0\x00', 0x8000, 0x0) mbind(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x45, 0x2) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x0, 0x20a002) write$binfmt_misc(r1, &(0x7f0000000440)={'syz1'}, 0x12000) 06:11:11 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000004d80)="a400040000428020000200") r1 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) process_vm_readv(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/148, 0x94}, {&(0x7f0000000180)=""/100, 0x64}, {&(0x7f0000000300)=""/238, 0xee}, {&(0x7f0000000400)=""/213, 0xd5}, {&(0x7f0000000200)=""/37, 0x25}], 0x5, &(0x7f0000002700)=[{&(0x7f0000000500)=""/198, 0xc6}, {&(0x7f0000000600)=""/36, 0x24}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/179, 0xb3}, {&(0x7f0000001700)=""/4096, 0x1000}], 0x5, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000002780)='/dev/audio\x00', 0x100, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000027c0)={{0x2000, 0x5000, 0x4, 0x0, 0x4, 0x2, 0x5, 0x8, 0xffffffffffffff81, 0x4, 0x6, 0x100000001}, {0x4000, 0x0, 0x4, 0x3f, 0x5, 0xffffffff, 0x2, 0x6, 0xffff, 0x2, 0x4, 0xf5f5}, {0xf000, 0x10004, 0xd, 0xbe, 0x1, 0x80000001, 0x34, 0x7, 0x5, 0x80000000, 0x800, 0x100000000}, {0x110000, 0x2000, 0xf, 0x2, 0x9, 0x8, 0x7cd, 0x0, 0x4, 0xa7, 0x6, 0x9f2c}, {0x1000, 0xd000, 0xdafea829922694ec, 0x2, 0x4, 0x100000000, 0x7, 0x8, 0x5, 0xfffffffffffffffe, 0x5d, 0x2}, {0x0, 0x3001, 0x9, 0x8, 0x3f, 0x7, 0x1000, 0x636b6a29, 0x80000000, 0x7f92, 0xffffffffffffff00}, {0x7000, 0x6, 0xc, 0x2, 0x400, 0x8001, 0x5, 0x0, 0xbe0, 0x80, 0x1b98, 0x1}, {0x2, 0x1, 0x8, 0x81, 0x5, 0x2, 0x81, 0x8001, 0x1fff7adb, 0xfffffffffffffffc, 0x1000, 0x101}, {0x102000}, {0x13000, 0xf000}, 0x20000000, 0x0, 0x2, 0x2000, 0xd, 0x400, 0x1, [0x149, 0x3f, 0x5, 0x3]}) socket$inet6_udplite(0xa, 0x2, 0x88) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x40000, 0x0) 06:11:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:11 executing program 4 (fault-call:8 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 447.853645] FAULT_INJECTION: forcing a failure. [ 447.853645] name failslab, interval 1, probability 0, space 0, times 0 [ 447.865563] CPU: 1 PID: 10962 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 447.872567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.881802] Call Trace: [ 447.881802] dump_stack+0x32d/0x480 [ 447.881802] should_fail+0x11e5/0x13c0 [ 447.881802] __should_failslab+0x278/0x2a0 [ 447.881802] should_failslab+0x29/0x70 [ 447.881802] kmem_cache_alloc+0x146/0xe20 [ 447.881802] ? mmu_topup_memory_caches+0x109/0x880 [ 447.881802] mmu_topup_memory_caches+0x109/0x880 [ 447.881802] kvm_mmu_load+0xb5/0x34a0 [ 447.881802] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 447.881802] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 447.881802] ? kmsan_set_origin+0x83/0x130 [ 447.881802] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 447.881802] ? kstrtoull+0x6fe/0x7e0 [ 447.881802] ? kmsan_set_origin+0x83/0x130 [ 447.881802] ? __msan_poison_alloca+0x1e0/0x2b0 [ 447.881802] ? put_pid+0x71/0x410 [ 447.881802] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 447.881802] ? put_pid+0x330/0x410 [ 447.881802] ? get_task_pid+0x19d/0x290 [ 447.881802] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 447.881802] ? do_vfs_ioctl+0x187/0x2d30 [ 447.881802] ? kvm_vm_release+0x90/0x90 [ 447.881802] do_vfs_ioctl+0xf77/0x2d30 [ 447.881802] ? security_file_ioctl+0x92/0x200 [ 447.881802] __se_sys_ioctl+0x1da/0x270 [ 447.881802] __x64_sys_ioctl+0x4a/0x70 [ 447.881802] do_syscall_64+0xcf/0x110 [ 447.881802] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.881802] RIP: 0033:0x457569 [ 447.881802] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 447.881802] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 447.881802] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 447.881802] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 447.881802] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 447.881802] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 447.881802] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:14 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x7, 0x400001) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f0000000180)={0x0, 0x0, {0x2f, 0xc, 0xf, 0x17, 0xb, 0x8, 0x2, 0x120}}) pwrite64(r0, &(0x7f0000000280)="4d705c769714fde4d723f3f604f6cac2a337e1c9ee6c202c790720ab991e3dbd5773f6666fb56ce74468034f533a4fb427963db9e6987184b714b937a7b546287862312f9268d2cadbb64a32bf81662e8d8aeec667f2b7a1c814438fea9bed23f8ac52f9816c7d93857087b9afd06c55273ccbc391d95f28de31b6735923ed1065d6af98a85ab044a4bb287f25f7033413b76d128eea3155163dbe609aca196d3651e890f1943e579f203b007df5774875ed250df79c2e718c", 0xb9, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[], 0xffffffe8) lsetxattr$security_ima(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='security.ima\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="8fc46f2b28373c44d6ca708d7f121e1dd6db4eb0c980936d0b9808fe514c1b2c78d3acbd30a3e7a2597effdd37663030bbaa38889756f75672db76184350"], 0x1, 0x2) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:11:14 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x100000a, &(0x7f0000000000)=0x1, 0x4717716b) 06:11:14 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x400, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x8, 0x0) getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)=0x0) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000000c0)=r2) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x148, r3, 0x204, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x1c}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [], @remote}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip_vti0\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x100000001}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'gretap0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x81}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x100000000}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2d}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x4040801}, 0x4045) 06:11:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:14 executing program 4 (fault-call:8 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 450.921907] FAULT_INJECTION: forcing a failure. [ 450.921907] name failslab, interval 1, probability 0, space 0, times 0 [ 450.933330] CPU: 0 PID: 10979 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 450.940310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 450.947459] Call Trace: [ 450.947459] dump_stack+0x32d/0x480 [ 450.947459] should_fail+0x11e5/0x13c0 [ 450.947459] __should_failslab+0x278/0x2a0 [ 450.947459] should_failslab+0x29/0x70 [ 450.947459] kmem_cache_alloc+0x146/0xe20 [ 450.947459] ? mmu_topup_memory_caches+0x109/0x880 [ 450.947459] mmu_topup_memory_caches+0x109/0x880 [ 450.947459] kvm_mmu_load+0xb5/0x34a0 [ 450.947459] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 450.947459] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 450.947459] ? kmsan_set_origin+0x83/0x130 [ 450.947459] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 450.947459] ? kstrtoull+0x6fe/0x7e0 [ 450.947459] ? kmsan_set_origin+0x83/0x130 [ 450.947459] ? __msan_poison_alloca+0x1e0/0x2b0 [ 450.947459] ? put_pid+0x71/0x410 [ 450.947459] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 450.947459] ? put_pid+0x330/0x410 [ 450.947459] ? get_task_pid+0x19d/0x290 [ 450.947459] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 450.947459] ? do_vfs_ioctl+0x187/0x2d30 [ 450.947459] ? kvm_vm_release+0x90/0x90 [ 450.947459] do_vfs_ioctl+0xf77/0x2d30 [ 450.947459] ? security_file_ioctl+0x92/0x200 [ 450.947459] __se_sys_ioctl+0x1da/0x270 [ 450.947459] __x64_sys_ioctl+0x4a/0x70 [ 450.947459] do_syscall_64+0xcf/0x110 06:11:15 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x0, 0x8de7d8f023d06bd7}, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x0, 0x8de7d8f023d06bd7}, 0x4) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x84e23, @multicast1}, 0x10) sendto$inet(r2, &(0x7f00000002c0), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffe4e, 0x0, &(0x7f00000000c0), 0x6) recvmmsg(r1, &(0x7f0000001cc0)=[{{&(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000280)=""/254, 0xfe}}], 0x1, 0x0, &(0x7f0000001e00)) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x2000, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x98) [ 450.947459] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.947459] RIP: 0033:0x457569 [ 450.947459] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 450.947459] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 450.947459] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 450.947459] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 450.947459] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 450.947459] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 450.947459] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 [ 451.332635] not chained 40000 origins [ 451.336481] CPU: 0 PID: 10995 Comm: syz-executor2 Not tainted 4.19.0+ #77 [ 451.341636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 451.341636] Call Trace: [ 451.341636] dump_stack+0x32d/0x480 [ 451.341636] ? save_stack_trace+0xc6/0x110 [ 451.341636] kmsan_internal_chain_origin+0x222/0x240 [ 451.341636] ? skb_copy+0x56c/0xbc0 [ 451.341636] ? inet_sendmsg+0x4e9/0x800 [ 451.341636] ? __sys_sendto+0x97b/0xb80 06:11:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 451.341636] ? __se_sys_sendto+0x107/0x130 [ 451.341636] ? __x64_sys_sendto+0x6e/0x90 [ 451.341636] ? do_syscall_64+0xcf/0x110 [ 451.391683] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.391683] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.391683] ? __msan_chain_origin+0x6d/0xd0 [ 451.391683] ? __save_stack_trace+0x8be/0xc60 [ 451.391683] ? save_stack_trace+0xc6/0x110 [ 451.391683] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.391683] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 451.391683] ? __msan_memcpy+0x6f/0x80 06:11:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 451.391683] ? skb_copy_bits+0x1d2/0xc90 [ 451.391683] ? skb_copy+0x56c/0xbc0 [ 451.437529] ? tcp_send_synack+0x7a3/0x18f0 [ 451.437529] ? tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] ? tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] ? __release_sock+0x32d/0x760 [ 451.437529] ? release_sock+0x99/0x2a0 [ 451.437529] ? tcp_sendmsg+0xd6/0x100 [ 451.437529] ? inet_sendmsg+0x4e9/0x800 [ 451.437529] ? __sys_sendto+0x97b/0xb80 [ 451.437529] ? __se_sys_sendto+0x107/0x130 [ 451.437529] ? __x64_sys_sendto+0x6e/0x90 [ 451.437529] ? do_syscall_64+0xcf/0x110 [ 451.437529] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] ? is_bpf_text_address+0x49e/0x4d0 [ 451.437529] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 451.437529] ? __module_address+0x6a/0x610 [ 451.437529] ? get_stack_info+0x863/0x9d0 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] ? do_syscall_64+0xcf/0x110 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] ? do_syscall_64+0xcf/0x110 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] ? __msan_memcpy+0x6f/0x80 [ 451.437529] ? skb_copy_bits+0x1d2/0xc90 [ 451.437529] ? skb_copy+0x56c/0xbc0 [ 451.437529] ? tcp_send_synack+0x7a3/0x18f0 [ 451.437529] ? tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] ? tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] ? __release_sock+0x32d/0x760 [ 451.437529] ? release_sock+0x99/0x2a0 [ 451.437529] ? tcp_sendmsg+0xd6/0x100 [ 451.437529] ? inet_sendmsg+0x4e9/0x800 [ 451.437529] ? __sys_sendto+0x97b/0xb80 [ 451.437529] ? __se_sys_sendto+0x107/0x130 [ 451.437529] ? __x64_sys_sendto+0x6e/0x90 [ 451.437529] ? do_syscall_64+0xcf/0x110 [ 451.437529] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 451.437529] ? memcg_kmem_put_cache+0x8e/0x460 [ 451.437529] ? __msan_get_context_state+0x9/0x30 [ 451.437529] ? INIT_INT+0xc/0x30 [ 451.437529] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 451.437529] ? __msan_get_context_state+0x9/0x30 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] ? tcp_sendmsg_locked+0x58e9/0x6c30 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] ? inet_sk_rx_dst_set+0x200/0x200 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 451.437529] ? security_socket_sendmsg+0x1bd/0x200 [ 451.437529] ? inet_getname+0x490/0x490 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] ? syscall_return_slowpath+0x123/0x8c0 [ 451.437529] ? put_timespec64+0x162/0x220 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] RIP: 0033:0x457569 [ 451.437529] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 451.437529] RSP: 002b:00007f3a10606c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 451.437529] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 451.437529] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005 [ 451.437529] RBP: 000000000072bf00 R08: 0000000020e68000 R09: 0000000000000010 [ 451.437529] R10: 00000000200007fe R11: 0000000000000246 R12: 00007f3a106076d4 [ 451.437529] R13: 00000000004c3b86 R14: 00000000004d5cc8 R15: 00000000ffffffff [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Uninit was stored to memory at: [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] __msan_chain_origin+0x6d/0xd0 [ 451.437529] __save_stack_trace+0x8be/0xc60 [ 451.437529] save_stack_trace+0xc6/0x110 [ 451.437529] kmsan_internal_chain_origin+0x136/0x240 [ 451.437529] kmsan_memcpy_origins+0x13d/0x1b0 [ 451.437529] __msan_memcpy+0x6f/0x80 [ 451.437529] skb_copy_bits+0x1d2/0xc90 [ 451.437529] skb_copy+0x56c/0xbc0 [ 451.437529] tcp_send_synack+0x7a3/0x18f0 [ 451.437529] tcp_rcv_state_process+0x29b5/0x6e50 [ 451.437529] tcp_v4_do_rcv+0xb25/0xd80 [ 451.437529] __release_sock+0x32d/0x760 [ 451.437529] release_sock+0x99/0x2a0 [ 451.437529] tcp_sendmsg+0xd6/0x100 [ 451.437529] inet_sendmsg+0x4e9/0x800 06:11:16 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006800)=[{{&(0x7f0000000200)=@l2, 0x80, &(0x7f0000002440)=[{&(0x7f0000000280)=""/65, 0x41}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/128, 0x80}, {&(0x7f0000001380)=""/137, 0x89}, {&(0x7f0000001440)=""/4096, 0x1000}], 0x5, &(0x7f0000000180)=""/5, 0x5, 0x100000000}, 0xffffffffffffff81}, {{&(0x7f00000024c0)=@l2, 0x80, &(0x7f00000047c0)=[{&(0x7f0000002540)=""/131, 0x83}, {&(0x7f0000002600)=""/82, 0x52}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/230, 0xe6}, {&(0x7f0000003780)=""/4096, 0x1000}, {&(0x7f0000004780)=""/33, 0x21}], 0x6, 0x0, 0x0, 0x7f}, 0x7}, {{0x0, 0x0, &(0x7f0000004a40)=[{&(0x7f0000004840)=""/76, 0x4c}, {&(0x7f00000048c0)=""/146, 0x92}, {&(0x7f0000004980)=""/181, 0xb5}], 0x3, &(0x7f0000004a80)=""/28, 0x1c, 0x77b}, 0x1ff}, {{&(0x7f0000004ac0)=@vsock, 0x80, &(0x7f0000004c00)=[{&(0x7f0000004b40)=""/138, 0x8a}], 0x1, 0x0, 0x0, 0x6}, 0x3}, {{&(0x7f0000004c40)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000004e40)=[{&(0x7f0000004cc0)=""/160, 0xa0}, {&(0x7f0000004d80)=""/129, 0x81}], 0x2, &(0x7f0000004e80)=""/31, 0x1f, 0x1}, 0x1}, {{&(0x7f0000004ec0)=@xdp, 0x80, &(0x7f0000006300)=[{&(0x7f0000004f40)=""/201, 0xc9}, {&(0x7f0000005040)=""/218, 0xda}, {&(0x7f0000005140)=""/224, 0xe0}, {&(0x7f0000005240)=""/4096, 0x1000}, {&(0x7f0000006240)=""/29, 0x1d}, {&(0x7f0000006280)=""/125, 0x7d}], 0x6, &(0x7f0000006380)=""/90, 0x5a, 0x80000000}, 0xad2d00000000}, {{&(0x7f0000006400)=@hci, 0x80, &(0x7f0000006740)=[{&(0x7f0000006480)=""/162, 0xa2}, {&(0x7f0000006540)=""/210, 0xd2}, {&(0x7f0000006640)=""/25, 0x19}, {&(0x7f0000006680)}, {&(0x7f00000066c0)=""/70, 0x46}], 0x5, &(0x7f00000067c0)=""/23, 0x17}, 0x1f}], 0x7, 0x40, &(0x7f00000069c0)) r1 = dup(r0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000006680)={0x0, 0x7, 0x51c6, 0x8, 0x9, 0x1, 0x6, 0x2cd, 0x2, 0x80000000}) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000006a00)={0x0, 0xffffffffffffffff}, &(0x7f0000006a40)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000006a80)=@assoc_value={r2, 0x6}, 0x8) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="35641fbe000000000704244c"], &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='msdos\x00', 0x800000000, 0x0) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) write$vnet(r1, &(0x7f0000006c80)={0x1, {&(0x7f0000006b00)=""/93, 0x5d, &(0x7f0000006b80)=""/241, 0x3, 0x3}}, 0x68) r4 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x3, 0x208080) ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f00000000c0)={0x7, 0x4}) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000006ac0)={0x0, 0x2, 0x6, 0x1, 0x81}) [ 451.437529] __sys_sendto+0x97b/0xb80 [ 451.437529] __se_sys_sendto+0x107/0x130 [ 451.437529] __x64_sys_sendto+0x6e/0x90 [ 451.437529] do_syscall_64+0xcf/0x110 [ 451.437529] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.437529] [ 451.437529] Local variable description: ----v.addr.i.i.i.i.i.i@try_charge [ 451.437529] Variable was created at: [ 451.437529] try_charge+0x1ee/0x4110 [ 451.437529] mem_cgroup_charge_skmem+0x1af/0x380 06:11:16 executing program 4 (fault-call:8 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 452.704855] FAULT_INJECTION: forcing a failure. [ 452.704855] name failslab, interval 1, probability 0, space 0, times 0 [ 452.716396] CPU: 0 PID: 11015 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 452.723373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 452.726213] Call Trace: [ 452.726213] dump_stack+0x32d/0x480 [ 452.726213] should_fail+0x11e5/0x13c0 [ 452.726213] __should_failslab+0x278/0x2a0 [ 452.726213] should_failslab+0x29/0x70 [ 452.726213] kmem_cache_alloc+0x146/0xe20 [ 452.726213] ? mmu_topup_memory_caches+0x109/0x880 [ 452.726213] mmu_topup_memory_caches+0x109/0x880 [ 452.726213] kvm_mmu_load+0xb5/0x34a0 [ 452.726213] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 452.726213] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 452.726213] ? kmsan_set_origin+0x83/0x130 [ 452.726213] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 452.726213] ? kstrtoull+0x6fe/0x7e0 [ 452.726213] ? kmsan_set_origin+0x83/0x130 [ 452.726213] ? __msan_poison_alloca+0x1e0/0x2b0 [ 452.726213] ? put_pid+0x71/0x410 [ 452.726213] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 452.726213] ? put_pid+0x330/0x410 [ 452.726213] ? get_task_pid+0x19d/0x290 [ 452.726213] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 452.726213] ? do_vfs_ioctl+0x187/0x2d30 [ 452.726213] ? kvm_vm_release+0x90/0x90 [ 452.726213] do_vfs_ioctl+0xf77/0x2d30 [ 452.726213] ? security_file_ioctl+0x92/0x200 [ 452.726213] __se_sys_ioctl+0x1da/0x270 [ 452.726213] __x64_sys_ioctl+0x4a/0x70 [ 452.726213] do_syscall_64+0xcf/0x110 [ 452.726213] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.726213] RIP: 0033:0x457569 [ 452.726213] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 452.726213] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.726213] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 452.726213] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 452.726213] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 452.726213] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 452.726213] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:17 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x5, 0x0) ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0x0, 0x0, 0x300b}}) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x3, 0x200000) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=0x0) ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000280)) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00000002c0)={0x1}) ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000180)={0x4, 0x401, r2, 0x7ff, r3, 0x80000, 0x1, 0xfffffffffffff801}) ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f00000001c0)={0x3, 0x7f}) 06:11:19 executing program 3 (fault-call:8 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:19 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) ioctl$EVIOCGID(r1, 0x80084502, &(0x7f0000000180)=""/178) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)=0x0) getpgrp(r2) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:19 executing program 0: unshare(0x24020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr/fscreate\x00') lseek(r0, 0x0, 0x3) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) readahead(r0, 0x5, 0x6) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000000)=0x1, 0x4) 06:11:19 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x0, 0x1) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000000c0)={@dev}, &(0x7f0000000100)=0x14) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4004af61, &(0x7f0000000080)) 06:11:19 executing program 4 (fault-call:8 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 455.839270] FAULT_INJECTION: forcing a failure. [ 455.839270] name failslab, interval 1, probability 0, space 0, times 0 [ 455.850883] CPU: 0 PID: 11041 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 455.857854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.867219] Call Trace: [ 455.867219] dump_stack+0x32d/0x480 [ 455.867219] should_fail+0x11e5/0x13c0 [ 455.867219] __should_failslab+0x278/0x2a0 [ 455.867219] should_failslab+0x29/0x70 [ 455.867219] kmem_cache_alloc+0x146/0xe20 [ 455.867219] ? mmu_topup_memory_caches+0x109/0x880 [ 455.867219] mmu_topup_memory_caches+0x109/0x880 [ 455.867219] kvm_mmu_load+0xb5/0x34a0 [ 455.867219] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 455.905280] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 455.905280] ? kmsan_set_origin+0x83/0x130 [ 455.905280] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 455.905280] ? kstrtoull+0x6fe/0x7e0 [ 455.925455] ? kmsan_set_origin+0x83/0x130 [ 455.925455] ? __msan_poison_alloca+0x1e0/0x2b0 [ 455.925455] ? put_pid+0x71/0x410 [ 455.925455] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 455.925455] ? put_pid+0x330/0x410 [ 455.925455] ? get_task_pid+0x19d/0x290 [ 455.925455] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 455.925455] ? do_vfs_ioctl+0x187/0x2d30 [ 455.925455] ? kvm_vm_release+0x90/0x90 [ 455.925455] do_vfs_ioctl+0xf77/0x2d30 [ 455.925455] ? security_file_ioctl+0x92/0x200 [ 455.925455] __se_sys_ioctl+0x1da/0x270 [ 455.925455] __x64_sys_ioctl+0x4a/0x70 [ 455.925455] do_syscall_64+0xcf/0x110 [ 455.925455] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.925455] RIP: 0033:0x457569 [ 455.925455] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.003945] FAULT_INJECTION: forcing a failure. [ 456.003945] name failslab, interval 1, probability 0, space 0, times 0 [ 455.925455] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 455.925455] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 455.925455] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 455.925455] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 455.925455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 455.925455] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 [ 456.070465] CPU: 1 PID: 11050 Comm: syz-executor3 Not tainted 4.19.0+ #77 [ 456.073050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 456.080467] Call Trace: [ 456.080467] dump_stack+0x32d/0x480 [ 456.080467] should_fail+0x11e5/0x13c0 [ 456.080467] __should_failslab+0x278/0x2a0 [ 456.080467] should_failslab+0x29/0x70 [ 456.080467] kmem_cache_alloc+0x146/0xe20 [ 456.080467] ? mmu_topup_memory_caches+0x109/0x880 [ 456.080467] mmu_topup_memory_caches+0x109/0x880 [ 456.117129] kvm_mmu_load+0xb5/0x34a0 [ 456.117129] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 456.117129] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 456.117129] ? kmsan_set_origin+0x83/0x130 [ 456.117129] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 456.117129] ? kstrtoull+0x6fe/0x7e0 [ 456.117129] ? kmsan_set_origin+0x83/0x130 [ 456.117129] ? __msan_poison_alloca+0x1e0/0x2b0 [ 456.117129] ? put_pid+0x71/0x410 [ 456.117129] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 456.117129] ? put_pid+0x330/0x410 [ 456.117129] ? get_task_pid+0x19d/0x290 [ 456.117129] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 456.117129] ? do_vfs_ioctl+0x187/0x2d30 [ 456.117129] ? kvm_vm_release+0x90/0x90 [ 456.117129] do_vfs_ioctl+0xf77/0x2d30 [ 456.117129] ? security_file_ioctl+0x92/0x200 [ 456.117129] __se_sys_ioctl+0x1da/0x270 [ 456.117129] __x64_sys_ioctl+0x4a/0x70 [ 456.117129] do_syscall_64+0xcf/0x110 [ 456.117129] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 456.117129] RIP: 0033:0x457569 [ 456.117129] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.117129] RSP: 002b:00007f29d7113c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 06:11:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000040)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/98, 0x62}], 0x1, &(0x7f00000001c0), 0x0, 0x4}, 0x3f}], 0x1, 0x40000020, &(0x7f0000000280)={r1, r2+30000000}) ioctl$SIOCSIFHWADDR(r0, 0x8937, &(0x7f0000000000)={"6272696467655f736c6176655f3100f0", @random="01003a1e2410"}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r3, 0x0, 0x83, &(0x7f00000003c0)={'nat\x00', 0x0, 0x3, 0x6b, [], 0x5, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], &(0x7f0000000340)=""/107}, &(0x7f0000000440)=0x78) 06:11:20 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x0, 0x0) fadvise64(r1, 0x0, 0xffffffffffffff9d, 0x5) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x81) r2 = socket$inet6(0xa, 0x3, 0x1) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000440), &(0x7f0000000480)=0x4) ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000200)={0xf, @vbi={0x10000, 0x8, 0xffd, 0x7969e9575bcab5ef, [0x100000000, 0x3], [0x7, 0x1], 0x2}}) [ 456.117129] RAX: ffffffffffffffda RBX: 00007f29d7113c90 RCX: 0000000000457569 [ 456.117129] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 456.117129] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 456.117129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29d71146d4 [ 456.117129] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:20 executing program 4 (fault-call:8 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:20 executing program 3 (fault-call:8 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 456.587642] FAULT_INJECTION: forcing a failure. [ 456.587642] name failslab, interval 1, probability 0, space 0, times 0 [ 456.599211] CPU: 0 PID: 11062 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 456.606198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 456.609093] Call Trace: [ 456.609093] dump_stack+0x32d/0x480 [ 456.609093] should_fail+0x11e5/0x13c0 [ 456.609093] __should_failslab+0x278/0x2a0 [ 456.609093] should_failslab+0x29/0x70 [ 456.609093] kmem_cache_alloc+0x146/0xe20 [ 456.609093] ? mmu_topup_memory_caches+0x109/0x880 [ 456.609093] mmu_topup_memory_caches+0x109/0x880 [ 456.609093] kvm_mmu_load+0xb5/0x34a0 [ 456.609093] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 456.609093] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 456.609093] ? kmsan_set_origin+0x83/0x130 [ 456.609093] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 456.609093] ? kstrtoull+0x6fe/0x7e0 [ 456.609093] ? kmsan_set_origin+0x83/0x130 [ 456.609093] ? __msan_poison_alloca+0x1e0/0x2b0 [ 456.609093] ? put_pid+0x71/0x410 [ 456.609093] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 456.609093] ? put_pid+0x330/0x410 [ 456.609093] ? get_task_pid+0x19d/0x290 [ 456.609093] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 456.609093] ? do_vfs_ioctl+0x187/0x2d30 [ 456.609093] ? kvm_vm_release+0x90/0x90 [ 456.609093] do_vfs_ioctl+0xf77/0x2d30 [ 456.609093] ? security_file_ioctl+0x92/0x200 [ 456.720592] __se_sys_ioctl+0x1da/0x270 [ 456.720592] __x64_sys_ioctl+0x4a/0x70 [ 456.720592] do_syscall_64+0xcf/0x110 [ 456.720592] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 456.720592] RIP: 0033:0x457569 [ 456.720592] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.720592] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 456.720592] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 456.720592] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:20 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) [ 456.720592] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 456.720592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 456.720592] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:21 executing program 0: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000080)}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$evdev(r0, &(0x7f00000000c0)=[{}, {}], 0x650) r2 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x9, 0x208040) ioctl$LOOP_SET_FD(r2, 0x4c00, r2) ioctl$VIDIOC_S_STD(r2, 0x40085618, &(0x7f0000000140)) socket$key(0xf, 0x3, 0x2) 06:11:21 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:11:23 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[], 0xfd2b) socketpair$inet(0x2, 0x7, 0x6, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0xb1, "0652c38e8ee24bad8d86b473ceb452ca710f07b5f487ca1e096934c963dc9499d56380a70d4c80c2bac72c3720a3dde9c7375a8df1509b8e3612655007deb86c3657f16e08d9dacc5f63b4979c37c4772209173f6e9d8682c6484c76d92fe74fbc361e69c8547b1ee63bd3aeebc6232c0c4eba18fcb6bec53c47b2d3e1817558e71ceec555612c9d6b5c7a903876e2da6f62f07b93b646cfcfafb7c4b512f3267a912d49640940913f54bcf559733de08d"}, &(0x7f0000000280)=0xd5) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xfffffffffffffffd, 0x149000) ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000200)={0x4c, "f17b1ea4d987655b41a407c932ccce00f7d528bb9ba6aa58da7d01d203e5dddb79d7999db2d73b7d848f95b407c0c61ece4555cc516d624758ea252b7b34efd0f353feef748d56c87a541f6d"}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000280)) 06:11:23 executing program 4 (fault-call:8 fault-nth:8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:23 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:11:23 executing program 0: pselect6(0x40, &(0x7f0000f33fc0)={0x4, 0x0, 0x0, 0x1000000000001}, &(0x7f0000768000)={0x0, 0x2}, &(0x7f0000086000)={0x0, 0x400}, &(0x7f0000000040), &(0x7f0000f14000)={&(0x7f0000000000), 0x8}) 06:11:23 executing program 2: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mkdir(&(0x7f0000000240)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x0) rename(&(0x7f00000001c0)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", &(0x7f0000000040)='./file0\x00') mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="66643d8ec26ecfd257780bd7919f7534938dec1ec6f5943f4b79adc2e0c3a2c56abd1dba2633e2418f60bd4f627020c3b3b36e2cbaf94161f1e637bc853a22734acdb98624911d9f0700000000000000ef476c60d25beddbb1dab5fa3b74a7b5c4109cd965eb43294a424a60d0930e338b0975727f3485ccbe0fd8ecd81cd58c61c61d9432", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYPTR=&(0x7f0000000140)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRES64=r0, @ANYPTR64=&(0x7f0000000600)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES16=r0, @ANYBLOB="ff57854af9618c4997590cc3fbd8b3181c94ecb82b9ae42c46c66aecbb2cf906f5760bb75c520d6eb125f401c63a854bfd3030277f4e3d5578082bfec0357cf3eaa7380d13bc9b5932f725c952ecf883954759fd4dea97f71aabe6e64e4c3822e9f6ece54f85ecae48", @ANYBLOB="5dba24f741de7b90ef8270d9f740ee3aa6b904a8ef16cca5fe8fa43e7330a1b353971d8ce20eefdd37bb63864f7f60ed1d80fa9d0e5e50ae033c4db356edd52fbe34ba"]]]) umount2(&(0x7f00000004c0)='./file0\x00', 0x3) socketpair(0xa, 0x80000, 0x3, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f0000000340)=""/165) [ 459.929248] FAULT_INJECTION: forcing a failure. [ 459.929248] name failslab, interval 1, probability 0, space 0, times 0 [ 459.940703] CPU: 0 PID: 11097 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 459.947684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 459.950572] Call Trace: [ 459.950572] dump_stack+0x32d/0x480 [ 459.950572] should_fail+0x11e5/0x13c0 [ 459.950572] __should_failslab+0x278/0x2a0 [ 459.950572] should_failslab+0x29/0x70 [ 459.950572] kmem_cache_alloc+0x146/0xe20 [ 459.950572] ? mmu_topup_memory_caches+0x109/0x880 [ 459.950572] mmu_topup_memory_caches+0x109/0x880 [ 459.950572] kvm_mmu_load+0xb5/0x34a0 [ 459.950572] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 459.950572] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 459.950572] ? kmsan_set_origin+0x83/0x130 [ 459.950572] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 459.950572] ? kstrtoull+0x6fe/0x7e0 [ 459.950572] ? kmsan_set_origin+0x83/0x130 [ 459.950572] ? __msan_poison_alloca+0x1e0/0x2b0 [ 459.950572] ? put_pid+0x71/0x410 [ 460.027841] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 460.027841] ? put_pid+0x330/0x410 [ 460.027841] ? get_task_pid+0x19d/0x290 [ 460.027841] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 460.027841] ? do_vfs_ioctl+0x187/0x2d30 [ 460.027841] ? kvm_vm_release+0x90/0x90 [ 460.027841] do_vfs_ioctl+0xf77/0x2d30 [ 460.027841] ? security_file_ioctl+0x92/0x200 [ 460.027841] __se_sys_ioctl+0x1da/0x270 [ 460.027841] __x64_sys_ioctl+0x4a/0x70 [ 460.069220] do_syscall_64+0xcf/0x110 [ 460.069220] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 460.069220] RIP: 0033:0x457569 [ 460.069220] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 460.069220] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.069220] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 460.069220] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 460.069220] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 460.069220] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 460.069220] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:24 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:11:24 executing program 0: r0 = perf_event_open(&(0x7f0000000640)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000240)=0x0) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x9, 0x3, 0x38, 0x6, 0x0, 0x8000, 0x810, 0x2, 0x9, 0x800, 0x100000000, 0x6, 0xfffffffffffffffa, 0x2, 0x1, 0x4, 0xfff, 0x80000000, 0x100000001, 0x8001, 0x2, 0x4, 0x8001, 0xff, 0x8, 0xfffffffffffffc01, 0x80, 0x40, 0xdd3, 0x401, 0x3f, 0xbebfa41, 0x6, 0x4, 0x1, 0x3, 0x0, 0x7ff, 0x5, @perf_config_ext={0x7, 0x400}, 0x1920, 0x8000, 0x1, 0x2, 0x3, 0x5d14, 0x80000000}, r2, 0x4, 0xffffffffffffffff, 0x3) fsetxattr(r0, &(0x7f0000000280)=@random={'security.', "626f6e645f736c6176655f3000fd00"}, &(0x7f0000000400)='self^{[/-^\x00', 0xb, 0x2) r3 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x0, 0x608401) socket$vsock_stream(0x28, 0x1, 0x0) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000780)) r4 = accept$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000140)=0x1c) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000200)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr=0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={"626f6e645f736c6176655f3000fd00", {0x2, 0x0, @local}}) r5 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000300)={0x0, 0x401}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000000380)={r6, 0x100000000}, &(0x7f00000003c0)=0x8) socketpair$inet(0x2, 0x3, 0xfa4b, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_INITMSG(r8, 0x84, 0x2, &(0x7f0000000500)={0x7d5, 0x10000000, 0x2, 0x5a}, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x4}, &(0x7f00000001c0)=0x8) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r7, 0x111, 0x2, 0x0, 0x4) 06:11:24 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f00000000c0), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv4_newrule={0x28, 0x20, 0xb27, 0x0, 0x0, {0x2, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_DST={0x8, 0x1, @multicast2}]}, 0x28}}, 0x0) prctl$setendian(0x14, 0x2) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x2001, 0x0) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000003c0)="6ff412dbf1ed3e9a02785a19a6f91464c015bacb84d367a1555ace5dcef52e80a95be99b1ac42e0c6ea2e009152f0871b785dccad2c2a9e84e6168657d2aedc85003855ddeb057cd533bed7a080121e1db6d4fc275abd635fcc014a9c793389bb6daa258b0e65f14525aed641f9c75afc9244b02050f3340e623b0bd0fe4b2141627a14114b52b9bf9a7238b4d8bb0d6540306626361219808cefefb1756b469527e92d4dc4709cb064ce2a6bd987d3c0725253117fc90fe29416388d04b0ef4d996090178565c1df847c074a856bb9adbd58406e05cf0e4327df5ccb5258664acd6ac1ccebd13c28df7efadcdc6f6ede43d6c7dedf20b59b61a21b27e0da4ed05debf023ccb2814f9efa3d33f21464fb058ff7cd3bab7f0534d6fb59c3d8a432c466a847cc148ce3215adb4cd260e0051b87f3746f5eacb05d8873b33109db804f972a3b72fd804d7eabd2406c04fa090cc23df8d4527c6b2fb62b308a00327c3ba1906548a9f6ae6c55cdcd4c4aae704b284a4f16e40531193f34cf3f1ace979195c7de86fe6d329cafbf03526519c82d6ba2570e1167970254e98a0dde484d77b0fb2e11213e74b264dfbdaa6499332f7175c9f05e1371e863f38540276e75a0f243fed4c2a575cd8e29615f0606f5b955fc0fbe22984f2473fd31d53acfe6cc145fb7f4157ac26923b1988faaeb20b882f5ede40c612ba9bbd6d7f24e8cdc6dd327e17ff36fe37523c24f5c6a4dd3ce35ed480de338152febd024febc2751bb2906c56ec4835557ac4210b5f350d582b88448a507108017c5d252b5a1d2eecd50862e44ffd01b06aa33ef14ce6bc434c359bde4c41b46f63617fccec2cbf95a3a715cccbdf2a3f0c1408ad1d05c43c7d859dd9bb2bf5c4b5232ad102455342ed4d9f681f7aaff6f29c087bfc62636e56e32f3f91573435912f791b23eea29f073498d5c8ae6ab45d9f5699c1bfbff2273d855db7470fa85fd0148f1241006dd54fc742fe1a33910bea5fd4c9b1400ba5112a4e218d117b0d96f27bc7047796fcd67475267d232b15d28c5ece2901017223a85da1d9607b248e526f3d6400309d5c0ca5e70ccc5f9d427b05fd60eff2ec0e497ba7fe5f3f9bda0c7003bb7d7345e4d62bddfb2cc8127365590a869e4a9fb871c947d07ab24b467a4791c4e1e3044857019d13fefff0292bec2147026b5852f555f0a8b41bd11c224c9639ec9a034f716707613ba31336a0a0133bdd17951f7bd083bc3277aec2b1453860310ba701025e22895d0b7269f050df03970bc124949453ea80887d2ed01819b5675ce1fa9b5e18962e1ff2b636396bc37f6ec3e7c2defd8e60651611a8f79de982790b2e920ffd212ed5043ca4d939f945b2f279403582522bc78557de5080b22b596723fa9935f4b6dc76fdcc18cc64864e502147558ca0ed4879ae726a4352017d112505bb70882586c82068f9b9d097f847f9fb11861f2a529ed5967d7ce5bbff172bfc96a5fe5b382232effcd1721613d306dfb95462ee7308e591b90509f25f8f9b38b220f4f70ded64cf74f543d06913622697c8b0cd9abd5da94fd4ee0edf9dd769f58beee00657f612e8f07376cff9d8d0509a88b3396016868c63885690a801766718b912ad3cd0cd117b45b85d93ec8c52d02a8bd96897944b6e0def6c132409e392559bea2bbc1f1cffd6f9b4927cd9e8a0cc059181728222662a582216d8b38ebd27ce6c7a1fbec5fd6226ffffa9084d3bf2e6e3f82e0da71e8c3c330091e25fb032481e648ed3dab3e321823d97638cf06a2a480bef19ef066e048e83e9f70f04f6544be8d0483429024429bb9683bc0380308556ddaf7a3aba3d6c470f3cfa2cbab1353dfda9602fbcf06110417a1d23b77a68ce14adb701490913e9477c0636778d044695445fe2070a658337f9d98c806f1c9c40d40cd8f6746dc620080ea394106add3863a7afc3e1faede75211f3eb2e7be1646715a36ee7bcb3d003ae4bc751c5adc66f901201d2f64819cbbe38926b5df4b6185ed55c29bda5eaee2965cf2a7c039384b692707948be097af98b46706d074e09b656eb71fc0304e4e04adb7019c82113955e4342ed4291a8374af09f7d2e2b64f6252f6dcd0101072ad798fd584de97fedaab698fe589426364a31bac54c34a7ed901b40027cd9f57c221f891dfe422984b386dcc77545c8f49e655b6b5d90c8e51dab7c50574da680de315535c1fab7e874806c30e68845bf4c5881368d1b4e29135a1658850adab012da94f0669b2d7a1b88975a35309c08a724c007b2b8ff87b2e4841c8a88f36962b106373c04398ddc6feebb67c2328e2dcee6ae4073b5e08c6bc2f826ea7df80f4f2350add0613888ba81bac2938a58103a3a59ab3e7f759a0561629281ccebb22fa058c1c42b0da2a6c63c20cc82b6da336ae7daace258a4a050172028fe05e76b4dc8631936f929cdbb6bd5d4547e69fe15d02f4eae761eb5d3eaefb9f9c0f05c9ddb4dfc3ce03cde8c00b98d54d854637265f0e134eefb9a22ab236177b98be51ce6816c51a6c389cfd27f56c1954928b00b8f81648fae0ca9f39f29d3851c6cd2d68b1b56c54743aa7bf95f9be173c5154d63cfa1d675b1b36cc1c8e7f6f19576e6c461f6020d34dd53efe896cb1a3c22a0e0808b34e81f161a432c40a1fefc70a8d8faed2889f70d40b20e45f6ea93375c15eb7f74471adb36cba3bc5e49df0423ace9d4e59c7dccd339a007a1b08ab8f2655b88628191ce6b013e9ac1cf9e3e80eeef9d627ca46ae59a8b5b586c214b3c9995d0030416138d5d28da254aeb9e47203d54921c869b3eff7339f1f016e72e2dcb2fda6810896f3bd9829f45bac4c2979edfc078f1ac1c04ba7831535bb99292655a123d659b32eba7b7baa77fdf75f87497c75e74e3e1b49d5a03fffc5223348a22a8923485d3d663370b71b941782ca217c3d3f0faeb8448601d75bbe90101ef127cf4b411ac7d018a727a701e6236e3bc4b8c0daf0b01e8ff3227ab5ac21b6b4e861e4d375a2ce565b9eaa45921e20a043ebac5e78c600b21df065a67cd39a1e00bd30647658d598e24283fc8f957ccd4f3f4b44ac1be106209b6cb15913ffb13e73fb3d652de14511a7b447a1e8d92d5a3eb19eb039b9e4641e690a6f039ee76504701c0f56e8df5bd0a72598841d223ad73f3d27b4f8fb608f33199debbd61de1fddf7ec1287d6c4940146695ff8e04b894eaca4c02c63192d980146f00171379c6d9533e9ed0a62a61f4b47b56bd73fcb803a2bbfe6d5e92ee1166b922dbcd3c67af8c0309b3a3426f4dc5b63d6a844b754e9f5ba72ae2a009868a70c6db193578a7dbeaa57d09517a139737fd3ed04e5a81b5cb39d2d9dfd5ecd60f436bd1b7e6aeb9d36d79a18b184391dc2f6c12110fed1fb7b0ee7baee19bafe9a2479ab24a63b987b533913d4bd830f2e99067274e7e8241c5283b02ea3d8d2cc8f8a249a5a8210c8aa606539e2cb1daf336fe201c1c07c63a75e06b569de45b9e18c6bec301342f30dc3f453d56397feb2616004754417303b384df5142cf6f74c0466bc84f2a9d1e0ced00e7f75546c88fbbba5ecab2b862301e1dd3f806ccf087f1854a6255cc8a9d8701311800035e9d798f1e30beedc9f929124cad314d1127c17813cc91ffe4d993a87d8c5886f7776de9c203ed8b7742a59458567cf2826c44ed5cfebddb3429ca275bce48210fa69b912624c4dfa51daf5cad34a52a9d58510db3f6b4a073f18c815eb561cf84db32302cc9906e71c77ca1886b66c6675115a44695c0f51be7faec672313dc8cba0a6ea3454f3dcf165107f935d932e2fb0c5cdc602b00424f9bb573089fc40f84442f5655b422f58ad92efff8efcc4641bc1c6e537633ac9f2eca10b0bfc766a3578084aa8e943b51bb469fa5247220cb31ea078fbacecd91d8ac1f1a3b273c48b43a1f1211e8ae8115a4cbfd899442db77fa6d351c91ccb34a9a624e17945ec62bdc9f3566f16bd1de6d91d7093af1d5eec090de252d7bbfb73485a635721f34d4356ce547e08e9be287d9176b135c15586bc941c41608e38ce5a8bfeb7b808624d9d7274ac0a165bca4a7703d4838231f616b7a6362b04b48105061affce81155091155b2b30ed1837b93c46e84aa51179adfb8cd99211409ecee4d22a430ec9d8af2e5f16820fd880473f194dab7a5f082167e2ff4bbd867cb1b906dd770b24967dd922b64d21c2f71a14917e32fe03c2bdd1028219b9616f27191d51f395853cc0a8e0b2722274e1065bf9a620e0055a2e43d3243c8cc8e071ecf980e0287f3806889d080f70894c3e9ac46031fde9159e3411f9c8fb5d5b3d17cd77cca40fc931774fb5706ad1ea13847aab6ad2585eeded36596cdaa171cc4ca56f46108d63515d15228e1ff9e08765516a93366a09d84968266ec7c9bc97f2e5d34a317d0b7357bf9264627015fdeaf8bdc02720c6e3b2cf3d55d2967eebca8739ce6b2b23d922a682c5cd95e95bd81afc123a98a68d6a254968ca1790108eb4b66fb173bda9dcd4444dcc6a962426a3fa41075d9fa88b0c12591ea25e4d2bb13a380533717a7da5ed4126a351500c0ba0a2fc2c0fd5e91339e565f9d8d2603199bbe611168f46e7e99e918389e5dd8573c704efd9962ca83260f1c14b533799b261c186ff9e7337b025a19d4873cf8027a090fe3cfe1938913d093bd07cc89715688640de8ae9863142668e3d5acc0491dbe875c6ae78ea8a7f734772e52f70e105a05a609996c68a1e888f1b6c1e83d77bf93f2ddc4d0a01fbab9abbd23b17c52f2e7a1bfb0967f30e8022066c608c39f0f1a123dec520dc6d991c163aef644eaa22e4eaba4a21d5ea73c96f8c5c5e26572d473431cb757e3ec130ee33bf3f4cef5f8dff64d1e83e3326e28531873ffa87b5382041c61e34d2868ac52212ee6bf2a354eb021d370638b4e8ecd550f044bc6a0b5a2910a3d0e1f5a7b8676b0bda31c84ccd1521044416fdada31529587c3edd6fbf021c1079fadf30427eb807c88280ed8ef7f5332a423982087a6c75353cc0c9b8577162837dac2e5ef18a9cf732d5376c1620cf85c30ff055e51e36da037c48febf8d7b9ffab3c5a546681df8275125466f8f3b5cacf4544ddeeec591c11afa78a47ccb0306e778f108659f740feb3135b67955098274e7d956a6ab59c3084418401cf320ee5bdb5f2e29e858ee00cae2ab2e8aa1373f732f9aa58adf20f281c2d7f0a38eb09be585ac31cba436d480a89156ee038e28a1c8539529c27349595638dcf85705fcd38a78276a8a3bf4b0ab88016882a7529c88b01ad0be93236a38add15a9ce8cf23c4b75c9acebfe79dd47ccf93799e87ef038082571e04ca6eca273a7a7d1e3e9dbe21c9efb82db28b199bd6505e466575547912a248dfe0108619f4179c48e487cf342ba6ad4a60324425fd5eb3aa110d7e6b0d3b4fe35ee50d45395ab4fbbce8d2c616a7f2c02482c84597770a318e4dbb82dbebe50d172acb7317c19c5e7e3fb78568a12763480a98fbdc3ce0b4a42ffcc0888d4014fe282f4eff0a9202be556491fdcc03d013e6cf01c64e45977c99361b22cbb44153d7796b85b90a248eb2684f1b86807f7b531b699e8ab2073fb75194300947ad66025cf5ab68e9bf28e483f37b5a48f0ed65545fa0c006d728033ffb04616b7bdd289f70b8ddd61bb368c76824697ae1780e2482cfb74500a22ea0210582e1ec072bdf9ff24dc23adf6622c2cfcf466d82b9d39c1f78ad9400b3df3561c4677d65e2dcefaa1b3") ptrace$setregs(0xf, r1, 0x82ef, &(0x7f00000002c0)="9c5bbba14325b2c87b20593066776fe4a726c58e980206e1deabb69214f493b1c99cc82afc16af68fbaa0298bd5af4fd41995f8fd11074ca4f3732e669d7a0e8e3d83f78166ce96dc093842fcc614ed52ba775148f58d301270cac7eafb1c6b31d7efcde8ef3dec9a498c9ca289a2e5280f255ae44dd691e08ff19bc342ec75eafa1328c1f156066bbc8b7fa6ad227d54ef713a8ab5642d1e56f777960fbbb4160be23bc44882ca6dc59b1c17108fff80ec67dd25621d6d8f8f412991243f2de9b2203424796384edd80147ea168583d04ce5e7baca02ecb01386dda188d7e652777b155c3f88215ff41da05d3b0bf") r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x41, 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40500, 0x0) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080)=r4) 06:11:24 executing program 4 (fault-call:8 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:24 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:11:24 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) socket$inet6_sctp(0xa, 0x5, 0x84) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 460.738381] QAT: Invalid ioctl [ 460.825508] FAULT_INJECTION: forcing a failure. [ 460.825508] name failslab, interval 1, probability 0, space 0, times 0 [ 460.837193] CPU: 1 PID: 11140 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 460.844169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 460.847013] Call Trace: [ 460.847013] dump_stack+0x32d/0x480 [ 460.847013] should_fail+0x11e5/0x13c0 [ 460.847013] __should_failslab+0x278/0x2a0 [ 460.847013] should_failslab+0x29/0x70 [ 460.847013] kmem_cache_alloc+0x146/0xe20 [ 460.847013] ? mmu_topup_memory_caches+0x109/0x880 [ 460.847013] mmu_topup_memory_caches+0x109/0x880 [ 460.847013] kvm_mmu_load+0xb5/0x34a0 [ 460.847013] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 460.847013] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 460.847013] ? kmsan_set_origin+0x83/0x130 [ 460.847013] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 460.847013] ? kstrtoull+0x6fe/0x7e0 [ 460.847013] ? kmsan_set_origin+0x83/0x130 [ 460.847013] ? __msan_poison_alloca+0x1e0/0x2b0 [ 460.847013] ? put_pid+0x71/0x410 [ 460.847013] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 460.847013] ? put_pid+0x330/0x410 [ 460.847013] ? get_task_pid+0x19d/0x290 [ 460.847013] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 460.942044] ? do_vfs_ioctl+0x187/0x2d30 [ 460.942044] ? kvm_vm_release+0x90/0x90 [ 460.942044] do_vfs_ioctl+0xf77/0x2d30 [ 460.942044] ? security_file_ioctl+0x92/0x200 [ 460.942044] __se_sys_ioctl+0x1da/0x270 [ 460.942044] __x64_sys_ioctl+0x4a/0x70 [ 460.942044] do_syscall_64+0xcf/0x110 06:11:25 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 460.942044] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 460.942044] RIP: 0033:0x457569 [ 460.942044] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 460.942044] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.942044] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 461.011886] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 461.018792] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 461.028513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 461.028513] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:25 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x460080, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000100)={0x7, 0x4, 0xfcb, 0x1, 0x53}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000240)={0x0, 0x1d002}) ioctl$PPPIOCGFLAGS(r0, 0x8004745a, &(0x7f0000000340)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000440)={"1940df52f6cc5682e244a1113c603d2da7d7395eef041415a6c2fda7ad20529db4cd3333c18201ceea4015edda170b86eda55e20b9865c86bf0d9da7cce842a3a19ad243ba78a820056b5555fe4554c38d85bc1b657067e47ffdfb32e1a0b61865b44dc6d29f6d43183d02700244f7580c0898f493a126900d368eb60a36a98f8fb3f450c0a42a4a92c87fc7afcdf580650e63c776cd72aea7b5bbe5612e9b9bf58449d9ec7eb78ea5dafe670452b99630cdebd80bda4123fecc3e072b42ae555540a5d7b85430e8058f9bea9f7c2b4cdaa2f3257d265f9c68be1dff87495d55c18433d6b37dec8dce782017c77e02bceba6997acb19eb42280cb57b6ff69c30b8ef1dd60b36bcae63102ecaa903673daeade3d762d5be48975553be25d31525ef5e0deda957bf800a32576f1f5159b851e95f9699aab3fe3054068b86227bd43394e7ccd1bf75d2ddc1091e5db14ace9692737d8fabf4c6c4dff2bbb040ea5b8cc0518b1c5c468fa01ba4a58bbc1db8ea69992aa14c7606e0cb143dee86d38c0d13c85f1262e77b5c5ea3f0fd6220cfba0be7e320b4f728390755d58f2a2114ed8e2ae0357aa543e60f7507252cdf8875735bd98d743ac76ead47e30dfb560c059e2303a948375835bf4505f4c255cf0cbdc41d417011f1e35915f8f5e384cbef540280ad0158257b1f24e67398664cb888ddd83cce00c2f98e4837040ba7f4a2eec7da4b3c600214d228414b187dfd1be0a3fa0e4e2b4192becf455518bedef030c7813855df6b3e471b523831f7a8e16998eee9e7fe19c194ba8adc05ccd50cbc8e738f96091f340d29bd5b58856b0dbf1490c605a9af83b69ddf3807fc630e75e56a49e62ed60b65f12e1cee6d9132c61e40903071ec519ec252c6dd5ad2861e9c5bada21a6146f6b9ee54f90cc1326c3382e56fe9a689fa0670d83f05c2698d4ea15cc9d4fc938f5c541be4edaf99aaaa90519c5f2541e24257a8dc44453dc2392e78fbb75204701d4927045362159d93b7a5d0d8448fc4754f3b9e51e583010d84c16bbaa4b96221c4c5ea64e9d9521c784d20b000db370485140e335bd10262ca57f45ca59cf7f64c8abea2d8c28ec7d2b58c5f5fce53d95483f96ed23dc1b75c4f3e3730d12da86fc181659981e35645a897f2472a5b46a39c9586b82d14404b6cd575cd92e2ac8109dfc2b77ba5365a8d7bd8322bea8899b4f7893d5b2a9620c783b40dbfb28147e3a044ab10f24c473f082fc62c5f24160231135df040b3c89850b07c1ea90de1a31f96acbbe6b4360560a04ab54d813f11d0cd3f551a3905415a41c66893186322220d9c55dd0bde4d508f98dc864b0d95063f7a6fea36c6ed972bff40e688cd13c5942faed6edda7bef01981e18ae0ccffb916076defda51a8c4b35a233b472b25c6d0cf06ae52e38b893f3ac0f38b0eee7fe52"}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f00000002c0)={0x3, 0x7, 0x2, 0x1, 0x5535bc99}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000200)={0x4000000000000000, 0x1001, 0x8001}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:11:25 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:11:25 executing program 4 (fault-call:8 fault-nth:10): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 461.432821] QAT: Invalid ioctl 06:11:25 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 06:11:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0xfffffffffffffffd, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 461.900949] FAULT_INJECTION: forcing a failure. [ 461.900949] name failslab, interval 1, probability 0, space 0, times 0 [ 461.912671] CPU: 1 PID: 11173 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 461.919638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 461.922342] Call Trace: [ 461.922342] dump_stack+0x32d/0x480 [ 461.931796] should_fail+0x11e5/0x13c0 [ 461.931796] __should_failslab+0x278/0x2a0 [ 461.931796] should_failslab+0x29/0x70 [ 461.931796] kmem_cache_alloc+0x146/0xe20 [ 461.947838] ? mmu_topup_memory_caches+0x109/0x880 [ 461.947838] mmu_topup_memory_caches+0x109/0x880 [ 461.947838] kvm_mmu_load+0xb5/0x34a0 [ 461.947838] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 461.947838] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 461.947838] ? kmsan_set_origin+0x83/0x130 [ 461.947838] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 461.947838] ? kstrtoull+0x6fe/0x7e0 [ 461.947838] ? kmsan_set_origin+0x83/0x130 [ 461.947838] ? __msan_poison_alloca+0x1e0/0x2b0 [ 461.947838] ? put_pid+0x71/0x410 [ 462.001742] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 462.004203] ? put_pid+0x330/0x410 [ 462.004203] ? get_task_pid+0x19d/0x290 [ 462.004203] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 462.004203] ? do_vfs_ioctl+0x187/0x2d30 [ 462.004203] ? kvm_vm_release+0x90/0x90 [ 462.004203] do_vfs_ioctl+0xf77/0x2d30 [ 462.004203] ? security_file_ioctl+0x92/0x200 [ 462.004203] __se_sys_ioctl+0x1da/0x270 [ 462.004203] __x64_sys_ioctl+0x4a/0x70 [ 462.004203] do_syscall_64+0xcf/0x110 06:11:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 462.004203] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 462.004203] RIP: 0033:0x457569 [ 462.055543] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 462.062503] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 462.062503] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 462.088160] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 462.088160] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 462.088160] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 462.088160] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x5e, 0x400000) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:26 executing program 4 (fault-call:8 fault-nth:11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:26 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x2000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x5, 0x0, 0x2, 0x10000}) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x8000) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffff9c, 0xc010640b, &(0x7f00000000c0)={0x0, 0x0, 0x7f}) dup2(r1, r1) r4 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000b24000/0x3000)=nil, 0x3000, 0x9, r4) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000180)={r3, 0x80000, r2}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0x4) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000000)) [ 462.835660] FAULT_INJECTION: forcing a failure. [ 462.835660] name failslab, interval 1, probability 0, space 0, times 0 [ 462.847269] CPU: 0 PID: 11196 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 462.854239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 462.857057] Call Trace: [ 462.857057] dump_stack+0x32d/0x480 [ 462.857057] should_fail+0x11e5/0x13c0 [ 462.857057] __should_failslab+0x278/0x2a0 [ 462.857057] should_failslab+0x29/0x70 [ 462.857057] kmem_cache_alloc+0x146/0xe20 [ 462.857057] ? mmu_topup_memory_caches+0x109/0x880 [ 462.857057] mmu_topup_memory_caches+0x109/0x880 [ 462.857057] kvm_mmu_load+0xb5/0x34a0 [ 462.857057] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 462.857057] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 462.857057] ? kmsan_set_origin+0x83/0x130 [ 462.857057] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 462.857057] ? kstrtoull+0x6fe/0x7e0 [ 462.857057] ? kmsan_set_origin+0x83/0x130 [ 462.857057] ? __msan_poison_alloca+0x1e0/0x2b0 [ 462.857057] ? put_pid+0x71/0x410 [ 462.857057] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 462.857057] ? put_pid+0x330/0x410 [ 462.857057] ? get_task_pid+0x19d/0x290 [ 462.857057] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 462.857057] ? do_vfs_ioctl+0x187/0x2d30 [ 462.857057] ? kvm_vm_release+0x90/0x90 [ 462.857057] do_vfs_ioctl+0xf77/0x2d30 [ 462.857057] ? security_file_ioctl+0x92/0x200 [ 462.857057] __se_sys_ioctl+0x1da/0x270 [ 462.857057] __x64_sys_ioctl+0x4a/0x70 [ 462.857057] do_syscall_64+0xcf/0x110 [ 462.857057] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 462.857057] RIP: 0033:0x457569 [ 462.857057] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 462.857057] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 462.857057] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 462.857057] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 462.857057] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 462.857057] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 462.857057] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:29 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x3f, &(0x7f0000000000)="0a5c2d0240316285717070") r1 = socket$inet(0x10, 0x3, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x3, 0x0) setsockopt$inet6_tcp_buf(r2, 0x6, 0xf, &(0x7f0000000080)="57169eab2581611c8666d8903fdede30f750688c9baf3204aa52a372af8337cc8985569e73074dc3", 0x28) sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000520007041dfffd946fa283000a200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 06:11:29 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl(r1, 0x8, &(0x7f0000000200)="f99ea86e149f2ffcc504379bb281d94fa3584958abb07e4037923c80bd0633643c47268c3c5942034e414ac410109bd4fd097b54cd5e5cc48139bc12a2aa8842437d3addb3390e4bd40922") setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000000)=0x1000, 0x8) 06:11:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0xd, 0x3, 0x8dc, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000140)=0x5) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070") r2 = socket(0x10, 0x803, 0x0) sendto(r2, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) shutdown(r0, 0x1) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0xa4}, {&(0x7f00000000c0)=""/85, 0xfb}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000480)=""/60, 0xa9}, {&(0x7f0000000200)=""/77, 0x5c8}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f0000000340)=""/22, 0x16}], 0x8, &(0x7f0000002400)=""/191, 0xbf}}], 0x4000000000000f0, 0x0, &(0x7f0000003700)={0x77359400}) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={r1, 0x3, 0x1, 0x8, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) 06:11:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$VT_RELDISP(r0, 0x5605) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:29 executing program 4 (fault-call:8 fault-nth:12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 465.557744] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 465.700033] FAULT_INJECTION: forcing a failure. [ 465.700033] name failslab, interval 1, probability 0, space 0, times 0 [ 465.711589] CPU: 1 PID: 11223 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 465.718563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 465.721312] Call Trace: [ 465.721312] dump_stack+0x32d/0x480 [ 465.721312] should_fail+0x11e5/0x13c0 [ 465.721312] __should_failslab+0x278/0x2a0 [ 465.721312] should_failslab+0x29/0x70 [ 465.721312] kmem_cache_alloc+0x146/0xe20 [ 465.721312] ? mmu_topup_memory_caches+0x109/0x880 [ 465.721312] mmu_topup_memory_caches+0x109/0x880 [ 465.721312] kvm_mmu_load+0xb5/0x34a0 [ 465.721312] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 465.721312] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 465.721312] ? kmsan_set_origin+0x83/0x130 [ 465.721312] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 465.721312] ? kstrtoull+0x6fe/0x7e0 [ 465.786142] ? kmsan_set_origin+0x83/0x130 [ 465.786142] ? __msan_poison_alloca+0x1e0/0x2b0 [ 465.786142] ? put_pid+0x71/0x410 [ 465.786142] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 465.804358] ? put_pid+0x330/0x410 [ 465.808048] ? get_task_pid+0x19d/0x290 [ 465.811284] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 465.814433] ? do_vfs_ioctl+0x187/0x2d30 [ 465.814433] ? kvm_vm_release+0x90/0x90 [ 465.814433] do_vfs_ioctl+0xf77/0x2d30 [ 465.814433] ? security_file_ioctl+0x92/0x200 [ 465.814433] __se_sys_ioctl+0x1da/0x270 [ 465.814433] __x64_sys_ioctl+0x4a/0x70 [ 465.814433] do_syscall_64+0xcf/0x110 06:11:29 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='\x00\x00\x00\x00\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 465.814433] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 465.814433] RIP: 0033:0x457569 [ 465.814433] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 465.872162] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 465.872162] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 465.872162] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 465.872162] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 465.872162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 465.872162] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:30 executing program 0: 06:11:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x20000, 0x0) write$cgroup_type(r3, &(0x7f0000000100)='threaded\x00', 0x9) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:30 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000480)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) pipe(&(0x7f0000000000)) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), &(0x7f0000000400)=[&(0x7f0000000180)='task\x00', &(0x7f00000001c0)='-cpuset-,wlan0bdev#+wlan0ppp0\x00', &(0x7f0000000200)='task\x00', 0x0, &(0x7f0000000240)='.ppp1.vmnet1{\x00', &(0x7f0000000280)='task\x00', &(0x7f00000002c0)='task\x00', &(0x7f0000000300)='\x00', &(0x7f0000000380)="000b0c0ce1aa202a2937a16b791e8658f034288feb33929b6065e51f0e059b79c2544c77cce589aec8"], 0x0) 06:11:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:30 executing program 0: 06:11:30 executing program 4 (fault-call:8 fault-nth:13): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:30 executing program 0: 06:11:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000100)={0x2, 0x0, @rand_addr}, &(0x7f0000000300)=0x10, 0x80800) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000340)={'icmp\x00'}, &(0x7f0000000440)=0x1e) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffb) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000200)={0x5, 0x0, [{}, {}, {}, {}, {}]}) ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)=0x4) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000480)={0xf, @vbi={0x101, 0x0, 0xfffffffffffffffb, 0x20385655, [0xd1cc, 0x80000001], [0x5, 0x8], 0x1}}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 466.902154] FAULT_INJECTION: forcing a failure. [ 466.902154] name failslab, interval 1, probability 0, space 0, times 0 [ 466.913984] CPU: 0 PID: 11271 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 466.920955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 466.923706] Call Trace: [ 466.923706] dump_stack+0x32d/0x480 [ 466.923706] should_fail+0x11e5/0x13c0 [ 466.923706] __should_failslab+0x278/0x2a0 [ 466.940841] should_failslab+0x29/0x70 [ 466.940841] kmem_cache_alloc+0x146/0xe20 [ 466.940841] ? mmu_topup_memory_caches+0x109/0x880 [ 466.940841] mmu_topup_memory_caches+0x109/0x880 [ 466.940841] kvm_mmu_load+0xb5/0x34a0 [ 466.940841] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 466.940841] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 466.940841] ? kmsan_set_origin+0x83/0x130 [ 466.982157] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 466.982157] ? kstrtoull+0x6fe/0x7e0 [ 466.988259] ? kmsan_set_origin+0x83/0x130 [ 466.988259] ? __msan_poison_alloca+0x1e0/0x2b0 [ 466.988259] ? put_pid+0x71/0x410 [ 466.988259] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 466.988259] ? put_pid+0x330/0x410 [ 466.988259] ? get_task_pid+0x19d/0x290 [ 466.988259] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 466.988259] ? do_vfs_ioctl+0x187/0x2d30 [ 466.988259] ? kvm_vm_release+0x90/0x90 [ 467.027124] do_vfs_ioctl+0xf77/0x2d30 [ 467.027124] ? security_file_ioctl+0x92/0x200 [ 467.027124] __se_sys_ioctl+0x1da/0x270 [ 467.027124] __x64_sys_ioctl+0x4a/0x70 [ 467.027124] do_syscall_64+0xcf/0x110 [ 467.027124] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 467.027124] RIP: 0033:0x457569 [ 467.027124] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 467.027124] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 467.027124] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 467.027124] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:31 executing program 0: [ 467.027124] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 467.027124] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 467.027124] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:31 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x8, 0x2}) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000300)=0xc) gettid() fcntl$getown(r0, 0x9) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) r3 = syz_open_procfs(r2, &(0x7f00000002c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:34 executing program 2: 06:11:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:34 executing program 0: 06:11:34 executing program 4 (fault-call:8 fault-nth:14): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) bind$vsock_dgram(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved}, 0x10) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = openat(r1, &(0x7f0000000100)='./file0\x00', 0x60000, 0x80) write$P9_RREADDIR(r3, &(0x7f0000000200)={0x2a, 0x29, 0x2, {0x4, [{{0xb, 0x2, 0x2}, 0xffffffff, 0x26, 0x7, './file0'}]}}, 0x2a) pipe(&(0x7f0000000240)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:34 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000180)=""/102) clone(0x90020800, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') setsockopt$sock_void(r1, 0x1, 0x3f, 0x0, 0x0) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000080)=0x5) getsockname$inet(r1, &(0x7f0000000300)={0x2, 0x0, @multicast1}, &(0x7f0000000340)=0x10) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000200)=""/255) [ 470.219985] FAULT_INJECTION: forcing a failure. [ 470.219985] name failslab, interval 1, probability 0, space 0, times 0 [ 470.231498] CPU: 0 PID: 11318 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 470.238478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 470.241306] Call Trace: [ 470.241306] dump_stack+0x32d/0x480 [ 470.241306] should_fail+0x11e5/0x13c0 [ 470.241306] __should_failslab+0x278/0x2a0 [ 470.241306] should_failslab+0x29/0x70 [ 470.241306] kmem_cache_alloc+0x146/0xe20 [ 470.241306] ? mmu_topup_memory_caches+0x109/0x880 [ 470.241306] mmu_topup_memory_caches+0x109/0x880 [ 470.241306] kvm_mmu_load+0xb5/0x34a0 [ 470.241306] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 470.241306] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 470.241306] ? kmsan_set_origin+0x83/0x130 [ 470.241306] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 470.302080] ? kstrtoull+0x6fe/0x7e0 [ 470.306711] ? kmsan_set_origin+0x83/0x130 [ 470.306711] ? __msan_poison_alloca+0x1e0/0x2b0 [ 470.306711] ? put_pid+0x71/0x410 [ 470.306711] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 470.306711] ? put_pid+0x330/0x410 [ 470.306711] ? get_task_pid+0x19d/0x290 [ 470.306711] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 470.306711] ? do_vfs_ioctl+0x187/0x2d30 [ 470.306711] ? kvm_vm_release+0x90/0x90 [ 470.306711] do_vfs_ioctl+0xf77/0x2d30 [ 470.306711] ? security_file_ioctl+0x92/0x200 [ 470.306711] __se_sys_ioctl+0x1da/0x270 [ 470.306711] __x64_sys_ioctl+0x4a/0x70 [ 470.306711] do_syscall_64+0xcf/0x110 [ 470.306711] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 470.306711] RIP: 0033:0x457569 [ 470.306711] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 470.306711] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 470.306711] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 470.306711] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:34 executing program 2: accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000001c0), 0x80000) syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r0 = dup(0xffffffffffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getresgid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f00000009c0)=0x200) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x800, 0x0) getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff59, 0x2) sync() ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f) msgget$private(0x0, 0x2) sendmsg(r2, &(0x7f0000000200)={&(0x7f00000002c0)=@can, 0x80, &(0x7f0000000500)=[{&(0x7f00000003c0)}], 0x1, 0x0, 0x0, 0x80}, 0x0) [ 470.306711] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 470.306711] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 470.306711] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:34 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close(r1) r2 = accept4(r0, 0x0, &(0x7f0000000340)=0xffffff4e, 0x0) write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="80005634"], 0x4) 06:11:34 executing program 4 (fault-call:8 fault-nth:15): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:35 executing program 2: utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x7530}}) clock_gettime(0x0, &(0x7f0000000280)) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x4003ff) write$cgroup_type(r1, &(0x7f00000009c0)='threaded\x00', 0xd4b9afd) waitid(0x2, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000380)) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) lseek(r2, 0x0, 0x4) close(r1) getegid() ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000180)=@generic={0x0, 0x7, 0x6}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000300)) [ 470.915422] FAULT_INJECTION: forcing a failure. [ 470.915422] name failslab, interval 1, probability 0, space 0, times 0 [ 470.927089] CPU: 1 PID: 11341 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 470.934064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 470.936839] Call Trace: [ 470.936839] dump_stack+0x32d/0x480 [ 470.936839] should_fail+0x11e5/0x13c0 [ 470.952873] __should_failslab+0x278/0x2a0 [ 470.952873] should_failslab+0x29/0x70 [ 470.952873] kmem_cache_alloc+0x146/0xe20 [ 470.964034] ? mmu_topup_memory_caches+0x109/0x880 [ 470.971765] mmu_topup_memory_caches+0x109/0x880 [ 470.971765] kvm_mmu_load+0xb5/0x34a0 [ 470.971765] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 470.971765] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 470.987159] ? kmsan_set_origin+0x83/0x130 [ 470.987159] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 470.987159] ? kstrtoull+0x6fe/0x7e0 [ 470.987159] ? kmsan_set_origin+0x83/0x130 [ 470.987159] ? __msan_poison_alloca+0x1e0/0x2b0 [ 470.987159] ? put_pid+0x71/0x410 [ 470.987159] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 470.987159] ? put_pid+0x330/0x410 [ 470.987159] ? get_task_pid+0x19d/0x290 [ 470.987159] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 470.987159] ? do_vfs_ioctl+0x187/0x2d30 [ 470.987159] ? kvm_vm_release+0x90/0x90 [ 471.041738] do_vfs_ioctl+0xf77/0x2d30 [ 471.041738] ? security_file_ioctl+0x92/0x200 [ 471.041738] __se_sys_ioctl+0x1da/0x270 [ 471.052663] __x64_sys_ioctl+0x4a/0x70 [ 471.052663] do_syscall_64+0xcf/0x110 [ 471.052663] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 471.052663] RIP: 0033:0x457569 [ 471.052663] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 471.052663] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 471.052663] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 471.052663] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x224, 0x200282) r4 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000200)={{0x9, 0x2, 0x3, 0x39, 'syz0\x00', 0x8199}, 0x3, 0x10000008, 0x1b00, r4, 0x4, 0x0, 'syz0\x00', &(0x7f0000000100)=['/dev/kvm\x00', '/dev/kvm\x00', '/dev/kvm\x00', '/dev/kvm\x00'], 0x24, [], [0x74ac, 0x6, 0x8000, 0x9]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:35 executing program 0: syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/uts\x00') [ 471.111786] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 471.111786] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 471.123628] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:35 executing program 2: perf_event_open(&(0x7f0000000500)={0x2, 0x70, 0x71}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000540)=""/246) r1 = getpgrp(0x0) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r1, 0x0, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0x0) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000400)={0xffffffffffffffff}) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x891b, &(0x7f0000000140)={'bond_slave_0\x00', {0x2, 0x4e21}}) creat(&(0x7f00000001c0)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000180)=0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r4 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c460000000000000000005aced12135d7d66f0000000100000000c00000400000000000000000000000000000000000000000003800eeff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000e18eb838d9a5dc6a53aeed935598a4"], 0x87) execveat(r4, &(0x7f0000000940)='\x00', &(0x7f00000008c0), &(0x7f00000001c0), 0x1000) ioctl$BLKBSZGET(r4, 0x80081270, &(0x7f0000000380)) timer_create(0x4, &(0x7f0000000880)={0x0, 0x2b, 0x2, @thr={&(0x7f0000000440)="db3838f9bfdaccd30ff6c799cbb95f3453161e77d950ae5225799fbc5f4ca4826b80a3f3a737cc4966bc78231d369100b40e948b76d3d9d3dde49060775e030b96dbb7467548a0b23ef46ab89930dbfef69d75bec2bda19222d3d176f65dc7876402ed14b88267b3f45a9287f87e914e73109eb69078c7ba5e52cf187b07e121a97b3c9c32c387", &(0x7f0000000780)="e745cd71409929f62841e92275a137773879c5395affa58031f770cce95378703cd54c35354bc6b43d71ed238050ec478be9c2ee01df2db3e3926abb0565850c8a0c062a472c876cbd29b106f29b0e434e41bba9fcdde3eac4d9047096f3ef221e5693a5d7b1c5daf089208d4d4a2c6261b99975c3a185bcb701534b0326523766a90a6e8ad3cd197538bcaac0d464669d3e784ec1a48399"}}, &(0x7f00000003c0)=0x0) timer_settime(r5, 0x1, &(0x7f0000000500)={{0x0, 0x1c9c380}, {0x77359400}}, &(0x7f0000000840)) r6 = getpgid(r3) write$binfmt_script(r4, &(0x7f0000000640)=ANY=[@ANYBLOB="2321202e2f66696c6530202f6465762f707070000ad6f1b2a678c4cc64e6810a70f2110267699c7f4b3625612dfec5b6f94ff8b67b6bfa934cf86245d281c1561f262a5c8b08de386e249424ab2f540a1ca00a84ef8100a08571dc900dfcd3c931cab2610fa8541f009737187470c1bc25a3ba197d3d9f6f46e0d2f365f1cf27598447b616995526a1ea91aa26c6a2893180718de5128a18fef47da40fd83b383548f3278245e9ad53e40faaa5259acbe3a78cd08a333b54ee572d655313e9f084b82146658a51b855a77de463dee78e98a223e1798a73e04c7fc877fe3966ffd8985b4b734cb1100b5e3d50db0c4a2d698be81d835e21d127fb9b73c9e883a9b2f52e"], 0x103) syz_open_procfs(r6, &(0x7f0000000200)='fd\x00') ioctl$TIOCCBRK(r4, 0x5428) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x88d9, @loopback}, 0x1c) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f0000000340)=0x20) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) memfd_create(&(0x7f0000000900)="73970ddb08df8c656c667b7070703070707031236d643573756d00", 0x0) 06:11:35 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"69726c836e30000000000000000800", 0x2}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000140)=ANY=[@ANYBLOB="b06d0a000000007edb566c19adfe48a4183558c7b78fa0cff1d52d740ededf1ea0d3224614078770100000000000000000000000df17c8da39ee09"]) r1 = getpid() fcntl$setown(r0, 0x8, r1) 06:11:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x105800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000240), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) lsetxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'L-', 0x400}, 0x28, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:38 executing program 0: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10100, 0x0) ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f0000000140)) r1 = memfd_create(&(0x7f0000001fc1)='#vmnet1nodevem1\x00', 0x0) write(r1, &(0x7f0000002000)='/', 0x1) sendfile(r1, r1, &(0x7f0000000040), 0x7f) sendfile(r1, r1, &(0x7f00000000c0), 0xfe9) write$binfmt_elf32(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4}, [{}]}, 0x58) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r1, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x0) 06:11:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x2000, 0x0) accept$inet6(r1, &(0x7f0000000440)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000480)=0x1c) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@ipv4={[], [], @broadcast}, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f00000005c0)=0xfffffffffffffece) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0x0, [], [{0x9, 0x6, 0x4, 0x7ff, 0x7, 0x8001}, {0x20, 0x80000000, 0x1, 0x7ff, 0x9, 0x8001}], [[], [], [], [], [], []]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x2ff}]}) 06:11:38 executing program 4 (fault-call:8 fault-nth:16): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:38 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 474.509493] FAULT_INJECTION: forcing a failure. [ 474.509493] name failslab, interval 1, probability 0, space 0, times 0 [ 474.520997] CPU: 1 PID: 11392 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 474.527979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 474.534509] Call Trace: [ 474.534509] dump_stack+0x32d/0x480 [ 474.534509] should_fail+0x11e5/0x13c0 [ 474.534509] __should_failslab+0x278/0x2a0 [ 474.534509] should_failslab+0x29/0x70 [ 474.534509] kmem_cache_alloc+0x146/0xe20 [ 474.534509] ? mmu_topup_memory_caches+0x109/0x880 [ 474.534509] mmu_topup_memory_caches+0x109/0x880 [ 474.534509] kvm_mmu_load+0xb5/0x34a0 [ 474.534509] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 474.534509] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 474.534509] ? kmsan_set_origin+0x83/0x130 [ 474.534509] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 474.534509] ? kstrtoull+0x6fe/0x7e0 [ 474.534509] ? kmsan_set_origin+0x83/0x130 [ 474.534509] ? __msan_poison_alloca+0x1e0/0x2b0 [ 474.534509] ? put_pid+0x71/0x410 [ 474.534509] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 474.534509] ? put_pid+0x330/0x410 [ 474.534509] ? get_task_pid+0x19d/0x290 [ 474.622354] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 474.623599] ? do_vfs_ioctl+0x187/0x2d30 [ 474.623599] ? kvm_vm_release+0x90/0x90 [ 474.623599] do_vfs_ioctl+0xf77/0x2d30 [ 474.623599] ? security_file_ioctl+0x92/0x200 [ 474.623599] __se_sys_ioctl+0x1da/0x270 [ 474.623599] __x64_sys_ioctl+0x4a/0x70 [ 474.623599] do_syscall_64+0xcf/0x110 [ 474.623599] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 474.623599] RIP: 0033:0x457569 [ 474.623599] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 474.623599] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 474.623599] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 474.623599] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 474.623599] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 474.623599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 474.623599] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:38 executing program 2: r0 = socket(0x4, 0x80000000000001, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0xffffffffffffffff, &(0x7f0000000140)=0xef) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x24000, 0x0) ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f00000000c0)) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000180)={0x0, 0x3, @raw_data=[0x0, 0x80000001, 0x1, 0x7, 0x10000, 0x0, 0x8, 0xfffffffffffffff8, 0x4, 0xf3b, 0xfffffffffffffffe, 0x101, 0x5, 0xc3e, 0x400, 0x80000000000000]}) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) ptrace$pokeuser(0x6, r2, 0x7ff, 0x3) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e) 06:11:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:38 executing program 0: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000100)="30c1ed80c5d69e4e85ace393be650ada0f799abbed337442f3c9189626e981702ea2b73dd739d59d932a9a8882a5ed6ac43c1901002bec6dc6570dfbe41c2371a25e8be6f5acf4480553df1e12e81cba10010f9d8a7ad1e1f1aa8446b30a932fd1fe739d66d9d6e7e5a32cdda47360e66a26779c74f999cbbcd54cd52d6563c17ab85d6a401833a57ad7942fe6c5c61800b22e595046e706a322bdcd6dfc43980854a6fe7b2ae1e40f4c69d300cc9c720c2645b6c75173fc993e67379d8c3171fead62597b51249fcb5e5aeb612b8e2898d6f70ede2f5458d1a630b1582a42e114808c942555dc95902d5b12bb9b037281b3da1cd0c00a947ec248132a58db28") add_key(&(0x7f00000000c0)='pkcs7_test\x00', &(0x7f0000000040), &(0x7f0000000000)="3082527a", 0x4, 0xfffffffffffffffc) 06:11:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffe0, 0x400) ioctl$BLKROGET(r3, 0x125e, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)={0xa, 0x0, [{0x0, 0x9, 0x7, 0x2, 0x19, 0x4, 0x3}, {0x6, 0x4, 0x1, 0x5, 0xfffffffffffffff7, 0x101, 0x8001}, {0x80000000, 0x3, 0x2, 0x3f4, 0x4, 0x5, 0xffffffffffffffff}, {0x8000000f, 0x8, 0x0, 0xfffffffffffffff8, 0x10001, 0x46, 0x2}, {0x4000000b, 0x8b6, 0x4, 0x3, 0x8, 0x80000001, 0x5}, {0xc000000f, 0x4ac0bdcb, 0x1, 0x8, 0x8, 0x6, 0x8}, {0x618c3d5ea42524e7, 0x80, 0x2, 0x8, 0xaf, 0x5}, {0x0, 0x2, 0x1, 0xfffffffffffffff8, 0x8, 0x4, 0x93a6}, {0xc0000000, 0x81, 0x6, 0x9, 0x3, 0x2, 0x1}, {0xa, 0x7, 0x1, 0x4, 0x6, 0x4, 0x80}]}) 06:11:39 executing program 0: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000100)="30c1ed80c5d69e4e85ace393be650ada0f799abbed337442f3c9189626e981702ea2b73dd739d59d932a9a8882a5ed6ac43c1901002bec6dc6570dfbe41c2371a25e8be6f5acf4480553df1e12e81cba10010f9d8a7ad1e1f1aa8446b30a932fd1fe739d66d9d6e7e5a32cdda47360e66a26779c74f999cbbcd54cd52d6563c17ab85d6a401833a57ad7942fe6c5c61800b22e595046e706a322bdcd6dfc43980854a6fe7b2ae1e40f4c69d300cc9c720c2645b6c75173fc993e67379d8c3171fead62597b51249fcb5e5aeb612b8e2898d6f70ede2f5458d1a630b1582a42e114808c942555dc95902d5b12bb9b037281b3da1cd0c00a947ec248132a58db28") add_key(&(0x7f00000000c0)='pkcs7_test\x00', &(0x7f0000000040), &(0x7f0000000000)="3082527a", 0x4, 0xfffffffffffffffc) 06:11:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x1f) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000280), 0xa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000040), 0x113, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) accept4$inet6(r0, 0x0, &(0x7f0000000040)=0x11d, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000000)={'bridge0\x00', 0x6}) 06:11:39 executing program 4 (fault-call:8 fault-nth:17): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 475.610318] FAULT_INJECTION: forcing a failure. [ 475.610318] name failslab, interval 1, probability 0, space 0, times 0 [ 475.622038] CPU: 0 PID: 11441 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 475.629031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 475.631729] Call Trace: [ 475.631729] dump_stack+0x32d/0x480 [ 475.631729] should_fail+0x11e5/0x13c0 [ 475.631729] __should_failslab+0x278/0x2a0 [ 475.631729] should_failslab+0x29/0x70 [ 475.631729] kmem_cache_alloc+0x146/0xe20 [ 475.631729] ? mmu_topup_memory_caches+0x109/0x880 [ 475.631729] mmu_topup_memory_caches+0x109/0x880 [ 475.631729] kvm_mmu_load+0xb5/0x34a0 [ 475.631729] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 475.631729] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 475.631729] ? kmsan_set_origin+0x83/0x130 [ 475.631729] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 475.631729] ? kstrtoull+0x6fe/0x7e0 [ 475.631729] ? kmsan_set_origin+0x83/0x130 [ 475.631729] ? __msan_poison_alloca+0x1e0/0x2b0 [ 475.631729] ? put_pid+0x71/0x410 [ 475.631729] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 475.631729] ? put_pid+0x330/0x410 [ 475.631729] ? get_task_pid+0x19d/0x290 [ 475.631729] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 475.631729] ? do_vfs_ioctl+0x187/0x2d30 [ 475.631729] ? kvm_vm_release+0x90/0x90 [ 475.631729] do_vfs_ioctl+0xf77/0x2d30 [ 475.631729] ? security_file_ioctl+0x92/0x200 [ 475.631729] __se_sys_ioctl+0x1da/0x270 [ 475.631729] __x64_sys_ioctl+0x4a/0x70 [ 475.631729] do_syscall_64+0xcf/0x110 [ 475.631729] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 475.631729] RIP: 0033:0x457569 [ 475.631729] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 475.631729] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 475.631729] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 475.631729] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 475.631729] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 475.631729] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 475.631729] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:42 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000180)={r2, 0x3}) 06:11:42 executing program 2: r0 = memfd_create(&(0x7f0000000000)='em0&wlan1\x00', 0x3) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e23, 0x2, @mcast2, 0x6}}, 0x0, 0x7fffffff, 0x5, 0x100, 0x50fe}, &(0x7f0000000100)=0x98) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r1, 0x800}, 0x8) socket$kcm(0xa, 0x2, 0x0) 06:11:42 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f00000003c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x0, 0x3ff}, 0xffffffffffffffd7) 06:11:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuset.effective_mems\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000240)={0x6, 0x200, 0x20, 0x3, 0x0}, &(0x7f0000000280)=0x10) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000002c0)={r2, @in6={{0xa, 0x4e20, 0x5, @mcast1, 0x8}}}, 0x84) openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x1}]}) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000000)='rdma.max\x00', 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:11:42 executing program 4 (fault-call:8 fault-nth:18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 478.813548] FAULT_INJECTION: forcing a failure. [ 478.813548] name failslab, interval 1, probability 0, space 0, times 0 [ 478.825163] CPU: 1 PID: 11459 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 478.832138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 478.834955] Call Trace: [ 478.834955] dump_stack+0x32d/0x480 [ 478.834955] should_fail+0x11e5/0x13c0 [ 478.834955] __should_failslab+0x278/0x2a0 [ 478.834955] should_failslab+0x29/0x70 [ 478.834955] kmem_cache_alloc+0x146/0xe20 [ 478.834955] ? mmu_topup_memory_caches+0x109/0x880 [ 478.834955] mmu_topup_memory_caches+0x109/0x880 [ 478.834955] kvm_mmu_load+0xb5/0x34a0 [ 478.834955] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 478.881800] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 478.881800] ? kmsan_set_origin+0x83/0x130 [ 478.881800] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 478.881800] ? kstrtoull+0x6fe/0x7e0 [ 478.881800] ? kmsan_set_origin+0x83/0x130 [ 478.881800] ? __msan_poison_alloca+0x1e0/0x2b0 [ 478.881800] ? put_pid+0x71/0x410 [ 478.881800] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 478.881800] ? put_pid+0x330/0x410 [ 478.881800] ? get_task_pid+0x19d/0x290 [ 478.923583] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 478.923583] ? do_vfs_ioctl+0x187/0x2d30 [ 478.923583] ? kvm_vm_release+0x90/0x90 [ 478.923583] do_vfs_ioctl+0xf77/0x2d30 [ 478.923583] ? security_file_ioctl+0x92/0x200 [ 478.923583] __se_sys_ioctl+0x1da/0x270 [ 478.951755] __x64_sys_ioctl+0x4a/0x70 [ 478.951755] do_syscall_64+0xcf/0x110 [ 478.951755] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 478.951755] RIP: 0033:0x457569 [ 478.951755] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 478.951755] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 478.951755] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 478.951755] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffe0, 0x400) ioctl$BLKROGET(r3, 0x125e, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)={0xa, 0x0, [{0x0, 0x9, 0x7, 0x2, 0x19, 0x4, 0x3}, {0x6, 0x4, 0x1, 0x5, 0xfffffffffffffff7, 0x101, 0x8001}, {0x80000000, 0x3, 0x2, 0x3f4, 0x4, 0x5, 0xffffffffffffffff}, {0x8000000f, 0x8, 0x0, 0xfffffffffffffff8, 0x10001, 0x46, 0x2}, {0x4000000b, 0x8b6, 0x4, 0x3, 0x8, 0x80000001, 0x5}, {0xc000000f, 0x4ac0bdcb, 0x1, 0x8, 0x8, 0x6, 0x8}, {0x618c3d5ea42524e7, 0x80, 0x2, 0x8, 0xaf, 0x5}, {0x0, 0x2, 0x1, 0xfffffffffffffff8, 0x8, 0x4, 0x93a6}, {0xc0000000, 0x81, 0x6, 0x9, 0x3, 0x2, 0x1}, {0xa, 0x7, 0x1, 0x4, 0x6, 0x4, 0x80}]}) [ 478.951755] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 478.951755] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 479.021807] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:43 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x3, @multicast2}]}}}]}, 0x38}}, 0x0) r1 = socket$inet6(0xa, 0x5, 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}, &(0x7f00000001c0)=0x10) socketpair$inet6(0xa, 0x0, 0x6, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f00000000c0)=0x8000, 0x4) 06:11:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x100, 0x0) write$P9_RRENAME(r3, &(0x7f0000000100)={0x7, 0x15, 0x1}, 0x7) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000200)={0xffff, 0xa, 0x4, 0x100040, {}, {0x5, 0x3, 0x401, 0x7fffffff, 0x3, 0x7, "e6883172"}, 0xffffffffffffff94, 0x4, @offset=0xffffffffffffa098, 0x4}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:43 executing program 2: capset(&(0x7f0000000180)={0x19980330}, &(0x7f00009b3000)) r0 = shmget(0x1, 0xf000, 0x54000010, &(0x7f0000000000/0xf000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000000)=""/59) r1 = memfd_create(&(0x7f0000000240)="6875676574040000006d422e75736167655f6e5f409074657300f9b3714b6aaa8f3cfb7964d7e4b633818b9e7018fc0fb0bf39786b2b033d2a05731c84adcfbd1571e8fb08081aad3570948c500ccdf45cb59471bd199529675e3037406f4be4894bb4c44a7a32cdc9f2dd700c6043a62167d500df317f3b734a5556c8448e27f142327e9f177757ce2f8d4da2bcf352753da2434661aa61f0f5240919887e97168ba7b376f34f6e2e3fe5252aa9cb8003d57de96b5f82e23e216007d21c8cf661b7c1411830efa8654941d8323a1b2d5370859fecda863dc397d27db362aa3af25f57d72e156d805733bd477bcdb439e8ac9d936f237cc7d29048034f2e0ee2c8093264e438ab459af5a2234bd63d55ba3786df82b4f972dcb8fdc4a985417318b7551e1839aee403bb993908881deb012b1e8e5b45882f33b0c3c608c66306eea810ffd0142d", 0x0) pwrite64(r1, &(0x7f000003bfff)='/', 0x1, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000040)=0x7, &(0x7f00000000c0)=0x4) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r1, 0x0) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') fcntl$dupfd(r1, 0x406, r1) mkdir(&(0x7f0000000140)='./control\x00', 0x0) rename(&(0x7f0000000080)='./control\x00', &(0x7f0000000200)='./file0/file0\x00') 06:11:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:43 executing program 4 (fault-call:8 fault-nth:19): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 479.879132] capability: warning: `syz-executor2' uses 32-bit capabilities (legacy support in use) [ 480.104993] FAULT_INJECTION: forcing a failure. [ 480.104993] name failslab, interval 1, probability 0, space 0, times 0 [ 480.116502] CPU: 0 PID: 11515 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 480.123489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 480.126297] Call Trace: [ 480.126297] dump_stack+0x32d/0x480 [ 480.126297] should_fail+0x11e5/0x13c0 [ 480.126297] __should_failslab+0x278/0x2a0 [ 480.126297] should_failslab+0x29/0x70 [ 480.126297] kmem_cache_alloc+0x146/0xe20 [ 480.126297] ? mmu_topup_memory_caches+0x109/0x880 [ 480.126297] mmu_topup_memory_caches+0x109/0x880 [ 480.126297] kvm_mmu_load+0xb5/0x34a0 [ 480.126297] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 480.126297] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 480.126297] ? kmsan_set_origin+0x83/0x130 [ 480.126297] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 480.189667] ? kstrtoull+0x6fe/0x7e0 [ 480.189667] ? kmsan_set_origin+0x83/0x130 [ 480.189667] ? __msan_poison_alloca+0x1e0/0x2b0 [ 480.189667] ? put_pid+0x71/0x410 [ 480.189667] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 480.189667] ? put_pid+0x330/0x410 [ 480.189667] ? get_task_pid+0x19d/0x290 [ 480.216357] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 480.216357] ? do_vfs_ioctl+0x187/0x2d30 [ 480.216357] ? kvm_vm_release+0x90/0x90 [ 480.230515] do_vfs_ioctl+0xf77/0x2d30 [ 480.230515] ? security_file_ioctl+0x92/0x200 [ 480.230515] __se_sys_ioctl+0x1da/0x270 [ 480.230515] __x64_sys_ioctl+0x4a/0x70 [ 480.230515] do_syscall_64+0xcf/0x110 [ 480.247935] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 480.247935] RIP: 0033:0x457569 [ 480.247935] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 480.247935] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 480.247935] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 480.247935] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 480.247935] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 480.247935] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 480.247935] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:46 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0xdffffffffffffffb, &(0x7f0000000000)="0a5c2d02899bb5b577e43e892ed81c9039809ee0fcbd22e31854eaea9da9bb2951158b0d42ba176873ed687c34e808798f06bb44acd07439a1978f2030c76f3ede02cc6109c7ac6ee8b973f2d04ec34d05e8a9030e") r1 = accept$alg(r0, 0x0, 0x0) dup2(r1, r1) 06:11:46 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000180)={[{0x8, 0x0, 0x1, 0x23, 0x8, 0x4, 0x3, 0x7fffffff, 0x3, 0x5, 0x3, 0xfffffffffffff628, 0x40}, {0x100000000, 0x42c10948, 0x6, 0x9, 0xfffffffffffeffff, 0x2, 0x2, 0x6, 0xfffffffffffffff7, 0x40, 0x5, 0x7, 0x6}, {0xb60, 0x1b901100, 0x8, 0x40, 0x7, 0x6, 0x4, 0xffffffffffffffff, 0x3, 0x6, 0x400000000000, 0xfff, 0x3}], 0xff}) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:46 executing program 2: unshare(0x20400) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhci\x00', 0x0, 0x0) r1 = getpid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x7fffffff}) munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) bind$vsock_dgram(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=""/86, 0x56}, 0x0) 06:11:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) rseq(&(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x7, 0x81, 0x4, 0x2956}, 0x4}, 0x20, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000200)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:46 executing program 4 (fault-call:8 fault-nth:20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 482.997669] FAULT_INJECTION: forcing a failure. [ 482.997669] name failslab, interval 1, probability 0, space 0, times 0 [ 483.009278] CPU: 0 PID: 11533 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 483.016251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.019094] Call Trace: [ 483.019094] dump_stack+0x32d/0x480 [ 483.019094] should_fail+0x11e5/0x13c0 [ 483.019094] __should_failslab+0x278/0x2a0 [ 483.019094] should_failslab+0x29/0x70 [ 483.019094] kmem_cache_alloc+0x146/0xe20 [ 483.019094] ? mmu_topup_memory_caches+0x109/0x880 [ 483.051772] mmu_topup_memory_caches+0x109/0x880 [ 483.057038] kvm_mmu_load+0xb5/0x34a0 [ 483.059733] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 483.059733] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 483.059733] ? kmsan_set_origin+0x83/0x130 [ 483.059733] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 483.059733] ? kstrtoull+0x6fe/0x7e0 [ 483.059733] ? kmsan_set_origin+0x83/0x130 [ 483.059733] ? __msan_poison_alloca+0x1e0/0x2b0 [ 483.059733] ? put_pid+0x71/0x410 [ 483.059733] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 483.059733] ? put_pid+0x330/0x410 [ 483.059733] ? get_task_pid+0x19d/0x290 [ 483.059733] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 483.113726] ? do_vfs_ioctl+0x187/0x2d30 [ 483.113726] ? kvm_vm_release+0x90/0x90 [ 483.122335] do_vfs_ioctl+0xf77/0x2d30 [ 483.122335] ? security_file_ioctl+0x92/0x200 [ 483.122335] __se_sys_ioctl+0x1da/0x270 [ 483.122335] __x64_sys_ioctl+0x4a/0x70 [ 483.122335] do_syscall_64+0xcf/0x110 [ 483.122335] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 483.145879] RIP: 0033:0x457569 [ 483.145879] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.145879] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 483.145879] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 483.145879] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:47 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={0x0}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000001c0)={r2, 0x800}, 0x8) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00') sendfile(r1, r3, &(0x7f0000000140), 0x6d) [ 483.145879] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 483.145879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 483.145879] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:47 executing program 0: mkdir(&(0x7f0000000580)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x0) r0 = open(&(0x7f00000003c0)='.\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000140)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", r0, &(0x7f0000000080)='./file0\x00', 0x2) renameat2(r0, &(0x7f00000000c0)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", r0, &(0x7f0000000340)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x2) 06:11:47 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={r1}) setsockopt$IP_VS_SO_SET_EDITDEST(r2, 0x0, 0x489, &(0x7f0000000080)={{0xff, @rand_addr=0x4, 0x4e21, 0x1, 'wlc\x00', 0xc, 0x1, 0x5d}, {@empty, 0x4e20, 0x10000, 0xfffffffffffffffb, 0x1, 0xffffffffffffffff}}, 0x44) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x5) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000015c0)={0x0, 0x400000000001}, 0x4) syz_emit_ethernet(0x11, &(0x7f0000000140)={@link_local, @dev, [], {@llc={0x4, {@llc={0x0, 0x0, '1'}}}}}, &(0x7f0000001180)) 06:11:47 executing program 4 (fault-call:8 fault-nth:21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:47 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/4\x00') ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f00000000c0)={0x0, 0x18, 0x8, 0x3ff, "e223fdf44a873819630a1bdab67eb5788a822e7068746605b282d6788e0890b5"}) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x0, 0x34, 0x3}, &(0x7f0000000080)=0x18) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000100)={{0xfffffffffffff529, 0x6}, 'port1\x00', 0xb5, 0x8, 0x10000, 0x2, 0xdb7, 0x6, 0x9, 0x0, 0x1, 0x5}) getuid() [ 483.916979] FAULT_INJECTION: forcing a failure. [ 483.916979] name failslab, interval 1, probability 0, space 0, times 0 [ 483.928537] CPU: 1 PID: 11574 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 483.935510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.938274] Call Trace: [ 483.938274] dump_stack+0x32d/0x480 [ 483.938274] should_fail+0x11e5/0x13c0 [ 483.938274] __should_failslab+0x278/0x2a0 [ 483.938274] should_failslab+0x29/0x70 [ 483.938274] kmem_cache_alloc+0x146/0xe20 [ 483.938274] ? mmu_topup_memory_caches+0x109/0x880 [ 483.938274] mmu_topup_memory_caches+0x109/0x880 [ 483.938274] kvm_mmu_load+0xb5/0x34a0 [ 483.938274] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 483.938274] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 483.938274] ? kmsan_set_origin+0x83/0x130 [ 483.938274] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 483.938274] ? kstrtoull+0x6fe/0x7e0 [ 483.938274] ? kmsan_set_origin+0x83/0x130 [ 483.938274] ? __msan_poison_alloca+0x1e0/0x2b0 [ 483.938274] ? put_pid+0x71/0x410 [ 483.938274] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 483.938274] ? put_pid+0x330/0x410 [ 483.938274] ? get_task_pid+0x19d/0x290 [ 483.938274] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 483.938274] ? do_vfs_ioctl+0x187/0x2d30 [ 483.938274] ? kvm_vm_release+0x90/0x90 [ 483.938274] do_vfs_ioctl+0xf77/0x2d30 [ 483.938274] ? security_file_ioctl+0x92/0x200 [ 483.938274] __se_sys_ioctl+0x1da/0x270 [ 483.938274] __x64_sys_ioctl+0x4a/0x70 [ 483.938274] do_syscall_64+0xcf/0x110 [ 483.938274] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 483.938274] RIP: 0033:0x457569 [ 483.938274] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.938274] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 483.938274] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 483.938274] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 483.938274] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 483.938274] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 483.938274] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:50 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x1000, 0x0) ioctl$BLKROSET(r1, 0x125d, &(0x7f0000000180)=0xfffffffffffffffe) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000240), 0x0) 06:11:50 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net\x00') getdents64(r0, &(0x7f0000000000)=""/31, 0x1f) r1 = semget(0x2, 0x4, 0x40) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000001c0)=[0x2, 0x7, 0xf79, 0x4]) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000080)={0x0, 0xfb, 0x41, 0x2, 0x36, "d815b2575961123d6f082bc2a338ea23", "0edb951aa1c7f429bb46cdaae3d74279bd5c9c1fc78a1f3e0ac8c4640475ec690e6e46d2a7d36f56dc75c7b1"}, 0x41, 0x1) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000100)={0x8, 0xb8, "e0e2077ec64393576dc3898cdbbf20987652774fb9783461e6450875e014425db587535ed113f50cdecac6b901c5c29a30d80ed7b17cf05ad1c593b33dc8c84a068db7a79dfaee616ee931520c6568934ad6993d37eaf4d50512e698e32d3256aa228127f1ec013122012cb923da56847b5bf342d4431d6200367e756b7671e73930d1503cba6bcb771d313bbeb0ff42acf3aabe8130f593ac0a6d3c58c91edcdc49d7f73bc58ecee5c92cb4937a28d9ff299a6f6ca6b0fc"}) 06:11:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:50 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x3a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800460000180000000000069078ac1414aa800000004404000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5099260000780000faa1ac29f9edee00364ebb458bee979b0e71b7854dd99562e0ad0d117a18deee93269198881e6a10ed918ad022c41488743b0e6a74a1d10e5de3fa6f25e68eff7fa809981fbf01eb5fd93206cb24d90b3d771cad87ec3325293b1e42c93edfcc474a685300ba8c03bc57c0fc6b1ee3ea7e719d60542a6f3300021438ad450a1ed853a9b796d6387ecdb10d7194de9c3602a1e7a60fe7e2bf"], &(0x7f0000000040)) socketpair(0x213, 0x3, 0x6, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f00000000c0)=""/90) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0xfffffffffffffffa, 0x203) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000180)=0xc72e, 0x4) 06:11:50 executing program 4 (fault-call:8 fault-nth:22): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 486.971307] FAULT_INJECTION: forcing a failure. [ 486.971307] name failslab, interval 1, probability 0, space 0, times 0 [ 486.982835] CPU: 1 PID: 11601 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 486.989808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.992579] Call Trace: [ 486.992579] dump_stack+0x32d/0x480 [ 486.992579] should_fail+0x11e5/0x13c0 [ 486.992579] __should_failslab+0x278/0x2a0 [ 486.992579] should_failslab+0x29/0x70 [ 486.992579] kmem_cache_alloc+0x146/0xe20 [ 486.992579] ? mmu_topup_memory_caches+0x109/0x880 [ 486.992579] mmu_topup_memory_caches+0x109/0x880 [ 486.992579] kvm_mmu_load+0xb5/0x34a0 [ 486.992579] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 486.992579] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 486.992579] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 486.992579] ? __list_add_valid+0xb8/0x480 [ 486.992579] ? kmsan_set_origin+0x83/0x130 [ 486.992579] ? __msan_poison_alloca+0x1e0/0x2b0 [ 486.992579] ? put_pid+0x71/0x410 [ 486.992579] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 486.992579] ? put_pid+0x330/0x410 [ 486.992579] ? get_task_pid+0x19d/0x290 [ 486.992579] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 486.992579] ? do_vfs_ioctl+0x187/0x2d30 [ 486.992579] ? kvm_vm_release+0x90/0x90 [ 486.992579] do_vfs_ioctl+0xf77/0x2d30 [ 486.992579] ? security_file_ioctl+0x92/0x200 [ 486.992579] __se_sys_ioctl+0x1da/0x270 [ 486.992579] __x64_sys_ioctl+0x4a/0x70 [ 486.992579] do_syscall_64+0xcf/0x110 [ 486.992579] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 486.992579] RIP: 0033:0x457569 [ 486.992579] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 486.992579] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 486.992579] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 486.992579] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 486.992579] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 486.992579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 486.992579] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:51 executing program 0: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fuse\x00', 0x2, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6664bd", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) creat(&(0x7f00000000c0)='./file0\x00', 0x0) read$FUSE(r0, &(0x7f0000000340), 0x1000) 06:11:51 executing program 2: mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00t_a\x00ct\x00') ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000000)=""/133) getdents64(r0, &(0x7f0000000df0)=""/528, 0x128) 06:11:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x40) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000240)=0x0) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000980)=0x7) fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000440)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8) sendmsg$nl_netfilter(r3, &(0x7f0000000940)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800200}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="e0030000080700012cbd7000fbdbdf250200000757c6c74c2ca3928298e7b0569c4e8c78a3644edb4d51101b978940fad257ec7a44ad399f4bb99056eef7d6013183804ef772b03cd25df3c93b53d44388c33c2d7a06a1ebb0f983c328490e5b6e072bc80ca9003493680e2fc6b66a2cbf35b574591c1d86130d5291b0937f63f121ea7954c9f9e28b24a0dfc8df712777b6be53c45d48d6bdc81423d6c227a44f404f61e100cb10018dd64248d104b0d607ebefbe4618de5cb524b21e1062bf56a29257d3baf3d0e26ae88d98192c13cc969ffabee99a140ad6432c6cda3bceb10759f57e570fb2ec15f315a86a71022fe54f54f476394ba4c5f61d3dca9e08008900", @ANYRES32=r4, @ANYBLOB="00015a0008002300ffffffff0400ee0006000000000000000000000000000000000000bb08003200", @ANYRES32=r5, @ANYBLOB="04220b0dcf6c4f1b9ab5667e37bac883af0ced9fc1db11fe7382503b6b49de29dc0369e96a4f389102a777192df86c1181b0aec46f6917b392a754262fc82129c82fbfffbf33f88badf7b10a26087aab591ab213142a3564e306e187dab88718cd58be0d2f57878db4535c2e21655662d4052e3dea3022185d74c80e95d1e23f7c7b2c625d9158e16604e8744a7fc4eb45f5f8fbc47f64333483e6169132d217424b70b7888a863d0cd59d44d9b75b2f76e68204c01c52c60ff5bc2a3cf20c44f7245c39ec84cb4dfa9a7ca8e238161b749ef400d7cf45e6f19e015128a39829452a712e1ae6eca1c1802ce105754473c440e348d6fdab4fd4649320105e6f6bb3b8cd6dba86a58e970d3964a7b58ea5b61da6b8e842de219c08a3d0001c08364b9800100008002300", @ANYRES32=r6, @ANYBLOB="040012000c008a00c7bd0000000000007207091d5611ac8af6429de5a06461e6e06b21d110e5529af662523e5406add1a7434804b3844b0d9b2d8ec6fdab9b875023f3c9fff4ede8f7c9615cd376df2d1895df909115bc2243bc0f00ae188db3f2c0cddf573e46c94f7064ff98089e8b244378f28b5bce4e09311d09667cdf322723395d2be9a6161f000000e3960d7b230dae32d823bfb694202a3688c2c45b453a4714bacc33bca5f8fe2994dc3208353f0a2487fd0f8642ffd295c1dfd34ad25cc895e141b07ad7fa6c780c08e2118f8642daea629c198a8e855d73ecb4a391c20d2b351675a1ac6ba65f31f928ae03a928fae6fa34ebcf745a4094681093b85a0f8124614ba7104bb631cf90c2239b56211b4cda1157b044f9b67c3f189792a0ff752ed7c25b4e65acb551a900147988c04801d8067c62252252fd87fe397e9ff4532bbbfff666b6dfa1da27e1ff6b56047ba3b87c06b54f876e8b2bfe6ce16cf10eb1f66b1ef749eb4ceadf3ba6106689dc7428208645ca9dc65c2a6180"], 0x3e0}, 0x1, 0x0, 0x0, 0x20040000}, 0x90) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r7 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r7) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 06:11:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:51 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @rand_addr, @multicast1}, &(0x7f0000000080)=0xc) 06:11:51 executing program 0: r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000000)=0x8) ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000080)={0xa, {0x101, 0x9090, 0x4, 0xff}}) ftruncate(r0, 0x2081fc) r1 = open(&(0x7f0000000180)='./bus\x00', 0x141042, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000100)='security.capability\x00', &(0x7f0000000140)=@v2={0x2000000, [{0xfffffffffffffffc, 0x8}, {0x8, 0x4}]}, 0x14, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x800002, 0x11, r1, 0x0) madvise(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x2) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000050c0)={{{@in=@dev, @in=@multicast1}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000040)=0xe8) syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x2, 0x2) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9) 06:11:54 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x1, 0x901) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x800, 0x0) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000180)=r0) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:11:54 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$can_raw(0x1d, 0x3, 0x1) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt(r2, 0x1, 0x100000006, &(0x7f0000000240)="647453f31a8aae3aaf0e5c93124a3485c86ad20773ffe34936bdfdc6e3c6abbf33805008ae85ef0ed22651d30c950ce6224ae53886c905589929ba8c2efaa902ab0892b77c86334d99f4c624fb4ec10c428cc557c7", 0x55) 06:11:54 executing program 4 (fault-call:8 fault-nth:23): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:54 executing program 0: r0 = socket$inet(0x2, 0x2000000080002, 0x0) io_setup(0x0, &(0x7f0000000040)=0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x2000, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x2200, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000380)='/dev/rfkill\x00', 0x40802, 0x0) ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f00000008c0)) userfaultfd(0x80000) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0xa0000, 0x0) r6 = dup2(0xffffffffffffff9c, r0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000800)='net/mcfilter\x00') io_submit(r1, 0x7, &(0x7f0000000880)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x5, r0, &(0x7f0000000080)="29cd88c015f03d38cad539b84fcd73", 0xf, 0x3e5d, 0x0, 0x3, r2}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000140)="1229956a9f662ab392dd499ba23dd56c7ff38f682ff020428cbf54c52960fcc075cdebc47ceca873d9099bd0514cf132be12c76bc5832a58bd792903405a5eb304", 0x41, 0x8bd, 0x0, 0x3, r3}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x6, r0, &(0x7f00000002c0)="4db5c8538b549be7", 0x8, 0x9, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0xb, 0x1, r0, &(0x7f0000000340)="02eb1d2a8ddab576e398ed", 0xb, 0x8, 0x0, 0x2, r4}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x5, 0x3, r0, &(0x7f0000000400)="d1c67a33f3a4edd584bf724a95874cfb6844775881708d050ae11500e8e50d7c43c36795510a1b7ef5e068cf281abeb7a48080479500087b", 0x38, 0x100, 0x0, 0x0, r5}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0xd, 0x1, r0, &(0x7f00000004c0)="c92ae91152b41213250e9c5044cb229bbb975fbdfb127529a2a9b31f8c6df4717f547e4646f4997028ce7b9509023154521021ea2ebc7d69335ddd9e5b0beff02b10165c46beed634978dece90654c28a8ccb3431523d0e2f44842fcb15ddba3e131daad2c2266ad572ff26cdf128736643fd5368d0026e07d711c1d1dae55c5590c706622478b26e808e5fd75bf4c6e126b2afcc01bf257582e03d28e3e72821d87e3bd34bc17bfb6faeb552ff6c7fae96d0155ac404902e2176ddd", 0xbc, 0x4, 0x0, 0x0, r6}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x3, 0x1, r0, &(0x7f00000007c0)="85ce0b80f2fde1927fa37076efd24b676725a4", 0x13, 0x2, 0x0, 0x1, r7}]) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@broute={'broute\x00', 0x20, 0x2, 0x1d8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, &(0x7f0000000000), &(0x7f00000005c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'veth1_to_team\x00', "736974302000000000000400", 'bridge0\x00', 'veth0_to_bridge\x00', @link_local, [], @dev, [], 0x70, 0x70, 0xa8}}, @common=@mark={'mark\x00', 0x10, {{0x0, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'teql0\x00', 'syz_tu~\x00', 'gre0\x00', 'vcan0\x00', @broadcast, [], @local, [], 0x70, 0x70, 0xa0}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffc}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff}]}, 0x250) 06:11:54 executing program 3: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0xfffffffffffffffe) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000100)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:11:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 490.769913] Unknown ioctl -2145095672 [ 490.800505] FAULT_INJECTION: forcing a failure. [ 490.800505] name failslab, interval 1, probability 0, space 0, times 0 [ 490.812085] CPU: 0 PID: 11651 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 490.816152] Unknown ioctl -2145095672 [ 490.819051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.819073] Call Trace: [ 490.819138] dump_stack+0x32d/0x480 [ 490.819193] should_fail+0x11e5/0x13c0 [ 490.819288] __should_failslab+0x278/0x2a0 [ 490.821812] should_failslab+0x29/0x70 [ 490.850706] kmem_cache_alloc+0x146/0xe20 [ 490.850706] ? mmu_topup_memory_caches+0x109/0x880 [ 490.850706] mmu_topup_memory_caches+0x109/0x880 [ 490.850706] kvm_mmu_load+0xb5/0x34a0 [ 490.850706] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 490.850706] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 490.877547] ? kmsan_set_origin+0x83/0x130 [ 490.877547] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 490.877547] ? kstrtoull+0x6fe/0x7e0 [ 490.877547] ? kmsan_set_origin+0x83/0x130 [ 490.877547] ? __msan_poison_alloca+0x1e0/0x2b0 [ 490.877547] ? put_pid+0x71/0x410 [ 490.902564] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 490.902564] ? put_pid+0x330/0x410 [ 490.902564] ? get_task_pid+0x19d/0x290 [ 490.902564] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 490.902564] ? do_vfs_ioctl+0x187/0x2d30 [ 490.902564] ? kvm_vm_release+0x90/0x90 [ 490.902564] do_vfs_ioctl+0xf77/0x2d30 [ 490.902564] ? security_file_ioctl+0x92/0x200 [ 490.936773] __se_sys_ioctl+0x1da/0x270 [ 490.939798] __x64_sys_ioctl+0x4a/0x70 [ 490.939798] do_syscall_64+0xcf/0x110 [ 490.939798] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 490.939798] RIP: 0033:0x457569 [ 490.939798] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 490.939798] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 490.939798] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 490.939798] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 490.939798] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 490.939798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 490.939798] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:55 executing program 0: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000100)=""/70) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x40000, 0x0) openat$cgroup(r2, &(0x7f0000000180)='syz1\x00', 0x200002, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000240), 0x22) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x8b) syz_emit_ethernet(0xe, &(0x7f0000001280)={@link_local, @link_local, [], {@generic={0x8917}}}, &(0x7f00000000c0)) 06:11:55 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) clock_gettime(0x0, &(0x7f0000000180)) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000080)={&(0x7f00000001c0)={0x4, 0x224, 0x0, {0x0, 0x7530}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3f230397cb27c71c"}}, 0x48}}, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100, 0x103000) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x1, r2, 0x1}) write$UHID_DESTROY(r2, &(0x7f00000000c0), 0x4) 06:11:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x100000000, 0xc600) ioctl$EVIOCGKEYCODE(r3, 0x80084504, &(0x7f0000000280)=""/240) getsockname$unix(r3, &(0x7f0000000200), &(0x7f0000000100)=0x6e) 06:11:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:55 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$P9_RLERRORu(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="f7ea93c83b766d35fdbf40"], 0x2) close(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x98, &(0x7f0000000100)=[@in={0x2, 0x4e22, @local}, @in={0x2, 0x4e20, @rand_addr=0x7}, @in={0x2, 0x4e24, @local}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e20, 0x5, @remote, 0x1000}, @in={0x2, 0x4e21, @remote}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e22, 0x4}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000001c0)={r2, 0x1}, &(0x7f0000000200)=0x8) 06:11:55 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x102, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000080)={0x4, &(0x7f0000000100)=[{}, {}, {}, {}]}) r2 = openat$cgroup_int(r0, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x0) 06:11:58 executing program 2: r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x80) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0xfda, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000200)={0x0, 0xee, "c7fd1402b53a09cc5d4cf7435ce7d3ef486e724dfa8416da6286b6594063adebfaeaa31723ca4287c60e2d0f0027ee421aa4bfe1a25e6eaf5b5c5736f6c79e22b05423ecb2654ebefe32ab6ac33b3364bec8d099f2082e552d5b9940b2b14c0e52d27bdc1f5a6b426f25d6841327816734d372124057b48d1fc99e814a70257f286b760bcaac7b05ff8d05520878a880831fd32cbc9efd6c9ef3b0de7bb4626521d6f9ce65856a2d6944fbf0ddaf2adb339b1921c6433e077e333ab3cb9a53653a2a05935caafa0cbc4c04f1a1765f5c6cbddb74c2ef1f90326ee29ad3bd54222d643ca23a23a3c678d42d6cf7dc"}, &(0x7f0000000300)=0xf6) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000340)={r3, 0x718, 0x30}, 0xc) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000100)={0x1, [0x0]}, &(0x7f00000001c0)=0x8) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='clear_refs\x00') write$P9_RREMOVE(r4, &(0x7f0000000080)={0x5, 0x7b, 0x1}, 0x5) ioctl$sock_proto_private(r0, 0x89e0, &(0x7f00000011c0)="0cec11615fc5e7e563dc676032decf938c0ece020bc555bb7acb2e86db7ca877fc873fad17e49420ad5fb6068608cb0aff58041a4777f59ce1d548d5e16a3c481baea0c9bfdd7ac7fef2a2f80a1c9a5b37f160b26b911e2e51d3758fb81791207a28aaa435d33ffa0bfdd433218c74068f92649bbcccf19fc009a15c8061052d3d81e2c524a7e50c1cd3b3e328010ce4e9a70229ad950531884adf9c583006d39ef87c1bc4534932a120ab6211c27068382e4203f724cf432c4bb10e72ad77d7ab4060ce4d9d3c63618cc87ef7a83bb5a27757db99470f0d966370b9e07c7cf41341474f76855e0e8be99b798055b3e36a767256302ca4fce219ad07e6f2674ee30dc7495a409745f364f07eb25f0dacbffae344dbdb48c1548ff75556daa74dbc0ea83e728c01490519676c6b238900e35caf59504a4ece6d082f478a3d65e2af9ed57549090f8c35738c366ac651c2662a1bd839f66b0405167bfce4c0dcff921b20dca69ab35695afc8510dad4fce4f68919ba24c2070cbb6c56dd53c229d55c1a33291592a82b08654fea80d4ef3a4a8844a949c2174e7c1b12d815e41625279063525fcfe20d9058361c3581aaa8813293fd960a82676ca4861aeb47fcb30e319d63e915b05a4ea79c7af2b97049fe6b7cd034a5d7c04fa8044c270bfda44cc41a3aa0dd292096d11e28c34ca6cc2a9168cc582d5abac58ef77c79da8a99fa4683e8d4a9e637ff7e257d3b50bf1312b2618ebc8dbff11239a8c76da3c2d3c52a267a5c0531db59d0fdde1a6e570d4dbfcd32a2b1cb228b5c8c27200ac05632a6c4f564a79197c881579604b2b257922d1f0cd225d420636151e4eb5375dae788c7b9e20dccee06c77addbb454680d611d2ba2fc552d21c435a3cdb5254b558f16a97f376ccdd081bc4b76a14621f559dceba987f60b57f85c3669e55569a2447144280e641f668ab9bb491cb97854b22b72c6442b4ff34f953b79557995d333b85f12195bb4234bfe6aee22bb0f5e957fd5a330301c0e4646fa28b458d58681acdc75e856794fb7dda845cf55a98147f5ef39b03f5bdce9096913920869653ec4dae00eb477cc57ba003a3805e0d8e2a75f635c8ecbae300654054a8cb73291fa73b5272c3d8bd9a29135b190dea4932d3baeb4ceea812556f05a5d9bf8b11c2b7359883aa79cc42e481825e3177bd6819c7bfa475c322a8ffb6cc89a0f33406b2b30646751a7f7b4c87e5b62f65892bc6756e7e1305dd7c1cd8882011077b69f8fb7a3465b468930a1c657b608a704e966f3cd05dad600c84789db83f6c0cbcf25f5b9142b7fe32ec6fdbba8bb93bd1daa3a93126935e2869d7c261b4c94748fd20c7a9ac0ffbba0a2e9c823c8fd64ce5bab3289266ae9b9d4a610bf10d002c7102fcdb2e0a36345ef0777a8fc7d0acc4079965d3e3a01e55f068732a722887c1aeb37d019615f4bcdc22e3d907d8f7d9e3b89352b4214b968b5b90436c4f1b8e6f1bf6233b528f7b67f9c4f2c9ee95efdbe13a430370b1e6401f58cd5aae637d8498146d7579207e32425ca5da1c7a8f0f52f34e6ff8b3cf6e6c0cf82bbe4150ee7195dc653158263b177bacb3b595857f40c63797541842ba3ba899f49faf96127a90497cd6db5a2746df3d6ec748acabbd4556e110f4ba3a1735c193314543fb16de68262ec792993b501fc1891bb9c4853fb1b6295027d7b341956331f38bbcb1762f2d5ad906252d08f29adb29f31cf62a7bb85355f6e580e137958130d4e92180059a827352f75ed31b56aaded709825d909d9ff9aaed45ce04a41ef4ff44eddb5c3c8f4bd2f7bc000865a4efb435f1687c368f69bc4223bc310c336ee90b7963d5876407fa78a70c862cb43c75b1621dc7079fc22206bd872d5ae4ac6d4e6158df4e814b46334579f0e1ca0d5708889dc23c161fc1b762c8e309b66a289ffaaa6003eb98b762feca0a7646343786b76e50cf75a6a87ad3d2eec5d35cd0e7f2049ee5317d2b9dc33992d337736a715f59486bc245d0f000f65a5f217e7e353f67bf1323f5863c8858bd8efb4b1cf3af8c919acf1e7e5f22dc5343d84bdec00b0a5a312175e81d8de2b71e8f0878fa2ad47bfca967b18e453e106df4d4157d515beee44b5d726c50e16bb7e4179001b98f2d759716ebe0af9e4f28039d3e32aac5158ed07c6976a7c1874085e998a876046eba64f913955960c94faea2107bef9d7877f0899848c4604c07492919ac340bda7422f1425b74a8199649354f629c8027fd4beeb2a9813d5f0e07a8a3f6a4353c7f5cd74bbea66fec29699bbc0a858a23e830c2ebe49b3bd0bc01905dd1234d5e814f721402f342365991d493538cda99a35ef10ea24fd6acdd6bc338c22235181f9717bd4af690944136a4f7f285ccdeb18c4078135cb6d076d9b08dd1287dc7b7c6f363e23970746bc04c398e997be1d2e2e54985dacf9008d96dbb1f8642a1ae49742013c617d746ce251ae39a744142c8039ef85d729ce7a6a17fd2c2b84cffd9059799a21284acfd2812a6d021a54c3d29a01730bf6fc843cd61b3625c8b3eef08542cc83d34c94411a65a1e9531b9836b1e40ae4c0ba469a1bf16a65b45cbcde76f192a0c05cd381e024b2c39a65cf775e8a13e900eb475204ed1c02d2db7f6e6dc086795e16df306ed81d20071bbcb2fcef7bebec591192dd1ad72f1c0a341ed151f90cc38141aea9bd734f8d4b29949eacb1f896efa961796056143e229758107bc296d218179c901aa1af173996add5b02b4f7725e4e8dbd70805808f4d14e07daec3fb086e0f240787b8871b3408e5662bc43f6caa007d2e0ecea4b67798b502d68c9856365ba55ad242527d31b6501f35d58fb0eba28967a4cd2d01388a903affeb7c1ce6624d6af3a81cb70f55f321fe25f918fe80a1bb22371cc746abb88c2f383f33814129d7ccdbc8dacb4c715d20f7f5bc3c1bd0bd13e8a91db2144e9637ebeba00788f2f1062853f91294053c00a95c3e9e4c82fcbca59bf3d63d366983f7db81251a362e9a6d5bbfe34606d73d9fed677579baf639630bad6b4eec5286887fe74332999b13afb69b13cda25d98fdcd3713d2496cfd31f7cf7b3db956f73291fb82fe57a328599412e18282a88f9786b392a2dcfa5ef4770d070a69c0162a110dbe9fa98330aa43039b7bd229306bcebc2273ec363c5ca19c125649159a4e29d98af335b6fbb869daa58783d9ff41596e126ae8c77d23c34cefad8b00883e19a31a3b22b2c472b846c6400cc5056cf2e9b7ee3f60f1d0239926469417b9066bb51dc2198a53e1544af59b4415382839cdca5cf2213bf6f6ad710e4dadbf9d6c619f8eca096557fdd69dec03d36d60ba660a1f861e1c8bf8518a6b0d9f5d28f32b111f77f0fed6fa5ec6713faa7479f460befb366d5362214ab06888d25b11eb82a890de5be08c7fa4e31c32f6374643c5825f240400c80c737a8abf35fe585aa0b9f4f6fc309796c646dac8cd3ff81dd94e86eb74a5fa3414814f420821eeae66e3017bf91a661033bf04fae4ab0284229f9bb981b24cb578216dcdcc36f4ec106acb306086c9a8ca30b103fa0e313dd33a04538cca39da0032b6034570d259700ba2858976955d59fac45db74fff63fe8bf6122ab74401055aa6bdba88017561f9dbf6c61979ec58a10bacbfdcf97215b69af02859f797cbe3ab9e1ba2d17e70296fb7c5638e732764c22d83834f4e580428f66fd6925936612d2603beea7da0c858897ac6384207a77d8d0bc45740f2acb2da99271a9e40097efd6ee3b4ad75a1e7d202481c3ded9622c6a9ca50cd289e784df14489aa32b832b269e222e74a4e74502b2d54c11e077fc6bfde5a96f8ed3cf0b3a1cb8b6c047d444bc41b7942f384b485e201ba175a87277fa70f5523df9df7b45d26137b81ab56806d2aeac7553937cc3069e8c846c4ca65ca032bffe2b4382e917d982408ea07fb2ca02cc0d192a77ce55f4bbc82b45e92ddf785ec12e79de37eeda26464638473e1610d229d357942d5fb479d812dcfee2557bd97d5e5123223ba16ffafea21460e06d2fd09eb50ebe0c2d23d5366859d5cfb3f90db113635e827da62d5efc3b6c19df2699326dbbae18fd81f766df22c70b1d4348f08b87b4bead2684d3b9547112f0d5db4c53d2d7b7b6593dc4e9436961c8278d294080ef83fc9affbe4cf864736b26cb66981b3494260471fbc0520ca9c88f169d4936cb625a64c8a141e24e8d285a718642cef8a9c2a51de4327b9c5b87b373e2af108e7044b6b80e25982909392fdb4bef9d741ddcbf798b3a28dc7b0f06c27793e37953cdc625305fac9bd24a3e5f4d9b169c62844dffed0b747f349797a46bc064c761973cd0cc5bd80808b5d69ed8de1b8498f2062685e482f766583adbe56b62c8f8a73690a4ff906e212672863064698fbcc8546b0b2e52f774bd90c015d771b25bbc204f356acf570b66c4b33609aadca4581d52732a612b6249b7e5fa65092fee39533c634277b2ee612cd1085cfd2f537427474fafb71408445c3f8a4ed96251347493f7a693608148dabe789596c9c6c662d72296753d5958eb695add95846a378c17546c0c40b473d514af34f5aa5f82d4dc91820e37c28c4325af2fe540a28dc34d0dcb10a6d732e1d1f102d3a2525f1e28d468b24d35ebb317602b03e61eb10832a4b1d84b0aefb3fe177a46b8c575be3e219c5d823541d9121e48c53345295485c421b7c626c8c6cfefb41e84e3131cd553445658fd6af3c07e5423fdf5d0ba20dbfdfb65a602dd9e7f523e7957753b92dd5b4c3090e124add9c35d81694f08d31b8ad11cfa40caa9fa8d95c7b717744b952e989ecf6a27f33d144199a6da9e539aba68873c44738b3d8e9268e4680176096234dd2eb7ee8b323b7f28c0b36f25f9640097813824faf4990cd58f7509ab0c418c53248a569bc1ebe419477cf3c1d35df29f0c7fe22dc7067bbe71ec3ef2e68733076e07ccc59036f9a4478617b895f5f3213898678f798207ad06fbbb98265134827efeb00b1271f2679eed4ecc65dcdd25a85cb729af8b5f980c23330402f6ce82138a0651374e45b9132a3e6f8013eadaaa9fc35f54ed316ef5fa4738b84fbe134dea4ca97f00329ec999cb2b0afb6d6f922d363fa00bd831daa55a356b04da6664bcc5453262db82471daa6bf279e72e8acf306248e05fc005a74ef5ee8ffa05a481e5266a5f55076ee3e840a77d26914495f900c15898da8bbcf124381db1deef771058f6a0478b101af8b66599c05603a14e1eefabcb3be1252e6a544c5b855512083ac2665b5881bfc44f15cb9887c9e93d9ca57cb8987154cf66fc448954d8b465dc82d03669e7d52892356e4a11688ad8c5129d564d187ecd67584d19fb7584d7e1de52e468d17b9fa33eb9b1b5db59bd3890b94bb92e01c46152eb0a268e93b611f7350fb9df883a97600f4772f5f8aeb5863cf8a54bf806dfe19e4bad56fdb5728f4a2dd3ecb93744f3d8f695463fcc3dbc42a294fde7b2af83bd38a34b4534a65aa3e1f6f2e2d7fef7335fd55628aadccf892b90f7f55bdc08400c1c7053e15eab1e13a4e95a2d1317964620de7b51d4ea88e4382a8bb93b84fdd623fc48666764f5468eab35dddd22337367d1bd159fab3529af005bbdd601a1da5147284f17e23d2d248af9f839e5255955c61fbbf2c8583e0260060b696dae6a67e1e1dc6aa0e7166f631fa86a2154cbb5995c4fa36b15391ad1f94b22046a4b78d947161b0091c626f08794c6cb58d49b339a7fc") write$P9_RSTATFS(r4, &(0x7f0000001140)={0x43}, 0x43) 06:11:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_RELEASE(r3, 0x6431) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mixer\x00', 0x4100, 0x0) ioctl$DRM_IOCTL_AUTH_MAGIC(r4, 0x40046411, &(0x7f0000000280)=0x3) r5 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x6, 0x6002) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000200)=0x100, 0x4) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:58 executing program 4 (fault-call:8 fault-nth:24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:58 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000080)={0xffffffffffffff33, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) 06:11:58 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = getpgid(0x0) ptrace$pokeuser(0x6, r1, 0x38fda803, 0x2) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="33f9e90c4e63a32d36f01d6ebeedb627", 0x10) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000080)) [ 494.854963] FAULT_INJECTION: forcing a failure. [ 494.854963] name failslab, interval 1, probability 0, space 0, times 0 [ 494.866436] CPU: 1 PID: 11718 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 494.873419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 494.876248] Call Trace: [ 494.876248] dump_stack+0x32d/0x480 [ 494.876248] should_fail+0x11e5/0x13c0 [ 494.876248] __should_failslab+0x278/0x2a0 [ 494.876248] should_failslab+0x29/0x70 [ 494.900364] kmem_cache_alloc+0x146/0xe20 [ 494.900364] ? mmu_topup_memory_caches+0x109/0x880 [ 494.900364] mmu_topup_memory_caches+0x109/0x880 [ 494.900364] kvm_mmu_load+0xb5/0x34a0 [ 494.900364] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 494.900364] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 494.900364] ? kmsan_set_origin+0x83/0x130 [ 494.931854] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 494.931854] ? kstrtoull+0x6fe/0x7e0 [ 494.931854] ? kmsan_set_origin+0x83/0x130 [ 494.931854] ? __msan_poison_alloca+0x1e0/0x2b0 [ 494.931854] ? put_pid+0x71/0x410 [ 494.954624] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 494.954624] ? put_pid+0x330/0x410 [ 494.954624] ? get_task_pid+0x19d/0x290 [ 494.954624] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 494.954624] ? do_vfs_ioctl+0x187/0x2d30 [ 494.954624] ? kvm_vm_release+0x90/0x90 [ 494.954624] do_vfs_ioctl+0xf77/0x2d30 [ 494.954624] ? security_file_ioctl+0x92/0x200 [ 494.954624] __se_sys_ioctl+0x1da/0x270 [ 494.954624] __x64_sys_ioctl+0x4a/0x70 [ 494.954624] do_syscall_64+0xcf/0x110 [ 494.954624] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 494.954624] RIP: 0033:0x457569 [ 494.954624] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 494.954624] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 494.954624] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 494.954624] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x100000000, 0xc600) ioctl$EVIOCGKEYCODE(r3, 0x80084504, &(0x7f0000000280)=""/240) getsockname$unix(r3, &(0x7f0000000200), &(0x7f0000000100)=0x6e) 06:11:59 executing program 2: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7, 0x40) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0xcc, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x4, @ipv4={[], [], @multicast1}, 0x5257}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1f}}, @in6={0xa, 0x4e24, 0x0, @loopback, 0x8}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e24, 0x6, @mcast2, 0x5}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e22, 0xa6, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}, 0x8}, @in6={0xa, 0x4e24, 0x4, @ipv4={[], [], @broadcast}}]}, &(0x7f0000000200)=0x10) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000240)={r1, 0x5, 0xfffffffffffffff9, 0x8, 0x8, 0x80000000}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 494.954624] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 494.954624] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 495.062179] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:11:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:11:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$void(r0, 0x5451) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) sched_getattr(r3, &(0x7f0000000200), 0x30, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000040)={0x6, 0x5, 0x0, 0x301}) 06:11:59 executing program 4 (fault-call:8 fault-nth:25): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:11:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000080)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000200)={0x6, {{0x2, 0x4e24, @multicast1}}}, 0x88) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) setsockopt$inet_tcp_int(r3, 0x6, 0x4000000000014, &(0x7f0000000180)=0x80000000002, 0x93) sendto$inet(r3, &(0x7f0000000100), 0xfffffffffffffdd9, 0x0, &(0x7f0000000140)={0x2, 0x0, @broadcast}, 0x10) r4 = dup2(r1, r3) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000003c0), 0x8) ioctl$VHOST_RESET_OWNER(r4, 0xaf02, 0x0) tkill(r2, 0x15) [ 495.760425] FAULT_INJECTION: forcing a failure. [ 495.760425] name failslab, interval 1, probability 0, space 0, times 0 [ 495.771971] CPU: 0 PID: 11751 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 495.778948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 495.781743] Call Trace: [ 495.781743] dump_stack+0x32d/0x480 [ 495.781743] should_fail+0x11e5/0x13c0 [ 495.781743] __should_failslab+0x278/0x2a0 [ 495.781743] should_failslab+0x29/0x70 [ 495.781743] kmem_cache_alloc+0x146/0xe20 [ 495.781743] ? mmu_topup_memory_caches+0x109/0x880 [ 495.781743] mmu_topup_memory_caches+0x109/0x880 [ 495.781743] kvm_mmu_load+0xb5/0x34a0 [ 495.781743] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 495.781743] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 495.781743] ? kmsan_set_origin+0x83/0x130 [ 495.781743] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 495.844657] ? kstrtoull+0x6fe/0x7e0 [ 495.844657] ? kmsan_set_origin+0x83/0x130 [ 495.844657] ? __msan_poison_alloca+0x1e0/0x2b0 [ 495.858823] ? put_pid+0x71/0x410 [ 495.858823] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 495.863819] ? put_pid+0x330/0x410 [ 495.869769] ? get_task_pid+0x19d/0x290 [ 495.869769] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 495.869769] ? do_vfs_ioctl+0x187/0x2d30 [ 495.869769] ? kvm_vm_release+0x90/0x90 [ 495.869769] do_vfs_ioctl+0xf77/0x2d30 [ 495.869769] ? security_file_ioctl+0x92/0x200 [ 495.869769] __se_sys_ioctl+0x1da/0x270 [ 495.869769] __x64_sys_ioctl+0x4a/0x70 [ 495.869769] do_syscall_64+0xcf/0x110 [ 495.869769] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 495.869769] RIP: 0033:0x457569 [ 495.869769] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 495.924421] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 495.924421] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 495.924421] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:11:59 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0xfffffffffffffffd, 0x0) close(r0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) tkill(r1, 0x1a) r2 = getpgid(0x0) r3 = getpgrp(0x0) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000000)) [ 495.924421] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 495.924421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 495.924421] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x2d2) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xfff, 0x80000) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080)) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in6=@ipv4={[], [], @rand_addr}}}, {{@in6=@local}, 0x0, @in6}}, 0xe8) sendmmsg(r2, &(0x7f00000002c0), 0x4cc, 0x0) 06:12:02 executing program 1: socket(0xb, 0x1, 0x2800000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x80001, 0x4) accept4$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x34, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:02 executing program 2: mount(&(0x7f0000000000)=ANY=[@ANYBLOB="442f66698e653000"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='cgroup\x00', 0x28018a3, &(0x7f0000000100)=':wlan1em1&cgroup\x00') mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x0, 0x10031, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000180)=""/8, 0x8, 0x3) 06:12:02 executing program 5 (fault-call:8 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:02 executing program 4 (fault-call:8 fault-nth:26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x10002, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000200)={0x0, 0x3e, "f212cccb0f41b33a5fa6e9ee5fb5c83343d0e5e94c0bec57ba9623af3b70d859d56f39621dbfa2db1fb2ebb830f65a0735dbfb359be61a0aa4e357036bcf"}, &(0x7f0000000280)=0x46) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0x1}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={r4, 0x0, 0x400}, &(0x7f0000000440)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x7fffffff, 0x34100) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 498.840391] FAULT_INJECTION: forcing a failure. [ 498.840391] name failslab, interval 1, probability 0, space 0, times 0 [ 498.851885] CPU: 0 PID: 11782 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 498.858853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 498.861696] Call Trace: [ 498.861696] dump_stack+0x32d/0x480 [ 498.861696] should_fail+0x11e5/0x13c0 [ 498.861696] __should_failslab+0x278/0x2a0 [ 498.861696] should_failslab+0x29/0x70 [ 498.861696] kmem_cache_alloc+0x146/0xe20 [ 498.861696] ? mmu_topup_memory_caches+0x109/0x880 [ 498.861696] mmu_topup_memory_caches+0x109/0x880 [ 498.861696] kvm_mmu_load+0xb5/0x34a0 [ 498.861696] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 498.861696] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 498.861696] ? kmsan_set_origin+0x83/0x130 [ 498.861696] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 498.861696] ? kstrtoull+0x6fe/0x7e0 [ 498.861696] ? kmsan_set_origin+0x83/0x130 [ 498.861696] ? __msan_poison_alloca+0x1e0/0x2b0 [ 498.861696] ? put_pid+0x71/0x410 [ 498.861696] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 498.861696] ? put_pid+0x330/0x410 [ 498.861696] ? get_task_pid+0x19d/0x290 [ 498.861696] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 498.861696] ? do_vfs_ioctl+0x187/0x2d30 [ 498.861696] ? kvm_vm_release+0x90/0x90 [ 498.861696] do_vfs_ioctl+0xf77/0x2d30 [ 498.861696] ? security_file_ioctl+0x92/0x200 [ 498.861696] __se_sys_ioctl+0x1da/0x270 [ 498.861696] __x64_sys_ioctl+0x4a/0x70 [ 498.861696] do_syscall_64+0xcf/0x110 [ 498.861696] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 498.861696] RIP: 0033:0x457569 [ 498.861696] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 498.861696] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 498.861696] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 498.861696] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 498.861696] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 498.861696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 498.861696] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000040)={0x100000001, 0x8001, 0xb2}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}], 0x4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:03 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x802, 0x0) write$input_event(r1, &(0x7f00000000c0)={{}, 0x3}, 0x18) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$UI_SET_LEDBIT(r1, 0x40045569, 0xffffffffffffffff) 06:12:03 executing program 4 (fault-call:8 fault-nth:27): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x255, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000002c0)={0x2d7a6cb8}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) connect$netlink(r3, &(0x7f0000000240)=@unspec, 0xc) ioctl$VIDIOC_G_EDID(r2, 0xc0285628, &(0x7f0000000100)={0x0, 0xffffffffffffedcc, 0x400, [], &(0x7f0000000040)=0x1f}) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x200, 0x0) 06:12:03 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000100)={0xf, 0x8}, 0x10) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x4, @pix_mp={0x7d3a, 0x2, 0x0, 0x0, 0xd, [{0x9, 0xcd}, {0x6, 0x3}, {0x8, 0x1dbe6bf3}, {0xfffffffffffffffa, 0x2}, {0x4, 0x2}, {0x7, 0x8}, {0x100000001, 0x400000}, {0x81c, 0x1}], 0x400, 0x9, 0x6, 0x3, 0x7}}) perf_event_open$cgroup(&(0x7f0000000040)={0x2, 0x70, 0x6f0, 0x3ff, 0x6, 0x1000, 0x0, 0x2142c2dd, 0x4010, 0x9, 0x6, 0x77d8, 0x40, 0x100000001, 0x0, 0x9, 0x6, 0xfff, 0x80000001, 0x400, 0x5, 0x101, 0x7, 0x7f, 0x6, 0x6, 0x75, 0x2, 0x3, 0x3, 0x0, 0x401, 0x5, 0x100000000000, 0x0, 0x100, 0xffffffff, 0xb8, 0x0, 0x4c, 0x3, @perf_config_ext={0x20000000, 0x1}, 0x240, 0x5, 0x1, 0x6, 0x7, 0x6, 0x7}, r2, 0x10, 0xffffffffffffffff, 0x3) [ 499.710735] FAULT_INJECTION: forcing a failure. [ 499.710735] name failslab, interval 1, probability 0, space 0, times 0 [ 499.722299] CPU: 1 PID: 11817 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 499.729280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 499.732021] Call Trace: [ 499.732021] dump_stack+0x32d/0x480 [ 499.732021] should_fail+0x11e5/0x13c0 [ 499.747966] __should_failslab+0x278/0x2a0 [ 499.747966] should_failslab+0x29/0x70 [ 499.747966] kmem_cache_alloc+0x146/0xe20 [ 499.747966] ? mmu_topup_memory_caches+0x109/0x880 [ 499.747966] mmu_topup_memory_caches+0x109/0x880 [ 499.747966] kvm_mmu_load+0xb5/0x34a0 [ 499.747966] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 499.747966] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 499.747966] ? kmsan_set_origin+0x83/0x130 [ 499.747966] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 499.747966] ? kstrtoull+0x6fe/0x7e0 [ 499.747966] ? kmsan_set_origin+0x83/0x130 [ 499.747966] ? __msan_poison_alloca+0x1e0/0x2b0 [ 499.747966] ? put_pid+0x71/0x410 [ 499.747966] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 499.747966] ? put_pid+0x330/0x410 [ 499.747966] ? get_task_pid+0x19d/0x290 [ 499.747966] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 499.747966] ? do_vfs_ioctl+0x187/0x2d30 [ 499.747966] ? kvm_vm_release+0x90/0x90 [ 499.747966] do_vfs_ioctl+0xf77/0x2d30 [ 499.747966] ? security_file_ioctl+0x92/0x200 [ 499.747966] __se_sys_ioctl+0x1da/0x270 [ 499.747966] __x64_sys_ioctl+0x4a/0x70 [ 499.851949] do_syscall_64+0xcf/0x110 [ 499.851949] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 499.851949] RIP: 0033:0x457569 [ 499.851949] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 499.851949] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 499.851949] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 499.851949] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:12:03 executing program 2: unshare(0x400) dup2(0xffffffffffffff9c, 0xffffffffffffffff) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) socket$key(0xf, 0x3, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000100)="2f65786500000000000409004bddd9de91be10ee9ed554fa07424adee9cbc699ec2ca576e50000bcd7a071fb35331ce39c5ad0cf73770bd4246847a1914e4fb0aa9b15eaa94bcd0e700ed63b44338e84ad4ec2f11f6f2adb8dc2fdb18231446f43142ebe700b2231e8fceed6b22a373c9409675ac8d0b53033123fb3037d66241aafe0f880e7a51d1b036ade315a544d2581fe8653d0cff54369df8c2fce21dcb1cb965669f9a75345ac3479cd51dc7de364c9c272c83ed9e666ca25aad2e7a26e3d6c62d0f8b9065cfca311c06d0744db265aa0e486707c51fd108c0c6ccae6ff42274af94d30fce8836ff9d00bdd") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0xc0189436, 0x730200) 06:12:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0xaaaad40, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 499.851949] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 499.851949] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 499.921905] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:06 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000200)=[&(0x7f0000000180)='!\x00', &(0x7f00000001c0)='\x00'], 0x0) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f00000000c0)={0x7f, 0xffffffffffffff05, 0x9, 0x7f, 0x8, 0xffffffff}) 06:12:06 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='keyringvboxnet1lo\x00', 0x1) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000100)={&(0x7f0000ffa000/0x3000)=nil, 0x9, 0x7, 0x4, &(0x7f0000ffa000/0x4000)=nil, 0xc09}) r1 = creat(&(0x7f0000000900)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xcaaa4cda) link(&(0x7f0000000340)='./file1\x00', &(0x7f0000000200)='./file0\x00') accept4$unix(r1, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e, 0x80000) umount2(&(0x7f0000000140)='./file1/file0\x00', 0x0) 06:12:06 executing program 0: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x841, 0x0) write$P9_RREAD(r0, &(0x7f0000000200)={0xfd, 0x75, 0x0, {0xf2, "51305b7bb92739af84388fae1f3f4c3e3d4ed9bfcbb3e3b7aa44c144a382f729d54edd979d392cacfaca93a1afbc282841a6f93eefa929520b593f377819fb7d6388942d0c509f4198043230548b40fc1fa3e369b1bb9940021a69d2272b785c1464fef86642a4d0ec2a64d6dfd5d8251a34bb6f62c5d42d81dca83a2988e8ec354cca5614a80f27ee489f669417752e41f67ab444aa2d983d1b9599df8115213a1dd7173b92c61c9492ec1c690180417f5bb6cfc6d4e75699d4e555864ff4d63b992c88e053da61cf1d2ab0cbe5513ebbf833cc935b39db4676e7d76a8c1f997a69e79ab08085c57d075beda286cbc3d853"}}, 0xfd) dup3(r0, r0, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0}, &(0x7f0000000300)=0xc) ptrace(0xffffffffffffffff, r1) r2 = getpid() fcntl$setown(r0, 0x8, r2) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000493fa8bc57a6383b000081000000ffffff7ff3dbffffffffffff32ffff3f00000000000000b8a50000000000000000000000000000000000000000000000000000000000000600004085000000feffffffffffffff050000000000000007000000000000002ec938020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) 06:12:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x20000, 0x0) connect$l2tp(r1, &(0x7f0000000340)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x2, 0x4, 0x8000, 0x4, {0xa, 0x4e22, 0x86, @dev={0xfe, 0x80, [], 0x1e}, 0x7}}}, 0x32) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000280)="e04b3b7c7fa910325474b5e05a6b453d836a5af4f8e8d5c03e929e5b894e41ffb742c8d9f7cb38a0da511b7ecbd6478d1df0f85ac6ac8b56c5dc89d41a0d74ac79dbfb98323a") r5 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x1f, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r5, 0xc0585605, &(0x7f0000000200)={0x1, 0x4, {0x4, 0x0, 0x303f, 0x6, 0x1, 0x1, 0x0, 0x6}}) 06:12:06 executing program 4 (fault-call:8 fault-nth:28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f0000000680)=0xe8) setsockopt$inet_mreqn(r3, 0x0, 0x0, &(0x7f00000002c0)={@multicast1, @multicast1, r4}, 0xc) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x4}, &(0x7f0000000100)=0x8) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vsock\x00', 0x20000, 0x0) ioctl$TIOCSLCKTRMIOS(r6, 0x5457, &(0x7f0000000240)) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000280)=0x3, 0x4) accept4$unix(r6, 0x0, &(0x7f0000000300), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r5, 0x7aba}, &(0x7f00000001c0)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 502.916974] FAULT_INJECTION: forcing a failure. [ 502.916974] name failslab, interval 1, probability 0, space 0, times 0 [ 502.928613] CPU: 0 PID: 11845 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 502.935591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 502.938483] Call Trace: [ 502.938483] dump_stack+0x32d/0x480 [ 502.938483] should_fail+0x11e5/0x13c0 [ 502.938483] __should_failslab+0x278/0x2a0 [ 502.938483] should_failslab+0x29/0x70 [ 502.938483] kmem_cache_alloc+0x146/0xe20 [ 502.965648] ? mmu_topup_memory_caches+0x109/0x880 [ 502.965648] mmu_topup_memory_caches+0x109/0x880 [ 502.965648] kvm_mmu_load+0xb5/0x34a0 [ 502.965648] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 502.965648] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 502.991766] ? kmsan_set_origin+0x83/0x130 [ 502.997014] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 502.997014] ? kstrtoull+0x6fe/0x7e0 [ 502.997014] ? kmsan_set_origin+0x83/0x130 [ 502.997014] ? __msan_poison_alloca+0x1e0/0x2b0 [ 502.997014] ? put_pid+0x71/0x410 [ 502.997014] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 502.997014] ? put_pid+0x330/0x410 [ 502.997014] ? get_task_pid+0x19d/0x290 [ 502.997014] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 502.997014] ? do_vfs_ioctl+0x187/0x2d30 [ 502.997014] ? kvm_vm_release+0x90/0x90 [ 502.997014] do_vfs_ioctl+0xf77/0x2d30 [ 502.997014] ? security_file_ioctl+0x92/0x200 [ 502.997014] __se_sys_ioctl+0x1da/0x270 [ 502.997014] __x64_sys_ioctl+0x4a/0x70 [ 502.997014] do_syscall_64+0xcf/0x110 [ 503.062100] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 503.062100] RIP: 0033:0x457569 [ 503.062100] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 503.062100] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 503.062100] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 503.062100] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 503.062100] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 503.062100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 503.062100] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 [ 503.157875] Unknown ioctl 21591 06:12:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0xaaaad40, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 503.264709] Unknown ioctl 21591 06:12:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x400000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000009000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, &(0x7f0000000240)="0f20070f340f21260f0866b92003000066b80c00000066ba000000000f30d9f066b9800000c00f326635008000000f30f2e0000f01d1baf80c66b860c58a8d66efbafc0cb82319ef", 0x48}], 0x1, 0x30, &(0x7f0000000300), 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r4 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7, 0x80000) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000300)=@sack_info={r3, 0x1, 0x1}, &(0x7f0000000200)=0xc) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000100)={0x6, [0x40, 0xffffffffffffffff, 0x6241, 0x71, 0x5, 0x7]}, &(0x7f0000000200)=0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:07 executing program 4 (fault-call:8 fault-nth:29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 503.903201] FAULT_INJECTION: forcing a failure. [ 503.903201] name failslab, interval 1, probability 0, space 0, times 0 [ 503.914808] CPU: 0 PID: 11886 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 503.921784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.924620] Call Trace: [ 503.924620] dump_stack+0x32d/0x480 [ 503.924620] should_fail+0x11e5/0x13c0 [ 503.924620] __should_failslab+0x278/0x2a0 [ 503.924620] should_failslab+0x29/0x70 [ 503.924620] kmem_cache_alloc+0x146/0xe20 [ 503.924620] ? mmu_topup_memory_caches+0x109/0x880 [ 503.924620] mmu_topup_memory_caches+0x109/0x880 [ 503.924620] kvm_mmu_load+0xb5/0x34a0 [ 503.924620] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 503.924620] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 503.924620] ? kmsan_set_origin+0x83/0x130 [ 503.924620] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 503.924620] ? kstrtoull+0x6fe/0x7e0 [ 503.991824] ? kmsan_set_origin+0x83/0x130 [ 503.991824] ? __msan_poison_alloca+0x1e0/0x2b0 [ 503.991824] ? put_pid+0x71/0x410 [ 503.991824] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 503.991824] ? put_pid+0x330/0x410 [ 503.991824] ? get_task_pid+0x19d/0x290 [ 503.991824] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 503.991824] ? do_vfs_ioctl+0x187/0x2d30 [ 503.991824] ? kvm_vm_release+0x90/0x90 [ 503.991824] do_vfs_ioctl+0xf77/0x2d30 [ 503.991824] ? security_file_ioctl+0x92/0x200 [ 503.991824] __se_sys_ioctl+0x1da/0x270 [ 503.991824] __x64_sys_ioctl+0x4a/0x70 [ 503.991824] do_syscall_64+0xcf/0x110 [ 503.991824] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 503.991824] RIP: 0033:0x457569 [ 503.991824] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 504.068856] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 504.068856] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 504.068856] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:12:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) stat(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000b80)=0x0, &(0x7f0000000bc0), &(0x7f0000000c00)) sendmsg$unix(r2, &(0x7f0000000c80)={&(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000280)="a40e85a7680f1298798430a5a1eeba56b4780c26848b2927732374cfd83859f8e8a460e4a65b38b6382fd690e1bba6c72232869436f04cafdc303cf5c50f69e01e3a9e90a11e4e2523691f062e969cd788b3e3da8d81e149899f2053f982efae73daa260f1b1b8bd814b0ed18923065f4fb73b8ab025a589196e6e21d55ab304f0dfade82d69f1d9df30e75abe726a450cbbc89196032aa2bf47aae398a2d24ea1db761071b79d85bfbc5714ba6daeebdf9c226a71ef0e47a5bb0231bf8e70b231dc98cf505f3b4e617c5b72bee6495959f6e0fc08f2dd", 0xd7}, {&(0x7f0000000440)="c3e8f68ade9d53192a3c6630c7f8031c0d8a20eea9ee9e4a2ef30a82f9cf7ef6b0a5500c145d24703d03dc8829965b4972574cfa6aa4fa10c3cc33401f8afc913191df648a511b589f130bd83ea13e60158da8a95a2f1f9a4c02fd3a2817c4a3551454199536c3b4483668038c6df39568cc", 0x72}, {&(0x7f00000004c0)="8e2c29824d24cc3bc88a1ee1662ba784c532252c4638a075341f5b2973330694cb97e483d8f46844496010bae95ca835833e1f7acd8d1ebf0bfaf39f50ab41edd4d094ca63d3211988428ad97d8d5454e12d866ff627af94aa415c9fe91996d680df6a09a281044b7d7210d979ccaad0b0542dc1344463d6b4a122a194431e595495674d6cfe6f37e0d610156652cb2569c22c3e086230", 0x97}, {&(0x7f0000000580)="047a657cc4c4b5a0e17af7b8b02ac7bd4265ac7dfc1fabc36298de7b5a61711c1ad3b722e6985b12de3f224b3c0a60024ba166816985792f53060124fc325e54bff27ef6f1578998a89cece82adfb4b9b58abd9e1d18efd837ad9d7d404d0a8215737234f51750c2576260e05f2218e4f6a9f9618daa3c9db2d0eb5d3764b54dbbc38354e5fd393e3e4cb1d262c7e957942b01ac8cff7c70f8c82a342c1e7d7837a19ca4026f57b5c5b4b1bed9ce9b3b37e9656014220c0f6f256c8222473df161900713292bdd941161fd7808f91e", 0xcf}, {&(0x7f0000000680)="996c09444a5b82cbfa5339c1cdc981e2639cd20a20688fb87159e9edef22104376eef6234934434f7bd6ef481711be6ad4d8bc1132258abed40c8cd35f787ae813074f13659117f1ebae5535e98414571f1a2be7fe47e5cd09ce8aa2062d1e4c92459299ca37aaae9082878b6cdd5ebe604ccac2df700f4f0ef4024ddfd118a7e909d48eaaa3c3e5021caf23e2d0c740aaac480bb73a072ab720770fcb0132bac37f49523cc0ff5a3ee909f57e6157", 0xaf}, {&(0x7f0000000740)="cb32a44c607e042b7dc161467f4ca3e7df371991dd525789100306496d21d3ab06bc1e16bcfac5645d44e320ce4bf5b53a39320bfefb1cb54a46c131a3047f38f7a34e3591bc4938beebd15cd2c8bcae98ee5e03c157999dee3d187973d5e2a000d4dc2ede5abf63988222de836b3e0bd255483fe35d468f19f4e7e3c160eeb8dccaf3ddffa7239def778ba1ea3bf7292d9d3eb99481e683a03614bb176301a9decff2d09ab972f0fad3a8fa5d8e24caebdc3b2b0919126da43e4328ceb28fb09ee72e318517ac00b967627cf2c4102c7234850cae18b23e93331ce44c7e24adcd8a2f8b1eba9eb24777e0253674bda7cbf4cf", 0xf3}, {&(0x7f0000000840)="a51181e92be6d4eadcaa18a4641a0022a67bf36af8c903becf5f794561f85261a3015ddb162038fe42953f69cfc22dca3b8169c4bcbbd42abff0c3f69556c35a7805b268c7f9934180eacd8afb896d5edc7cd7632bb7db9d650ce2334001067c1a809c73388d20561ca2acd12c9c4f7229fb65d795ada474816f9f7d45d4f6088eec8215fb597f1f0f417a290b0ef4941c1f5db5301fcd26c003dae8d962036b2946e42d68ed32f14f20550b32501a92f9ef7dbf80766bb1d00aee282b749b950dacb2c79c2adcc12bf6d50b45cbe47a73fc5a9460546b44a185d3e71c728100ed9b49d17820", 0xe6}, {&(0x7f0000000940)="cd3da55910cb83243e11f2ab96cc5f8673c1331b477c0a69f4e731fcf57d558ee98ec93bb4e7ddb42fb387164a32672f6f43e2dc0fc890a52d065f475787630b9a2159b670486155a64e3cad2ec822071723e90c93a72fe6eaa54c9484fc7fd607fc7b309c807b7af0157d69f9b457c0c93c094afae4ac48e67255c48205d191303e8780a17f0aa79742febab7d9c43dfcd9c6620aefa7fc3afe6b2102", 0x9d}, {&(0x7f0000000040)="882cbe9301cfbc6deb316636caa575d5497aad340a0a104a67661ee6d4234c", 0x1f}], 0x9, &(0x7f0000000c40)=[@cred={0x20, 0x1, 0x2, r3, r4, r5}], 0x20, 0x4000000}, 0x10) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r7 = syz_open_dev$dmmidi(&(0x7f0000000cc0)='/dev/dmmidi#\x00', 0x13, 0x20000) ioctl$KVM_SET_GUEST_DEBUG(r7, 0x4048ae9b, &(0x7f0000000d00)={0x60000, 0x0, [0x100000000, 0x3ff, 0x0, 0x5, 0x0, 0x0, 0x2, 0x80]}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 504.068856] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 504.068856] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 504.068856] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:08 executing program 2: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r0, 0x0, 0x400000a77, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x8000, 0x4) write$binfmt_elf64(r3, &(0x7f00000000c0)=ANY=[@ANYRESHEX=0x0], 0xe681f134) close(r1) 06:12:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:11 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000180)={0x86, 0x101, 0x2, 'queue1\x00', 0x7}) 06:12:11 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x8, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000080)=0x3, 0x4) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)=""/193, &(0x7f0000000280)=""/97, &(0x7f0000000300)=""/127}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)=ANY=[]) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000000c0)={0x1, 0x0, &(0x7f0000000380)=""/115, &(0x7f0000000580)=""/156, &(0x7f0000000940)=""/185}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000006c0)=0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000640)={0x1, 0x0, [{0x0, 0xffffffffffffff51, &(0x7f0000000a00)=""/222}]}) 06:12:11 executing program 4 (fault-call:8 fault-nth:30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = fcntl$getown(r0, 0x9) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000040)={0x5}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:11 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="59e3b70b281f9682cd"], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x25}, [@ldst={0x7}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x437, &(0x7f000000cf3d)=""/195}, 0x48) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast1}, &(0x7f0000000040)=0x10, 0x800) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0x53, "4ae60130715eb29414cea12ce9cd048abeb7eb8d3f08d3283c9304f0f7d946b738d507e4034da4e13d7860c7ae050b08822d5a54bdf92734bd121d9a30d41d127410d013f8e7ab0c291a183c4ec018e92439cb"}, &(0x7f0000000100)=0x5b) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x101, 0xf3, 0x8200, 0x1, 0x1ff, 0x5, 0x400, 0x40, r1}, 0x20) [ 507.828678] FAULT_INJECTION: forcing a failure. [ 507.828678] name failslab, interval 1, probability 0, space 0, times 0 [ 507.840139] CPU: 1 PID: 11914 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 507.847108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.849990] Call Trace: [ 507.849990] dump_stack+0x32d/0x480 [ 507.849990] should_fail+0x11e5/0x13c0 [ 507.849990] __should_failslab+0x278/0x2a0 [ 507.849990] should_failslab+0x29/0x70 [ 507.849990] kmem_cache_alloc+0x146/0xe20 [ 507.849990] ? mmu_topup_memory_caches+0x109/0x880 [ 507.849990] mmu_topup_memory_caches+0x109/0x880 [ 507.849990] kvm_mmu_load+0xb5/0x34a0 [ 507.849990] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 507.849990] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 507.849990] ? kmsan_set_origin+0x83/0x130 [ 507.849990] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 507.849990] ? kstrtoull+0x6fe/0x7e0 [ 507.849990] ? kmsan_set_origin+0x83/0x130 [ 507.849990] ? __msan_poison_alloca+0x1e0/0x2b0 [ 507.849990] ? put_pid+0x71/0x410 [ 507.849990] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 507.849990] ? put_pid+0x330/0x410 [ 507.849990] ? get_task_pid+0x19d/0x290 [ 507.849990] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 507.849990] ? do_vfs_ioctl+0x187/0x2d30 [ 507.849990] ? kvm_vm_release+0x90/0x90 [ 507.849990] do_vfs_ioctl+0xf77/0x2d30 [ 507.849990] ? security_file_ioctl+0x92/0x200 [ 507.849990] __se_sys_ioctl+0x1da/0x270 [ 507.849990] __x64_sys_ioctl+0x4a/0x70 [ 507.849990] do_syscall_64+0xcf/0x110 [ 507.849990] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 507.849990] RIP: 0033:0x457569 [ 507.849990] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 507.849990] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 507.849990] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 508.017346] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 508.017346] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 508.017346] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 508.017346] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:12 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000100)=0xc) read(r0, &(0x7f0000003c40)=""/39, 0x380) write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000cedeb280e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002c672e39e0fa03ec7108410000000000000000"], 0x125) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7, 0x8000) ioctl$KVM_GET_NESTED_STATE(r1, 0xc080aebe, &(0x7f00000004c0)={0x0, 0x0, 0x2080}) 06:12:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) prctl$getname(0x10, &(0x7f0000000040)=""/24) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x80000, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000200)=[{0xf, 0x1}, {0x6, 0x8001}, {0x4, 0xffff}], 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:12 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xc0109207, 0x11) dup2(r0, r1) 06:12:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$FICLONE(r0, 0x40049409, r2) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000340)='trusted.overlay.opaque\x00', &(0x7f0000000380)='y\x00', 0x2, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xb) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0}, &(0x7f00000004c0)=0xc) r5 = fcntl$dupfd(r2, 0x406, r0) setsockopt$inet6_MRT6_ADD_MIF(r5, 0x29, 0xca, &(0x7f0000001dc0)={0xc00, 0x1, 0x80000000, 0xcca, 0x5}, 0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000500)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000600)=0xe8) setreuid(r4, r6) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) gettid() r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='cmdline\x00') exit(0x0) preadv(r7, &(0x7f0000000240)=[{&(0x7f0000000140)=""/202, 0xca}], 0x1, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r8 = dup3(r2, r0, 0x80000) r9 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200) setsockopt$inet_sctp_SCTP_ASSOCINFO(r9, 0x84, 0x1, &(0x7f0000000100)={r3, 0xffffffffffffffff, 0x1000, 0x6, 0x5}, 0x14) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r9, 0xc0a85352, &(0x7f0000000240)={{0x2, 0x3}, 'port0\x00', 0x0, 0x800, 0x1, 0x40, 0x0, 0x7fff, 0x40, 0x0, 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$VIDIOC_DQBUF(r8, 0xc0585611, &(0x7f0000000680)={0x2, 0xf, 0x4, 0x280000, {0x0, 0x2710}, {0x2, 0x0, 0x8, 0x7, 0x4, 0xa1, "fb1e98eb"}, 0x1, 0x3, @planes=&(0x7f0000000640)={0xf6a, 0x1, @userptr=0x7fffffff, 0x200}, 0x4}) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/loop-control\x00', 0x10000, 0x0) write$eventfd(r8, &(0x7f0000000300)=0xffff, 0x8) 06:12:12 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x800) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f000000f000/0x4000)=nil, 0x4000}, 0x3}) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000013e95), 0x4) r4 = accept(r0, &(0x7f0000000080)=@ipx, &(0x7f0000000100)=0x80) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000200)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x98) close(r3) close(r2) 06:12:12 executing program 4 (fault-call:8 fault-nth:31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:12 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x4000, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f0000000080)={0x7, 0x0, 0x1, {0x1, 0x100, 0xc029, 0x7}}) unshare(0x8000400) accept4$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000140)=0x1c, 0xe7e9812f02f3f844) r1 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x71a}) r2 = creat(&(0x7f0000001d40)='./bus\x00', 0x0) sendfile(r2, r1, &(0x7f00000000c0)=0x3fffffffffffff, 0x0) [ 508.903465] FAULT_INJECTION: forcing a failure. [ 508.903465] name failslab, interval 1, probability 0, space 0, times 0 [ 508.915057] CPU: 0 PID: 11968 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 508.922033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 508.924824] Call Trace: [ 508.924824] dump_stack+0x32d/0x480 [ 508.924824] should_fail+0x11e5/0x13c0 [ 508.924824] __should_failslab+0x278/0x2a0 [ 508.924824] should_failslab+0x29/0x70 [ 508.924824] kmem_cache_alloc+0x146/0xe20 [ 508.924824] ? mmu_topup_memory_caches+0x109/0x880 [ 508.924824] mmu_topup_memory_caches+0x109/0x880 [ 508.924824] kvm_mmu_load+0xb5/0x34a0 [ 508.924824] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 508.924824] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 508.924824] ? kmsan_set_origin+0x83/0x130 [ 508.924824] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 508.924824] ? kstrtoull+0x6fe/0x7e0 [ 508.924824] ? kmsan_set_origin+0x83/0x130 [ 508.924824] ? __msan_poison_alloca+0x1e0/0x2b0 [ 508.924824] ? put_pid+0x71/0x410 [ 508.924824] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 508.924824] ? put_pid+0x330/0x410 [ 508.924824] ? get_task_pid+0x19d/0x290 [ 508.924824] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 508.924824] ? do_vfs_ioctl+0x187/0x2d30 [ 508.924824] ? kvm_vm_release+0x90/0x90 [ 508.924824] do_vfs_ioctl+0xf77/0x2d30 [ 509.031919] ? security_file_ioctl+0x92/0x200 [ 509.036261] __se_sys_ioctl+0x1da/0x270 [ 509.036261] __x64_sys_ioctl+0x4a/0x70 [ 509.036261] do_syscall_64+0xcf/0x110 [ 509.036261] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 509.036261] RIP: 0033:0x457569 [ 509.036261] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 509.036261] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 509.036261] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 509.036261] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 509.036261] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 509.101730] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 509.101730] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:15 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0xc4040, 0x0) ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f00000001c0)={0x5, 0x1, 0x3, 0xa0, 0xfffffffffffffff8}) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) sendto$packet(r0, &(0x7f0000000080)="08446be5345dbb972c4e6d4c6f64e0cb17c503d4b40da6fa13368f93613d45fdc0c821150224b4b2db12d6", 0x2b, 0x0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:15 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0x1, 0x7, 0x0, 0x3ff}, 0x2c) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$packet(0x11, 0x3, 0x300, &(0x7f00000002c0)) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000300)={0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, 0xffffffffffffff9c}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000040)={r2}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000340)={'Lo\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00?\x00', 0xffffffffffffffff, 0x4c000000}, &(0x7f0000000080)="520972697374e363757367725669643a4465", 0x0) ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f00000003c0)=""/74) getpgid(0x0) 06:12:15 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234418dd25d766070") r1 = socket$kcm(0x29, 0x200000000000002, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xbc, 0x10002) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f00000000c0)={@hyper}) fcntl$setstatus(r1, 0x4, 0x2000) r3 = memfd_create(&(0x7f0000000240)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="da", 0x1}], 0x1, 0x800000) sendfile(r1, r3, &(0x7f00000002c0), 0x1ffe00) 06:12:15 executing program 4 (fault-call:8 fault-nth:32): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 512.002601] FAULT_INJECTION: forcing a failure. [ 512.002601] name failslab, interval 1, probability 0, space 0, times 0 [ 512.014145] CPU: 1 PID: 11994 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 512.021119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.023975] Call Trace: [ 512.023975] dump_stack+0x32d/0x480 [ 512.023975] should_fail+0x11e5/0x13c0 [ 512.023975] __should_failslab+0x278/0x2a0 [ 512.023975] should_failslab+0x29/0x70 [ 512.023975] kmem_cache_alloc+0x146/0xe20 [ 512.023975] ? mmu_topup_memory_caches+0x109/0x880 [ 512.023975] mmu_topup_memory_caches+0x109/0x880 [ 512.023975] kvm_mmu_load+0xb5/0x34a0 [ 512.023975] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 512.023975] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 512.023975] ? kmsan_set_origin+0x83/0x130 [ 512.023975] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 512.023975] ? kstrtoull+0x6fe/0x7e0 [ 512.023975] ? kmsan_set_origin+0x83/0x130 [ 512.023975] ? __msan_poison_alloca+0x1e0/0x2b0 [ 512.023975] ? put_pid+0x71/0x410 [ 512.023975] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 512.023975] ? put_pid+0x330/0x410 [ 512.023975] ? get_task_pid+0x19d/0x290 [ 512.023975] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 512.023975] ? do_vfs_ioctl+0x187/0x2d30 [ 512.023975] ? kvm_vm_release+0x90/0x90 [ 512.023975] do_vfs_ioctl+0xf77/0x2d30 [ 512.023975] ? security_file_ioctl+0x92/0x200 [ 512.023975] __se_sys_ioctl+0x1da/0x270 [ 512.023975] __x64_sys_ioctl+0x4a/0x70 [ 512.023975] do_syscall_64+0xcf/0x110 [ 512.023975] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 512.023975] RIP: 0033:0x457569 [ 512.023975] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.023975] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.023975] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 512.023975] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:12:16 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x0, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) open_by_handle_at(r1, &(0x7f0000000040)={0x48, 0x3f, "33dad0e6b8e28df82ea579088420e92ce7f865bf2070f4b792849626321d464c9c944a7e12137fb2b991ada30a47a9b4bade49c19e86bbee61a207ee4bbaacba"}, 0x30102) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigaction(0x1c, &(0x7f0000000000)={0x0}, &(0x7f0000000100), 0x8, &(0x7f00000000c0)) [ 512.023975] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 512.023975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 512.023975] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:16 executing program 4 (fault-call:8 fault-nth:33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2, 0x10, r1, 0xf) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) poll(&(0x7f0000000040)=[{r0, 0x4}, {r2, 0x9204}, {r0, 0x100c}, {r2, 0x8440}, {r0, 0x2300}], 0x5, 0xffffffff) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 512.788165] FAULT_INJECTION: forcing a failure. [ 512.788165] name failslab, interval 1, probability 0, space 0, times 0 [ 512.799715] CPU: 1 PID: 12022 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 512.806682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.809516] Call Trace: [ 512.809516] dump_stack+0x32d/0x480 [ 512.809516] should_fail+0x11e5/0x13c0 [ 512.809516] __should_failslab+0x278/0x2a0 [ 512.809516] should_failslab+0x29/0x70 [ 512.809516] kmem_cache_alloc+0x146/0xe20 [ 512.809516] ? mmu_topup_memory_caches+0x109/0x880 [ 512.809516] mmu_topup_memory_caches+0x109/0x880 [ 512.809516] kvm_mmu_load+0xb5/0x34a0 [ 512.809516] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 512.809516] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 512.809516] ? kmsan_set_origin+0x83/0x130 [ 512.865014] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 512.865014] ? kstrtoull+0x6fe/0x7e0 [ 512.865014] ? kmsan_set_origin+0x83/0x130 [ 512.865014] ? __msan_poison_alloca+0x1e0/0x2b0 [ 512.881855] ? put_pid+0x71/0x410 [ 512.881855] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 512.881855] ? put_pid+0x330/0x410 [ 512.881855] ? get_task_pid+0x19d/0x290 [ 512.881855] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 512.881855] ? do_vfs_ioctl+0x187/0x2d30 [ 512.881855] ? kvm_vm_release+0x90/0x90 [ 512.881855] do_vfs_ioctl+0xf77/0x2d30 [ 512.881855] ? security_file_ioctl+0x92/0x200 [ 512.919944] __se_sys_ioctl+0x1da/0x270 [ 512.919944] __x64_sys_ioctl+0x4a/0x70 [ 512.919944] do_syscall_64+0xcf/0x110 [ 512.919944] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 512.919944] RIP: 0033:0x457569 [ 512.919944] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.958890] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.958890] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 512.958890] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 06:12:17 executing program 2: unshare(0x28020400) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_evm(r0, &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000700)=ANY=[@ANYBLOB="05020700000600050005ab6a400a9d"], 0xf, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x12) getresuid(&(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)) ioctl$RTC_VL_CLR(r2, 0x7014) r4 = getgid() setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000740)={0x84, 0x5ff, 0x100000001}, 0xc) chown(&(0x7f00000006c0)='./file2\x00', r3, r4) getdents64(r2, &(0x7f0000000080)=""/11, 0xaf0a256890065434) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x9, 0x3, 0x460, 0x0, 0x0, 0x0, 0x230, 0x0, 0x390, 0x390, 0x390, 0x390, 0x390, 0x3, &(0x7f0000000000), {[{{@ipv6={@dev={0xfe, 0x80, [], 0x1b}, @remote, [0xff, 0xff000000, 0xffffffff, 0xffffffff], [0x0, 0x0, 0xff, 0xff000000], 'veth1_to_bond\x00', 'irlan0\x00', {0xff}, {0xff}, 0x6, 0x10001, 0x2, 0x12}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0xe43, 0x7a042e74, 0xffff, 0x0, 0x10, 0x6, [@loopback, @empty, @dev={0xfe, 0x80, [], 0x17}, @dev={0xfe, 0x80, [], 0x1d}, @ipv4={[], [], @remote}, @empty, @mcast2, @empty, @dev={0xfe, 0x80, [], 0x15}, @ipv4={[], [], @rand_addr=0x6}, @ipv4={[], [], @loopback}, @dev={0xfe, 0x80, [], 0x13}, @loopback, @ipv4={[], [], @loopback}, @ipv4={[], [], @multicast2}, @loopback], 0xb}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0xffff, 0x3, 0x1}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@srh={0x30, 'srh\x00', 0x0, {0x11, 0x7f, 0xa, 0x5, 0xfffffffffffffffe, 0x2, 0x89}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0xfffffffffffffffa, 0x3, 0xffff, 'snmp\x00', 'syz0\x00', 0x5}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) 06:12:17 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x0, 0x0) r1 = dup(r0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$TCXONC(r1, 0x4004af07, 0xffffffffffffffe0) [ 512.958890] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 512.958890] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 512.958890] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x1, 0x100) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0x10) ioctl$EVIOCGABS0(r3, 0x80184540, &(0x7f0000000240)=""/148) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) lsetxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'L-', 0x7}, 0x28, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:20 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=[&(0x7f0000000080)='/dev/input/event#\x00', &(0x7f0000000180)='user\x00'], &(0x7f0000000180), 0xfffffffffffff) 06:12:20 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f00000003c0)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='sysfs\x00', 0x0, &(0x7f0000000100)) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000440)=""/186, 0xffffffffffffff3c) execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=[&(0x7f0000000080)='sysfs\x00', &(0x7f0000000100)='wlan0\x00', &(0x7f0000000140)='keyring}eth1\x00', &(0x7f0000000180)='sysfs\x00'], &(0x7f0000000280)=[&(0x7f0000000240)='sysfs\x00']) r1 = syz_open_dev$amidi(&(0x7f00000002c0)='/dev/amidi#\x00', 0x1, 0x80000) ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000300)) linkat(r0, &(0x7f0000000340)='./file0\x00', r0, &(0x7f0000000380)='./file0\x00', 0x1400) setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f00000003c0), 0x4) 06:12:20 executing program 2: socketpair$inet6(0xa, 0x6, 0x5, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@empty, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfe}, 0xffffffffffffff4b) 06:12:20 executing program 4 (fault-call:8 fault-nth:34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$TIOCLINUX4(r2, 0x541c, &(0x7f0000000040)) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 516.124583] FAULT_INJECTION: forcing a failure. [ 516.124583] name failslab, interval 1, probability 0, space 0, times 0 [ 516.136181] CPU: 0 PID: 12066 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 516.143161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.145949] Call Trace: [ 516.145949] dump_stack+0x32d/0x480 [ 516.145949] should_fail+0x11e5/0x13c0 [ 516.145949] __should_failslab+0x278/0x2a0 [ 516.145949] should_failslab+0x29/0x70 [ 516.145949] kmem_cache_alloc+0x146/0xe20 [ 516.145949] ? mmu_topup_memory_caches+0x109/0x880 [ 516.145949] mmu_topup_memory_caches+0x109/0x880 [ 516.145949] kvm_mmu_load+0xb5/0x34a0 [ 516.145949] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 516.145949] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 516.145949] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 516.145949] ? __list_add_valid+0xb8/0x480 [ 516.145949] ? kmsan_set_origin+0x83/0x130 [ 516.145949] ? __msan_poison_alloca+0x1e0/0x2b0 [ 516.218095] ? put_pid+0x71/0x410 [ 516.218095] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 516.218095] ? put_pid+0x330/0x410 [ 516.218095] ? get_task_pid+0x19d/0x290 [ 516.218095] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 516.218095] ? do_vfs_ioctl+0x187/0x2d30 [ 516.218095] ? kvm_vm_release+0x90/0x90 [ 516.218095] do_vfs_ioctl+0xf77/0x2d30 [ 516.218095] ? security_file_ioctl+0x92/0x200 [ 516.218095] __se_sys_ioctl+0x1da/0x270 [ 516.218095] __x64_sys_ioctl+0x4a/0x70 [ 516.218095] do_syscall_64+0xcf/0x110 [ 516.218095] entry_SYSCALL_64_after_hwframe+0x63/0xe7 06:12:20 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x581402, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000140)=0x1, 0xffffffffffffff50) r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x22fffd) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000000c0)=0x20800001c) r2 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r2, 0x10d, 0x2000000000000db, &(0x7f0000000000), &(0x7f0000000200)=0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) write$P9_RMKDIR(r0, &(0x7f0000000240)={0x14, 0x49, 0x2, {0x80, 0x4, 0x6}}, 0x14) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) prctl$setmm(0x23, 0x3, &(0x7f0000fff000/0x1000)=nil) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) semget$private(0x0, 0x7, 0x0) getsockopt$inet6_int(r3, 0x29, 0xdb, &(0x7f0000000040), &(0x7f00000001c0)=0x4) semtimedop(0x0, &(0x7f0000000180)=[{0x0, 0xfffffffffffffffc}], 0x1, &(0x7f0000000200)) ioctl$ION_IOC_HEAP_QUERY(r3, 0xc0184908, &(0x7f0000000280)={0xffffffffffffff24, 0x0, &(0x7f00000002c0)}) [ 516.218095] RIP: 0033:0x457569 [ 516.218095] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 516.218095] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.218095] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 516.218095] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 516.218095] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 516.218095] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 516.218095] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:20 executing program 0: socket$inet_smc(0x2b, 0x1, 0x0) 06:12:20 executing program 2: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0e85667, &(0x7f00000003c0)={0x40000000, 0x101, "1e6cfb4436d737af7955c9c1929e349e8548fbcda60abbd7ecfd9a7e98b8f5c2", 0x5, 0x9, 0x6, 0x80000000, 0xfff, 0x7, 0xffff, 0x200, [0x101, 0x3, 0x8, 0x7]}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000180)={0x1, [0x0]}, &(0x7f0000000200)=0x8) sendmsg$rds(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000840), 0x0, &(0x7f00000002c0)=[@rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000040)=""/55, 0x37}, &(0x7f00000000c0)}}], 0x30}, 0x0) 06:12:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x100) ioctl$VIDIOC_ENUMAUDIO(r3, 0xc0345641, &(0x7f0000000100)={0x3f, "e84b4afa31bb2a2ae4b787ff1df29b5d5905af3496870651a563a1a1b4682275", 0x2, 0x1}) readlinkat(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/224, 0xe0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000440)) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") request_key(&(0x7f00000001c0)='keyring\x00', &(0x7f00000014c0)={'syz', 0x2}, &(0x7f0000001500)='/dev/nullb0\x00', 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001800)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r5, 0x0) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(0xffffffffffffffff, 0xc0305302, &(0x7f0000000240)={0x8000, 0x6, 0x0, 0x0, 0x2}) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000001580)='./file0\x00', &(0x7f00000015c0)='trusted.overlay.redirect\x00', &(0x7f0000001600)='./file0\x00', 0x8, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0) eventfd(0x5) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000200)={0x40}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) fremovexattr(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="757365722e2a73797374656d6d643573756dba6367726f75706e74de79e19c5aebe4cf3343565222e857e6cecf1a0cb4a77b1084837fbce096f45b251892209a6a6a4c6e0a63f9b700f6f95e88e4cdadb1dabbeab2b4ad024550bff8d78db6711b9edde042211046eb9eabac8a08ec63422515f6e0fb71a0aae4864b16d663b1dec59e9cc114a962326d61bee11a8d0dab1985794578819b7007c912fc61710527edd17fcd4a035184b1684555452351d1d5a40195af99ea494577205489897cf0789f4a6d0f0c1ba6ad3228007c6a46000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:21 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x20400, 0x0) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000040)) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x6, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000280)={r1, 0x20, 0x0, "de3c59f4d62a09520c3d2dde2eb34291f658c9b3dfb7c0dae0"}) r2 = socket$inet(0x10, 0x3, 0xc) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/udp6\x00') ioctl$TUNGETIFF(r3, 0x800454d2, &(0x7f0000000100)) ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000002c0)={0x0, @bt={0x0, 0x613, 0x1, 0x2, 0xffffffffffffffa4, 0x4, 0x3, 0x5, 0x1, 0x8, 0x7, 0x4, 0x800, 0x80000000, 0x12, 0x22}}) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000140)="24000000000107031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) 06:12:21 executing program 4 (fault-call:8 fault-nth:35): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 517.077695] netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. [ 517.134330] netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. [ 517.291139] FAULT_INJECTION: forcing a failure. [ 517.291139] name failslab, interval 1, probability 0, space 0, times 0 [ 517.302794] CPU: 0 PID: 12126 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 517.309770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.312530] Call Trace: [ 517.312530] dump_stack+0x32d/0x480 [ 517.312530] should_fail+0x11e5/0x13c0 [ 517.312530] __should_failslab+0x278/0x2a0 [ 517.312530] should_failslab+0x29/0x70 [ 517.312530] kmem_cache_alloc+0x146/0xe20 [ 517.312530] ? mmu_topup_memory_caches+0x109/0x880 [ 517.312530] mmu_topup_memory_caches+0x109/0x880 [ 517.312530] kvm_mmu_load+0xb5/0x34a0 [ 517.312530] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 517.312530] kvm_arch_vcpu_ioctl_run+0x8ff0/0x11d80 [ 517.312530] ? kmsan_set_origin+0x83/0x130 [ 517.312530] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 517.375184] ? kstrtoull+0x6fe/0x7e0 [ 517.375184] ? kmsan_set_origin+0x83/0x130 [ 517.375184] ? __msan_poison_alloca+0x1e0/0x2b0 [ 517.375184] ? put_pid+0x71/0x410 [ 517.375184] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 517.375184] ? put_pid+0x330/0x410 [ 517.375184] ? get_task_pid+0x19d/0x290 [ 517.375184] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 517.375184] ? do_vfs_ioctl+0x187/0x2d30 [ 517.375184] ? kvm_vm_release+0x90/0x90 [ 517.375184] do_vfs_ioctl+0xf77/0x2d30 [ 517.375184] ? security_file_ioctl+0x92/0x200 [ 517.375184] __se_sys_ioctl+0x1da/0x270 [ 517.375184] __x64_sys_ioctl+0x4a/0x70 [ 517.375184] do_syscall_64+0xcf/0x110 [ 517.375184] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 517.375184] RIP: 0033:0x457569 [ 517.375184] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.375184] RSP: 002b:00007f09ac9e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 517.375184] RAX: ffffffffffffffda RBX: 00007f09ac9e2c90 RCX: 0000000000457569 [ 517.375184] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 517.375184] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 517.493381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9e36d4 [ 517.493381] R13: 00000000004c028e R14: 00000000004d05f8 R15: 0000000000000006 06:12:24 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc0\x00', 0x0, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000200)=0x5, 0x4) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xfffffffffffffd8a) r2 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x3, 0x80000) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000180)={0x2, r1}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:24 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x104000010004001) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) 06:12:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) pipe(&(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x1c, 0xff}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000140)={r2, 0x1}, &(0x7f0000000180)=0x8) ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000380)={0x1, &(0x7f0000000200)=""/228, &(0x7f0000000340)=[{0x8001, 0x3b, 0x0, &(0x7f0000000300)=""/59}]}) ioctl(r0, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x48401) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0xb, 0x200, 0x1, 0x1000000010000003, 0x0, r3, 0x84}, 0x2c) 06:12:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x2, 0x800) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000200)={0x1, 0x0, [0x1000, 0x7ff, 0x3, 0x1000, 0x4, 0x10000, 0x7, 0x1]}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$binder(&(0x7f0000014000/0x4000)=nil, 0x4000, 0x0, 0x10, r3, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) fdatasync(r0) 06:12:24 executing program 4 (fault-call:8 fault-nth:36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000300)=ANY=[@ANYBLOB="fbeac5fc871b28ce52dabdd098c8efb647e0d91a17ba7d62c2224d0a7901b488d5db8912e5ff8623e031276a61ffa6e647949e46d5af8cb43951b78a5e59091e1f190749e042ea19a540e0f75882f840941cf9701e82c0ad8ec02838f35115c45ebef378dfb6f9add54c0ecd93129fc6df219ba28d9d6821b2abcdf27f7dd3c71f85c7d5e5da643cdb6e46bd69f2a1265c521343c548545d1ee4d8ba2b8a081f51a769f6c06d63244e4e388917f6cb6b3f9e85fe7c32a5183a4f9dd8be80f97950046eee809d8b4637fd8aa55a0e1aeb2a8cb536e7ba4a6fd677811c7689b8ced444b8244afbf70be7c3cf04db3fe20f2e6024643de2a525147ce2a68bc96fb875b2014b20663470ff00000000000000a708d4c49f96d8237bbd34aa36bd82b2032276b34990f6235d8f53f7feac5cc403f19a18219704711b89874d60d8aff4712eba8b00"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x200040, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r3, 0x4008af23, &(0x7f0000000140)={0x1, 0x7}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:24 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x13}, 0x9}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)="df", 0x1, 0x40041, &(0x7f0000000100)={0xa, 0x0, 0x100000, @dev, 0x7}, 0x1c) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x4, 0x40240) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000000c0)={0x3, [0x9, 0x10000, 0x9db]}, 0xa) 06:12:24 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(ccm(serpent))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="8f7e7500d0", 0x5) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000080}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_getnetconf={0x1c, 0x52, 0x610, 0x70bd29, 0x25dfdbfd, {}, [@NETCONFA_FORWARDING={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) 06:12:24 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0xc0800, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000400)={0x0, 0x1000, "552bfbcf44359d891e7bd7a08abb1eba6407df2f8f93863e42e519cfbe50dfc2006b08d4f01add27c193e96691c177d4ff35efbcee67bc13474569bf182ba59b200211cbacfe7b2a15c20f82937336296322b61ea8063c38da010b1509c214690c2049438df08dc6cc7ae65c5f1051e50fafcd1f9ad3e0c119e57ae772adae6bd86f5fb68527e35acc7cb79eb6d687e321e9037ba35286683ef6abf17e2ed714c0e25bd2505f4ec19c7362f46d6cc080b2984d48bb47f765dff1c09ea92cc85e21dd91e9ec511a4c2c81dcdbca2f54e5fb8c553fa058c5975982a74f2b81cc6d55b6befd6970b77cc19a7cdebdcc05d45846383d75d5ed277bb585ed1c27ed654a828179cbeae53672c0594faf44da0465ba6b69c86d1f05077615d1868a8266376c1689f29980332961f9afe7ec2e36242c734c3fd54e3ae259bf37d3dd30dcb5ca4cb4c0c21bcab942589f4fac8ce3e11ec3d9ecc2009fdfc79e21598c8cd2ce13081f4ba30643292dcad40d55822a97f2488a02cc66d98a96bb48c6433460e92c615883fdf6b7ed5981f58930d747344be71efdb8e3185b53d4ead0d674c460ce466582204aa822354845266a1a388f7dba1354dc85174f4d685e78b6502f24aa1d70102d801cafcf97c0fefbb053d14a0ad0ce645b5380b1ec4970642da22b621c0b8760141e35178ddd13791e5b1e227cd63dc4bff0f771d604238012480eacfdb5679fc0c50845b59fc5198fc63d2e5cf3897b96aa771289fd820b53cb3c61e393ff79ccd0fe187ab4441ce422fe850f638a16f045d15e41fd6c851fcd9f7b00b4b2c50ac055f1724d6adaeac17baf231431557e9f64f2b70ec8ee17e10edcee070e894b1f1bb66828dc7746f0daad4397b2d2e2492942fd8824ed1882959fc639a4e0f3276c74fc4c093e183395d9e850bf3f103dfd561899202fcbf8494517931c78e3f9da6ad5675e0700d8e717edef6cbf5924aa2d4a52083bd42658d8c14704e1a2529236a9c86ec99c60def2cab744f0ef99012ab70a6dad6788c330018ff8b2bf28d0374fa220f8484e8c2fdebf5d0ec95214e1090b0cea8edf3d7af4cd368c855c6459654471e300c5e15bf4b9fc5e059fb6c8e45ecb8d77b0a3cf184945a4c7c32c54ed532dd7f04f5891a183ecc5102552a568a536118a39d8bd8278d34192b2df4e3dffca715a7813d7b8758a9fec8675dade8e7457403543fc29effe178bf15fbe426753a2f27d9c7946b6752e8f53963088eeb25fde7d5df137353032050baa23f2e47453243caf08ec050ff31ad6802bacd02a3a1acdfee28ea813da09ca8056f66745ac12ac160c1f03561d18c2c0788c2ef3ead9cfecef36399273028252750158a78a656b18a163c4136aba2de84e7e700ba229868c404a4db43aa7ddf2831f403a45f59bd4aa4ffe48dcca1b7ba422207995bda81dd39560e0a8b7eb885d262f7526221d5df78e48a9bba3d5a9cdb7defac2132570fecc05e77d7ab46f4e89e35a7ce149fbada0e6aea1f84875189e5eb85a791bb2749d29e401e3463de0837b1f556ca85b5594bf3d92328924b553607fddba6824118c1f154a65f5cc2b7aa4a8041d7e639ff0b36b95c10303e9bcc472a66e2fde7f0d452f41fe8d6c10e5cc0b9781dd036c55c14b2177d66aec205e6a9420c3b7afbd9ecb19b370c7f37917ab14fb957d22f6c0fe91796ebc3764bf555d8e208904142e8da23d337828a169a63adbb47c2f86e80b74bc2bc54ffd2645bf0dfa0adedb07a4079227a1e59b88ae24d6bf5f7590098dc578a5340b1c406f063d3fe1eb3e6c772cd5a586510c81277a6da4bf0bc2022039cd6118d2af2f6a494d7bf61e3e922a4c0d360b539526a79622f2173ab610f5d7177cdf2758f690c105a47afc3d99986ec9c880c5bbbe5700a9054b9033fa37ae54f82746eb9066ad34aa235023ca4cc3ef96e38af9c4447fa29cc319cb897d1aea1cbdb089463120b5c14e7ce935583358ed57f13de99c63f5c6c18003f90a40665132d4b51cdd95d0599a85e52802ded45725a8ebebd0c40d349a6f25483eb7a0284aa682ed6feb4a3e92a711f4d78983d92dff9fb76248da2b9acfbb895c1cf5d364001754c985b738a6b464b71b1180674eb734727969fcbc03f7e4eafabede13534eb6c5c2c9f1d5a1ee1ea3e4978ff8fb2b7362ed82b3544c00ef94898fee961e1380006b01495993f545557522bc1fd61a2a57b9cfb5651d5ae252fde579f6848ac4a1c9d11cae3362886b4a9cb409fffe67933b865cd94fc9fb8675638a456ca3e5355414a9c7d8e0f113a3ee99dc554e7661b789cb91a1b299cd85f09899639b68f48658a4129b8f1eb206f7cf5a6a4693e4c31269b16fee6297d6507bcd06f550f543157fa73a5ea9e8faed87a331b64fd5714a3e2caf2e4522bb3468f90c78086bc88b2d3145278f3b93a4ac6c53c54a2af28d6aaede825a7d8a998d86c2e9c4125dd077b9aba715ebca5ba961e349cd22eb4b62baa5fb75afd992e8ea546f169e069a2cb36cc195af04ad2ea606cc6561dabe5f6ff797ae1c355e064c305feac9bf7ba23c59602f7c36c7c267bfbf7d273a47b6c6881ade51c9324e816fd4417017c7cac044f86187598f0c1bdb1f1373c5a0907c23c46b1630c241e9151c3ed79979c53ec58e3672b24b08109679240cafc1b968d29be2114d7050b2ae057ee0ab0405c2b0e044c3199326a4ecf8c2108ba94bbc4d51a0138a1d74ae81c33d24a5c8b7e4adad87fb06a018fc92c2b4a7f5ed1bca386e59e0964ee6afe91d46b682a5f4627dd2f891e6aacb4b83063c4dea6a28f04b10b00d557dc06a1ddd0b7c4ba74fb82ac8b8b3b0e287e478ffd3607553973839aea01f2c31acdc369965abb7bca4fc408a23778eade90d93405ae66313cec7239209d467a4d6794c88bad54c24fcf116098c85a6b937334ccf174d1199a63c0c14ea8b992c9a2668d61346acf27f5c7aecd2f9624a9a9d38a447bbda1384cdb729e35c4638a3606991e5d53cb775316a426850adc0ba3d14897e2b594ccd123fb523c001a1e126241779900df81b4d5e18f05834099027cdd95c38b0616a221c923342a99289ab2fb19a8be2a8577f1ed5bceab03e2773ade95679ab02a207ada933fd5e90e5859f77f708bc9eb4f4aa2982fccf2f2a3bfd5f7ffd3f4d379514169f7e817e432ee7ecfbc3a68f7dc3806ac3b70525d82ab1b1c1ce8fb558bea78c608f032cb08dd9c9f51776f4fad196e3979a0db3d4de92866ed6f5f6e9532b86addfacf6a6f6859cab2372904514eeb2cd9c7814102a3e97b3ac62b6d2db747186161e333ffa1c10e1751d895352e421ffb4e6428e7e7035f9fe910fad2558ef9cac8c4a35ef0d4e434e5606c6f18e4dd8e70a74dea92ccff2bf939b266dc9185e9eaeb30ceb9cfe523ea7fc8926726e315a87c408a0e5a13eb4d7c3bea3673c69ba8b838bfffb0e4973ff7b21ae1b7e1a8dd1b5ae65ca42245f2b72247b438aecedadf2273d90ebc1f0f270406796e41be64867a07bfec384a6ca7507878f8d3bcf6c1fe2d8417b402a014410e77658d9b812a8233027a9fc876cf14cca15207e4dd479d35aeeefd567974799066b2f88662f1c28434f8e70ea0491bf3240efc32de8f362befbd93cf17ce95866262418938977422afdc1e9958e9a8191259ebf231a397f2d084a13fe54b16ffca42c2437f9a517b8faef7057c8b5c28c0184412ce5931fc417d6e1b1ba360ceeaf7c672a597658c82f6835a66224cdea839822408ce1ee2a32e6a53fe4908d3d76559e0457e5e758bab44b64d84e39953b5df9cb8622eb7077f9e8eba6572039903a35cc042521c4a443ca23868449d9d7ffda60c5751618f6b0186016a1a48fbdacda99ad68303cc60f171b3dc0837f1db9a41d87298dc5937854929fe5c2659f7fe56fd9fc46afb29eb3f18b6b672c7aa99a824b9b5352e1c135df2fc4706aa0d20b2f8cfced804345688069394e47b09f2ce7f614a2c7bb46972d89b885695cc2ec935d132f601e7ad67b3fb37f6c7cc5a39912cda62916f9858f250b5d01fbe955c448f26430dec919a3b3ad70168904bb2863a933f181ef06e64cc387586f981f4fdfba72b24a86add6a7a38a37745d5b1421006cdd64da8ba737a839bc9d50349b559c0b2dc2e59308f6b66c01aefd6cbc3897e004699c2969ee2ba01db73b11e00e15a05ba670f77afa547c78282de6c21739142e13e791202a4d75d726b0e6e5d5a31e42e8e96facfc3d0e6ea71c4a884dba53cc3a194dbf17c6e7f6ed4e132be28fca7366d12c2c565d892aa2093a70f364fc42bdfb11b36cad1a82aa94366c38f9011e94052161525440b4f48cbfb822b4397d6c04355bf1a9a1e42bcc85754e9790a18b3fed61a2914014f7979258b23fec71dc5fa5d8c04f9bf5c5567db54235fdcdd31380f18171d673227a362a3e1b4c521fb430b0ea4cb4dc45126aeb448bec8380f2da0b780bf6c74833c5084241796d8b877729bfff0ab05c8cf0e58c632b6a9f4e701a42b8395f5a5d734ed4d4ca1378d5e4e8b965b3102ed33465625050daf3daf3f21eb0b8a1a2f867f7742ddab8318722b2b006422cf4905740386f024397488ef345f838f87048f173c6c3cd51298d29533c897b85c44521a26e34120e81867e260d515c2353e7199a4dcd00426c4fbcd28476961a64d8d53e961428a185871f9837b586f28285f4fbe24e11f8ceac663702f7e3fd60cf266d2152f0008c841f731b7429be9ecfea0d9fdb5c2319dfd18c4765f7e094dc076b55f9ee9e0f8f503144277b159f60d8c8519587de8f08f2b0b5f1dc76452da9c3262b9c8f9888359aea3994647c72f96000e752a7ca171f63c4fd75528934c6221b72a197e86102b6dd3e6c8675ff2603b2328d416424dd96269fba3548b022bb403805a9dd917997952a7c3d14eafb970f9642d1c9fac140b5a5092839c14747b2e6df243ede5dc9563b3eb68950a47841a54c661e22f0c59b7eb4d548a4e4460fd2f09036bd951f0aa98b2a82300259394e387caaaaf06c51ae6f145e64c728afee29a6b364c9b72700efbf474b9aed78aa433b8817a749e6ac8daca3696ac99f0091f9e13e58627511658b1aab587427751f2b19da433739036b160db1fbcc9c694fc3f5450c27ead09099e9ce4dfbcf523cac992143bdde5faa25aad6cd11c252b41ce4b0694404f5a5d10304e6cc7760a80894cee327448b1ebf3002e747f89088dee7b778c2f404126cea1b8d796107e47df68e3ac206793431dcf3b46838af006055e4155e07fc13dcaf7fda60d78d8b245e0e4263e44a06c24f7fd54022fc19c2c4a306394bac6d515bffc98a882b546aabb6081dc960ec9a437a3530dc6c10ecb48f3d337ed4dd0e32bcf2b81adae669661aa54f85beb9bafdb69665a98a282c569e9c0f1c0a50110cc65c3c5589a65b2ed5177abd692de44f9e8bd25c7aeeda84160aed411ea4fdf594dc318d6c51bb860a9295ecf09629d13b4dc6a93a83a0b2970051889626befe274c499a9dacbb12b218909e81eaf572bf0de40ff8f3c133b9b97b7264512caa9fd2af60d34a82c84ae86c3be8f305a02a72071e6860358db441ff9c6d49bc8e1a0f862354b4a1beb944bf28ece5a749f287e2724fa5f30d47bf7ee9818ed491b5bc05fec08e8f694894cb50e37358095942018b731d23ad93a92c9c78ae833549dfd52875a3e3d9e307ca37c1fff7862221e4fd2ac23dccae6de65c36e66299697de76369ad7410922563d3380a26"}, &(0x7f00000001c0)=0x1008) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000200)={r2, @in={{0x2, 0x4e24, @remote}}, [0x400000004000000, 0x5, 0x100000000, 0x10000, 0xffffffff80000001, 0xf, 0x100, 0x800, 0x20, 0xffffffffffffffff, 0x1, 0xb5, 0x401, 0x8000, 0x6]}, &(0x7f0000000300)=0x100) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x0) socket$inet(0x2, 0x80002, 0x1) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xa5, 0x7, 0x10001, r3}, &(0x7f0000000300)=0x20) getsockopt$inet6_tcp_buf(r4, 0x6, 0xe, &(0x7f0000000200)=""/134, &(0x7f0000000100)=0x86) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:25 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00000000c0)="1483e18e", 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") writev(r0, &(0x7f0000000180)=[{&(0x7f0000000840)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfacd1f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0c3bb7ad55fbe3b25fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da48ec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35fdc8d11badab97c50a244dd84b35563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701b5c5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e2313e945b835655b5930b0fa8abc59fd9fc5e0a2d050ea91a93b2dbcdeea8fdfdb5574b8648c46c08a13a909f4f91bf2e0975f8cec686185eb12f446fd958194716f0da1ea9549f18fcba6d154fc", 0x5a1}], 0x1) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0) write$vnet(r2, &(0x7f00000001c0)={0x1, {&(0x7f0000000040)=""/25, 0x19, &(0x7f0000000100), 0x1, 0x7}}, 0x68) 06:12:25 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x4, 0x100000000000005) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000001c0)=ANY=[@ANYBLOB="4cb1c7c0eef9b297cee5dd50cfb2fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f0000000640)={0xffffffffffffffff, r1, 0x1}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) preadv(r3, &(0x7f0000000580)=[{&(0x7f0000000300)=""/210, 0xd2}, {&(0x7f0000000140)=""/114, 0x72}, {&(0x7f0000000400)=""/206, 0xce}, {&(0x7f0000000200)=""/142, 0x8e}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/4096, 0x1000}, {&(0x7f0000004040)=""/4096, 0x1000}, {&(0x7f0000000500)=""/100, 0x64}], 0x9, 0x12) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/l2cap\x00') ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r4, 0xc0bc5310, &(0x7f0000000680)) ioctl$VT_RELDISP(r4, 0x5605) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) r4 = openat$cgroup_ro(r2, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x17, &(0x7f0000000140)=0x1f, 0x4) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000240)={0x0, 0xffff}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f00000002c0)={r6, 0xffffffffffff8001}, 0x8) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="0f01cbd1042e0f019a0058d9f7640f0666b8d8a6ece50f23d00f21f86635000000060f23f8670f080fc7afc5000f20d86635200000000f22d80f0b", 0x3b}], 0x1, 0x0, &(0x7f00000000c0), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={0x0, 0x1}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000200)={r7, 0x4}, 0x8) 06:12:25 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl$VIDIOC_DV_TIMINGS_CAP(r1, 0xc0905664, &(0x7f0000000180)={0x0, 0x2, [], @bt={0x89e, 0x4, 0x2, 0xd07, 0x3a, 0x0, 0x2, 0x1}}) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@local, 0x100000000, 0x2, 0x3, 0x0, 0x1, 0x0, 0x2}, &(0x7f0000000240)=0x20) 06:12:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl(r1, 0x1f, &(0x7f0000000200)="82c7924a1e24b9ef7234882a0d8e30871a1f9fa861f6fbe4b13993a1aa8e3d89f5066bfb5b651d58586dd9cb386a5c2f62fd5fac761ad69675e689241a5eda0aa396068ec586f95970153a08f38e64fe91b8c7c6d33e0c00f22310825264db6fbeeb321ca37f6299f90dc9f004160b7bf748b208da9eb26b9b4b92a34ef5e28deca107eae0fa941c056fa2050c118899e2148d1772bf40a7a3acfed88ba2") getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e24}}, 0x6, 0x7483, 0x37, 0x5, 0x8}, &(0x7f0000000040)=0x98) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r3, 0x800}, &(0x7f00000001c0)=0xfffffffffffffe9d) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:25 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sync() bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0xffffffc5, 0x0, 0x0, 0x86040000}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) 06:12:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x200, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000140)={0x7, 0x1b, 0x2}, 0x7) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000180)={0x0, 0x0}) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000200)=0x0) kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r2, &(0x7f0000000240)={r3, r0, 0xe94}) 06:12:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x680400, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) 06:12:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d02403162857170") r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x44000, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0) 06:12:26 executing program 2: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) r2 = memfd_create(&(0x7f0000000040)="000276d43857a72667ae19eae24522680b00000000000000000000", 0x0) r3 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801) r4 = dup2(r3, r2) r5 = memfd_create(&(0x7f0000000080)='#em1#+\x00', 0x0) write(r5, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r5, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ef17a8c5ae95ec86760de884e9740474a13eea165c0322901dc6bd36cde2c51d41b7f0b014f9f91eeb7c37c7340f476c8d753d000aa8faf8fb574dbcda6dc4d"}) write$sndseq(r2, &(0x7f0000000080), 0xffffff17) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) write(r4, &(0x7f00000001c0)="a82af5ddbda38786192aa5bd9791df68ab526ed2f10697ade801feaf", 0x1c) getsockopt$inet_sctp6_SCTP_NODELAY(r5, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 06:12:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB='\x00']) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = open(&(0x7f0000000000)='./file0\x00', 0x90200, 0x0) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) 06:12:27 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x50083, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x9, 0x7f}, &(0x7f00000000c0)=0xc) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r2, 0x4}, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x1f7) ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) 06:12:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x4) r4 = syz_open_dev$media(&(0x7f0000000280)='/dev/media#\x00', 0x1, 0x20000) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000440)={r3, 0x1000, "f4b2e1bb5fd1111802fbd6a423a45d3ecf688ea675ed1e6a965756b2c30d2f36473f8bcd3b9544685d08d73ac94c33139bab1b6a2ec80a6927d6f2a0c06cd3acc33a82b6cba19e7340bc00fafab6c24d2bfecb1dde2976435ee9660eeae91aeb2ba87d82e36b86867c40494924424c4c4942f746dc44338f5e9a53b425b7ebdc62328b5644bf6ff7b0f8c2f4802ed43d4012f2034e330f084bab3a77d4ff82c1dc45163f2382fb9e7048c592a439596d16fb96d48374f6a574a2bdc6935a25136dacbea97edc48651492d2af2936887615393d906bd18093845000279faa98ca9c640deb7046525a213cd596a48aee66b0fb7a45fb851d28c551736737769b916bcfd142b06948d4cf147fbe815010cab370931911a05502a499a1e9a56960a8efbb44515ea488b62c3d84a32215705c470f73e49794d765ef451d956e46b4a550cc69d67ffc7b9da94a4af63727cb820a580d58eea33f5b6554deccea9762e1be474c7deadda005583a7d69c881b18673d6d80d53f3aa9ba89ab019188e55679388485a528a44135470f1db0a0f66cd02d03c0ca0bea062ed8593d7e3572230a07663fab0ffba38fdd13de3a5d8000657255a406a3fbc9156e8dcbb26b4313efe8b284648508eb38f5b0984634b1c0a8c65a7035d4a5e1be865b5ba5c0f4a5aabd43d085f52bae68585c72744375d1459999d0edc93f5f6cb08dfc91a74d3707cf9dd69b7a95da771c10cd5ffdcbba70506b1015fb2c3d28ccfa5c0c0eccf704702e7bfaad5d889d82df15fcbfc213053c61cb173ac3b008a097c406d600e3aeedfd147263a593b7f231b022743179042db4309c0f650a0fbe028e59bc959c034eb136c2a00bb41573bf9017148d531494deec26a0847365daeed4076f8b8f8c6ffa413a3975c07a480d479664ca2f112aff376235df36ce94611b148ddbb2a07848708ad3e32e11eee7f8e8da6a54e2e6c9441232642182264df27ccc0c32cafd5a73eacf0c639d29f3100fd72007b81f5d2048b7bdfed4de2102e3b4e277e3d17bcecc2cd420f13aa5936e8314c8b6c9ed88c3b6f5a0591bffd9b27c6f93a5970d9c191d832663e919a830273e1ea6b13ce61ddad4ed1492e88a02f25ef2853c3b030dea717d8655f7fcff74863e5aa849352902a685dd9d955910964c7be9461b18df8c6075d3c60a020ca5cc6bf356825cccc44631e8cf28b5278c3d48360141ef37208cb20b57a9faa35ac940d30c804250d7f035fdaf8259e6bd2f0c4ed8e9e4d67f2bf7373e1510f56e754ff0739e43ba87afd4b4dc21542c01af2f3bd7c8672739efa9cb6343c48d8145fc68214dc76acec9a9735fcbb6a25f08764967ae97e1fc42c9a539fcda8a87d47370288e3fb32568c6ed382b84a8f53da9403c94f258ed08f345d3ebe1a3ea21b2a4f7a235cab622f2f94a7823d8d0b61ed02d098888bf6a758d6cea2a37427cd515fb4b144014d69884e1b4dc03834b2df76945916b16c60de2c53b3ebeb4c2f7b8efbc70e7b3cc3ff3d1b19dcde42a20eb9e88cf2a54a11ede3a10199c96778215832708e21edbcd2651c29ba949ecc43b813d1dd7629ecd4e099c78a2e336ad98911157da635db57f05b3b5f97051ddb101887affae608dc8dcc58f19b8d02448a0a3f12f9a2f34a7df022bf6f652142dfd9800b7601b67c6f68c43d85d8ab34ce00864669c43ff67ddf1ad81232d494b196810777672ef1d32ffe2db2fa21d1b1843d538666fa894940df44a060760d37a69b86938e5e31eea8fc1e963244ed44f6407282823c787a6ef007f8facc23afd783d19bdd434e1e14350fe433598f599612bcafcd0fc9bcb6f66f6338537d2607f35d34c8863b27801c4a3339af33d44898e5929159aec13d82ee3913cb6c934ae889dcbd4cd6aa9751010d2bcd0fad9174c8610050a3ade03c2860c2a1d29131f401665354fa6400a02b2e768938568774af8bc4fa35036839f7af1d5bbe9d3a42f425bd0d40b6702b32a7faeac760a36a17da6343e2b5e25d6155624b96a63c9737d8000030aa1d11ed1c362457aa05a54d50d920426efaba3c005a5b0b49edf4f84f34e5f4711c8a5085a640055cb6bb8e867ac708eaf9cd6affa3be0f5f50d1a44646da6e6b9b50362bf5607e461ce2440090daabf304ebbd3888250169ca69b3117c1ef3adb7b7c91b58c04f388c4d2fbd3575794ad97e5aff6b97f00a43143181db6762688a5e9eecab6f5606090226b3c13659bedfcaab9d0dcdb2fd246d27b521c5b7ed7f58c090553e1be7b6a793ec0bede07d2cd4df0c6e19cfe0451affbe085826725083b14f2e1301874276f64ed0dba316b1c0d85fe055ffccb09e261ceba32789b6532444df99eaba6448bd31e8bd4a5bd04c09744909a4b0ec961062eb512684b77b26c8ce84a3c916cbb82594d3654dd4d8a58be87add6a7ce21b763cae00db3685e8706b34e51d5f6a9a2e2a8cd550ac7b2156a281501de465b6748f5654d542ea68f701e749199f62ca473a90575f8d5bbf9b4c383f57c7275845b70c4913b7417195e3bdf402f011d37851739bd2c890c9fcefed72e5ba93c496eb2749a849063154213c487448979b987b64b1a348ceffff62b8a7fca28f95b511f22402bbfe60dee1fb12a93e97efa9f19a4026de8650bb5d79edf36a88427030590bf5b23cb81266fe7365f202c9cdcdd215dc68c0e7e9a3ac3a087b9faabed40c032332fcf4110e142a48659630b8769a64650ba48d38104c2c34a2ee247a7dbf68e1acd159354259b63624b5f810b28fff06c0dfdbe96aa115d5bd17310c7a8f3865edff061c1521d064df2c6de07172b168142e3506cc2ad21f5f5390583c6a43457bdf221b406ae2f487fc4019b8720c3632a43fcb42988e86b1d73acb476a3a75707a77f6bfa4e244fc14783266f97a44cef442ccf0ee06e1f6e860075d46e4b75d18156f3cf44a28a1491a3f5ef4124276b305d413309c9846ecdee273eacf4cf37efaf45fe0ffc3dfe690258fbce629ed7836e904e364dc13f2a96cc7e548f7dda7a1a97bacb27a40994578e5a9a4e4730d3c24a95608b67a2483a434303aa03b06ac9259f9b2430ba1536cf42ecbe3edde9a01dfc1124fb58c4b527e2d87e3bdcb35e3762c33e3db35da30685e3d95b68cdec84e1139fc5024730169d901508a722f09fc6b28584bb46502e81da5e926c65fe67114ed81020549598399fb67bc397314a0b6e437681c84791686c6139285536c25e51bce8a985f2c6bdff6c3b2596d0e4fe662a4516afdcf9eadb80f4d16065f709c0e5f26188bb4e066d5b1c9b664ad00d60c664c91178b94339691337e6eb8f18d112e8e57bea996b2c9552cdeaa07bc5d4a3cfa11341872ca495da7b31a472c9f37c6eb372b4732d9d09d6a5f0d1aa6f8e555eee66afae063b81088a6a49196ee926c0e053031a02f52eeeba4625e61f2cb504e16bdff09e6d4826e3a060f4a00f654d3a156655f193086e14ebc7cfcf16b50e6a5353dedbe53666a0e86935c641f9d6b1ea60a8a7353efd26f9e45c6c1772cff19f140d37eb66910715bd2b53674a3f8f6723a0eeb40d7e61ad86efb9c5c531833bec0f3e7fe060c49728360cceb87258d9701387f6873e4ebba96c5db1b3f8482a912bb6ae5b7a38e43d7af65bb20bc8376775ed613a60e53321b804101ee8c94f9fd2791cfeadfffbd31d7d3f56bb9ddea53f6d7791170569aaf22d381992acf71761ba2e9fcf96caaeda04ae4fb1335dc7c83ad40b9d71ea9d9eb0fe334db636a9241ad1d9e92ac2bfe09addadc3e4feec740c41b15289d16e085e01634b528448e25b271c9a1f079768ffe8b113d2cf830ead932c801692f66ef4ac4d53a63c7e52245421efe1837c15f61ce7f428f12fd2235b6310d0cb802400edf6036b1968cb42f58c6fd0e93489ccf78f15082be26710d1ef170bc03b4cc687a80454b636769d9ce2eb5801cb7300eeb12df63863cee7bcbbcd2422ce9b093b0c6bd00beff6075151effc3b409a7ffd86b64f78412ebbdba7029d3983f43d8bd07d422865e9404c0396c6e3aa4306ec204f3d6ed7c9622f98b2453135de7bc0a5e883e5601dabcea0b97c4c3bf943da20b3189fbdc5512669b56677af9d402ef366610057b293cbc8ecfdd7e1976fa6f0a4d67184af8165ee755f75a2bd41513276e55da82fad7564e949755086d970ea58c73d1da40ef079ea84cf835d3d93a862271456afb3436da7b1bb05b052711af0d66abf9bff2e3ad7d0b32deb945b6bc65ad8af260db463ed8b19d4ef1d37aed6566e236bb071d436b5f6cf43b671fc6080e82c80c45908d2b77cb4eb5c3bc4d219bb1c2819a60b07d72fd19a99b5ed1b815a174fb41e136cb59d5894ecf301be4630a4973b365e78e9e087acb1f2bd78555385791a127cbe185a54e76b87bb5fd475c954ad5dca75445dd36408cc1db38b296e164952805d596d7742ad24330ec1f408f80422fcff7525a899bb07d268eda9bb7473bc90a29993f295e8f23abbadc8863513ce2cbe202f8ff5a77e8fc9e46643fdcc8013ee6122832ffca80cd0458a8d05973e9c6a52e4678dcef303974fde9ed7d2aeb010a52399980b8d54ebbffedc9183bed0ef825f49b6be85cec1377f8eca6dd91765aa80a3b8b9422f40c5474cbb77bf06edcee92232f07073015aaf508e92cd0bf34e5d5fbf2c6795df3003e6ca13f0e91f65addbb987998f6b0e881d308c4b85ec8b5335c7b781ba161ca12c4a9b273ef43835c15972d2f67cc7bf0bf78cb7a63f621e7a44a44117b5a447ca965af929888e53972b6f138c10161aec56f1904912771fc0d442b9fa13fbeee845d3051fb47017f8708da990130ab1fa00595612f92ab5b0288731ce11e12ed877402abf2ddc1d982011c97f7cd403b1d6812764e3a1da6286e1d7cdcd28cc3fb62d5542591fa7010ee0a29090c5a5a838c447f808a68eedbb57efa62c26fda3fffe4c54168854c0d9c6fee3b5ec07a1705d4c9bdeb773f6b95dbf3aa542bc2f10305c4e66db4d4df519ebb904ae6d66fa20dca840631f700ba3dac94a3e78436f7f0cb780b2c1aa9d52d4c9ccf386b3aa0d8198aaca6b6e2e3a928a65d5ce240c6eb71366afb93eda23234814eecbd739feff14ba1e1d14de9121b95ceafb2abc6960ee6c26316220b6a0a198adc0c88eff53dbe0f5434ef35723e5a5cb3232f5fcfc98204248ba6a9a3fd57b7e032e9c63f671c541d8acd5738f57e643af492536b7df0ce9a262721b34ba137566a7e289bcd8d77830f503a7dd1953e2ad586f344b9ca931753e6b530f8b48e686e28918bda29bb686e9ae2323a15284ceadbc6bc1376d2e5f18a8c33a5893d5e27227ac8eeefdba7afaa9dbf1aa818e724cc53e7a0acbfe4769ae37dd791f0b86b9eb90444abf996e6d4a9d26cbfe9f3b630e38bd370b34da9d3efeb7721928dd40260e3f2d5ca44c69a61aa7b089bbd0183758ee712afa14222cb3f963c1d5648891e5861cbdf74361e82c52740d5c3b774ef905ecd3a34040054f042313fc3b89bd8965542cb985f09e985c7fd19c849aec7fd873419ec0fcc68ce69ef42de862bf3182d92373881061ec4445f22caa5dc9c392faaa0b03222fb87a0c2f955fa6d5dcece7311b53e706b322fa5e6b300cf2ebb345673b1f5c641733fd3f6edef449ff8d6e13c9024981255d137737ceccb59e286222b3bf076747b336bc048edef7027eca5212ee77afda815c39b2ae59b2426bbccb0b42ab1c734b6e7e853048cdec936dac9660de5b85f5a"}, &(0x7f00000002c0)=0x1008) r5 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x3, 0x600000) setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000100)={0x3ff, 0x1f, 0x3, 0x2, 0x4, 0x1, 0x0, 0x0, 0xc28, 0x1, 0x8}, 0xb) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$sock_inet_SIOCSIFNETMASK(r5, 0x891c, &(0x7f0000000240)={'\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 523.204836] input: syz1 as /devices/virtual/input/input11 [ 523.265083] input: syz1 as /devices/virtual/input/input12 06:12:30 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f0000000180)={0xc, {0x80, 0x3, 0x1, 0x1}}) signalfd(r0, &(0x7f0000000080)={0x2}, 0x8) 06:12:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000000c0)=ANY=[@ANYBLOB='4p\x00\x00\x00\x00\x00\x00\x00\x00']) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x40, 0x0) ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000180)={0x2, 0x1, [0x4, 0x4, 0x6, 0xffe000000000, 0x8cd6, 0x1000000000000, 0x1000, 0x680c]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000000300)={"59a58f2be3366ffc99537bda0991b4482574b75286d2107e98d9a6b9c42ca21806becc8d8fceae47372f09cbbc6ab9b7b41d39374ae49cf37c0b99e7cbf0cdfaf62f8ed9540b234c7d0938d548fe1db50330276909c2b1119220e5fe47cb7c427b62dbc12a831052e6517e4cd0cb1637dc0005344af3e819718e9aea50d8e4c41ed66c6adbcd0257075df1579b2d5384374722b6071d277e44417da304b4f6138d2fc2c066bb65066ba41207591f62757b0ea130170991406a3a932587292fe57afbb33bd0e52e37d0ebb5f0bd3fabbc71db9cff8d12a26ade551c5ec564269a99e60a2aa5b24ff030ba178669426a50aa62046dc02971c0b84885af56f8c74df0a70816a6d911d5371dfa0e9f7219a88f4d16bee56e3807d48dbca1f4090163c448b7d8a1a45a22f07dca3bcd3f29c1ecc69334576f31e6590c153dbc61ebf0011b6b53096a00c597f5ea7d071e953938698965f0478557af4fc9e947a60aeb2c75bfa2f79019f69a5275f31e9e24ac4ee0b8b71d5cf6e19cbe95094fe5f29609f2983f034cf075de913a05f075e93aeebb4f09476be0e14c503ff6c77be575de0d3d45a1398daceacab6002da509fc9c3b178088644498a0e0bab29389db11d34662d4abcd56d28c1c02541481dcc6b35fd8040b83d451d88aae25c348fea2dabaf539898010ade9f8b47645be062bd0a416ded560af1e8bb6f8c05f26efa4ad2154c3040a89c5910eccd49f596293a00714b1623883e90e4535adf0ec2c7f928d8f08fb1addbdd79647214f2a323f651a29cb91b8b2997c413cd6e89b3788a4e3d4731422031cf4456b0f57ae8c8e077da923cdd9300136cf0c0f36d7feefdec8946c9c5f441eab2a29d27bfcef305fe4c84574080eb2d0410c3920c0b72b6a1b6e4886cca42e10a6895174089da7b4432ae224a0406d81777806f5be70df6a7c95a3146bb75eea852687f4e530e8a606774708524b20cdcfc9fdcba9e7855e77fc410498b62aea1e2d8a7eaac0b711d97bacc893e7c8612706532df945fb9d20cab4d10ddbdcaecae14a5216cd35e9fc70fc56b1ff54ee669bb92a3cd1945b92657c9a3b661bc29dbd51dfc29c6ab34e516bcd954af3ff243454fece3edc8f5342e596916f53d5c436f3ed9ca89d5b2f8c1c1b9d84bc12f3f50c8675c5cc257045ce7ee1a9e35494c7a61952ebe1eaa951949d86e3bb657af5c2071efb7d3610944ffcdfaf681f30deab8250808e3cf4877adbd46718ac67cc1edc7c60b37817bc69e9cf2afe2f9b7cd9794982a3f1fe4fc5b7b7b3fd3b26e346b25ff99fc32096334d2465d8626bf480248bf7a849f3e286ea9ac367adb36e6e2effd15d5e65a86ed72149e57242c3e79cf0553665172e1a9efb7953e87f287d707141caaaaa187ff9b809c6599b2cf6c8163334b7ec29111fb2ef282dedc0a9c5378cac"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:12:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={"6c6f000000000400000000000000db5c", 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000013000502000000000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000c053000000000083617ab4c1c600080093a65ce767c96b03c548223d67534e4b04c50b5560193dde1f4063e2515101f804158b1c49f2f3a3da8042bce1172e3e166a025a9384b26554e21d919c7711e92ecb7ac9356339475f40ab1403c46be1d5f90c25ae633ab89efd8c220c4e602c2548410d3f2d9eb8b923e230d92b6dc8116eda4071"], 0x28}}, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000040)={'NETMAP\x00'}, &(0x7f0000000080)=0x1e) 06:12:30 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) unshare(0x20400) setsockopt(r0, 0x65, 0x10000000005, &(0x7f0000000000)="c8d63f23", 0x4) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x7ff, 0x101000) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_CREATE_OPEN(r1, &(0x7f0000000200)={0xa0, 0x0, 0x5, {{0x0, 0x2, 0xffffffffffff181c, 0x6, 0x5, 0x0, {0x2, 0x7fffffff, 0x6, 0x1, 0x3, 0x1fffc00000000000, 0x9, 0xffffffffffff964e, 0x7af7, 0x39b, 0x286, r2, r3, 0x5, 0x20}}, {0x0, 0x2}}}, 0xa0) 06:12:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = open(&(0x7f00000002c0)='./file0\x00', 0x100, 0x120) ioctl$KDSETLED(r3, 0x4b32, 0x9) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000200)) ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f0000000280)={0x2, &(0x7f0000000100)=[{}, {}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 526.124430] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 526.232937] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. 06:12:30 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000001380)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, &(0x7f0000000300)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f0000000080)=[@transaction={0x40406300, {0x0, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)}}], 0x0, 0x0, &(0x7f0000000300)}) 06:12:30 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x4}, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={"73797a310000000000000000000000feffffff00000000000600000000000000000000000000000000000000000000000040000000000000000000b30c88c0971c400800"}, 0x45c) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz1\x00'}) write$uinput_user_dev(r1, &(0x7f0000000880)={'syz1\x00'}, 0x45c) 06:12:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000140)={0x8, 0x1, 0x46}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) mbind(&(0x7f000000a000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000280)=0xfffffffffffff001, 0xafe, 0x6) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x8000, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)={r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) memfd_create(&(0x7f0000000180)='/dev/audio\x00', 0x4) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) syz_open_dev$sndctrl(&(0x7f0000000200)='/dev/snd/controlC#\x00', 0x7fffffff, 0x80) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x20040, 0x0) read(r3, &(0x7f0000000240)=""/72, 0x48) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000200)={@ipv4={[], [], @local}, 0x3, 0x1, 0xff, 0xb, 0x7, 0x2}, 0x20) ioctl$IOC_PR_RELEASE(r1, 0x401070ca, &(0x7f00000002c0)={0x4}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x8}) write(r2, &(0x7f0000000100)="654e988dca2524395345934bdf3d45cc8d85d18b71fd1b", 0x17) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 526.612670] binder: 12335:12336 transaction failed 29189/-22, size 0-0 line 2855 [ 526.658994] binder: 12335:12342 transaction failed 29189/-22, size 0-0 line 2855 [ 526.691188] binder_alloc: binder_alloc_mmap_handler: 12335 20ffc000-20fff000 already mapped failed -16 [ 526.727238] input: syz1 as /devices/virtual/input/input13 [ 526.780970] input: syz1 as /devices/virtual/input/input14 [ 526.788313] binder: 12335:12350 transaction failed 29189/-22, size 0-0 line 2855 [ 526.792088] binder: 12335:12336 transaction failed 29189/-22, size 0-0 line 2855 [ 526.827966] *** Guest State *** [ 526.831403] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 526.840529] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 526.849561] CR3 = 0x0000000000000000 [ 526.853482] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 526.859588] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 526.865754] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 526.872630] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 526.880660] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.886952] binder: undelivered TRANSACTION_ERROR: 29189 [ 526.888898] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.894488] binder: undelivered TRANSACTION_ERROR: 29189 [ 526.902545] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.916137] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.924320] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 526.932456] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 526.940482] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 526.948938] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 526.957102] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 526.965192] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 526.969354] binder: undelivered TRANSACTION_ERROR: 29189 [ 526.971720] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 526.971748] Interruptibility = 00000001 ActivityState = 00000000 [ 526.971764] *** Host State *** [ 526.971794] RIP = 0xffffffff812c8203 RSP = 0xffff88016cf7f3c8 [ 526.971841] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 526.971874] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 526.971909] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 526.977366] binder: undelivered TRANSACTION_ERROR: 29189 06:12:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r2 = open(&(0x7f0000000280)='./file0\x00', 0x101000, 0x40) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r2, &(0x7f0000000440)={0x9, 0x108, 0xfa00, {r3, 0x91, "ba0358", "93b34594c3b6609e2f4d690d4076c732b4aaec972baeb924019541e3e58b28d88272835832f753c79df018804480f640485cdd733d77a3d517cc3fc91e0832443e0a6f5d164fa6fb2d2b25b155232edda0780a12bcedad12b5cc879e1269ebbfa1512fe4081e1243fa9d42d87c59bfa0652c851bc110a7b2bb5b51115ed745ae3bbb85a345f48f67e5a4c6478b3b4c003c075802995218f3e4e2911d27c25e75314f13d6a7746c9e48d9e48d97986a1153f65724787b1de8165e62f1e0d73b666c1dc9d4c2bf6c85399fa4ed3b952ffc2a713f052aa44e140c897bc4ef4b25304f0cc26c4569ec32ff291dc976af5cd10d7ab801bb33f97b141604e359594421"}}, 0x110) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x0, 0x2400) r4 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x3f, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 526.985060] CR0=0000000080050033 CR3=000000016cf20000 CR4=00000000001426e0 [ 527.033992] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 527.040698] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 527.046967] *** Control State *** [ 527.050470] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 527.057378] EntryControls=0000d1ff ExitControls=002fefff [ 527.062973] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 527.069946] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 527.076909] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 527.083635] reason=80000021 qualification=0000000000000003 [ 527.089997] IDTVectoring: info=00000000 errcode=00000000 [ 527.095653] TSC Offset = 0xfffffee0f3dddbeb [ 527.100029] EPT pointer = 0x00000001757fd01e 06:12:31 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280), 0x10000030}}], 0x1, 0x0, &(0x7f0000003280)={0x0, 0x1c9c380}) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00') r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") preadv(r0, &(0x7f00000017c0), 0x1a4, 0x0) 06:12:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x400000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000004900), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x20000) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)=0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000003280)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8) r6 = getpgid(0xffffffffffffffff) r7 = getpid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000003c80)={{{@in=@multicast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000340)=0xe8) r9 = fcntl$getown(r2, 0x9) getresuid(&(0x7f0000000380)=0x0, &(0x7f0000004100), &(0x7f0000004140)) lstat(&(0x7f0000004180)='./file0\x00', &(0x7f00000041c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000004240)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000004280)={0x0, 0x0}, &(0x7f00000042c0)=0xc) r14 = getgid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000004340)={0x0, r0, 0x0, 0x9, &(0x7f0000004300)='/dev/kvm\x00'}, 0x30) fstat(r1, &(0x7f0000004380)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000004400)='./file0\x00', &(0x7f0000004440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000044c0)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000004500)={0x0, 0x0}, &(0x7f0000004540)=0xc) r20 = getgid() r21 = gettid() stat(&(0x7f0000004580)='./file0\x00', &(0x7f00000045c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r23 = getgid() fcntl$getownex(r0, 0x10, &(0x7f0000004640)={0x0, 0x0}) stat(&(0x7f0000004680)='./file0\x00', &(0x7f00000046c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x8, &(0x7f0000004740)=[0xee00, 0xffffffffffffffff, 0xee01, 0x0, 0xee01, 0xffffffffffffffff, 0xee00, 0xee00]) sendmsg$netlink(r3, &(0x7f00000048c0)={&(0x7f0000000200)=@proc={0x10, 0x0, 0x25dfdbfe, 0x800000}, 0xc, &(0x7f0000004080)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="401400003e0000042dbd7000fddbdf25e4018100746582cba104ed4ca09430ba7409f9a26f10790d45106741fbb11287ce5592806fcf53be8202ec3a6a9f8a72d804ce502df3eda022380f286129707fb8c13a5cee30001ad5d7ca6c4827e5458646d86e6cc0e2010379f0a778d15b16b45f18e7e98765fe583528de7062202f8b79043b84a94cb2f49064ed2efb0c2a44295da7bb0fb57e54b36e58a1c6b52dbc8825d70ce151c67bc0f225d3b572c4e54150b07e6e100063002f6465762f6b766d00000000db215179f1b40369db07570ff8f0b3833fc1ae7fb9d8d4f1f7988af4c58b08d3283f61b8c6417d26e3f5f1581df8357265e13d1fe448b1e2604ca6e53fd3bbc68a5cd5e7ea8f59f13b4fb153915c60212cdad27c66b91f656b6a68f8f138aaea85b628e575817b64ffadeb9b6d69bb35985b5c76b6d9887c38ac08a9d714bbae90034ea40017009fed6025a4c3b9375249ca9337861670223c0a9a4244aff2cf8670bfc6a509f2daff5117e26a817e9992e4f06fc570012dccb163f528b9af1829763ae3fed32a5f26f34e7e7ca86e4362337272a7f4d5155e8d8ca5228bf186b992eb21efcd1ea02bbe4c5886efc4d1bf87fbf2649890fb6b9df8404760e748a6944480b93a671da31722d952d0f7cd95909a4f8384886b12865e8494badbdfb3e7b9afecc3000400050000000004102400186a5ea6d0e37f3899a3a1412b11b24201f760fa6676a8cf4de8866e50f5415e55e60f491a36ae8de2f3fe3096d9ac57995899e0f868ff8750e4d501d5a7e4e64c66e095693df26bbe02bed979ea31118583da9a846348f1cae6c7b87e5442e36d840b9a35abeb983bc340f7e7e3d9dfad438f6a6235b68300200fb859dd1c940667e87670df94c3c0afce9e9d60c84322f12e458b11f2c0ca815f0277dfa619eefc236dcf60d7f4efea3557f8ee4a70360d006b598eb0af1fa3a5aef3d0574adb861e9fe2dbecfe8e53a1c5d6b0a98116d31f997f0463861911337c0f074edd2212beed420b923907c0c6f5b6255a70089b3c0c91bbce1513717643532d5945bc64f025fb441786f3a7e276adb9e1bfb955d12edc72fb0313bbf51b33e0151c1d094f6ff3572a2c0e0e96062829ca3256ed71030ea63f82b52255b6f6d857d23a8f49f2fdf09e71ec3121f5e51e58c747980cc5d53cf8b9f61bd7a5c40943234cd5342e2ce1c3691ea5b8431f3873a84ed7ec038b6e56d51ef2ec266c685e3dde5b2e2ad8cbf1eb1c5b7d866f336699ccb270914d849a4254c4fe5e10a856d9ccb0fe49314ab091ae2ba703c53117f862b88f5bf3e5d0fa31fa85789ca7e119f6a7cdc61163818aae70bb8819754ff1ddbf768d6452dd19ca40b697ee8f60c2aa8d0e0398522ec2ad0c60b1f8b776913f5585319537e0a798954c6c174217e1299b865dfc5ed96e41d1becec942f22b04435fe38a94d412f291a022bd0ea129654e9951e816da18a62bddce6d03d8e3b1ada49ff277e0963f956d1a9be305a9e53ea720f0d2f33537064faf5bc9d0d6820fda0f9af58ca662536332a302cc7131a53fdda85475925c975c03b7774b451bacd09ba4d5b01051a41409396096c88e5d21073a3afb38c91c22830019bff796783c2793d85341cff15c532d541ab2ffac47d9cf40f05944129d774942badb5da64b83ac793c7b7875e326580814857c6e52c407df7e0cbe72f16d5b75878e5c86112ffcc7e781abbe29146536095558c635e76df8169dc998df53f7b6d382b4d9d399148a13f8440c0fd8919ed0658d63c354916d2cd092ceec445a62b34def2a06e0ecac0ef912e680b19e218dcdb123e342be76926365945776d2678fb7fc85e718554c9df32adaa8ecd6bbe0fbf5709be7aa85b1e756068a2340f6530d44214b39dcbee707a7ad49a2ddb50e8d3a7234d653b27c804d44c911ec84c285c603d41b50a458894d52b290e3cc93684f6a1cc4f2cf02bf1fe8aa3c320393edb6ff612fad7abcb15a1ed3185b57ecfa87df6a3918314a3f73f1e74271851b614b0c721d16c7f9e6741cb862818c6606b192d478646fe35a2030b9025ecbb0625c6972de335db59cffaa995ed5bab366e98bb1e9fbedb203dd28449948cccfd607c957836b073b6b61c7f7f0fc4e8f9f32b22204e3c51cc223eb10d509a997331d1dbfb73a62675dca174789eb3c7baaf4bcf017446d37bc6acd6e9927ed126b8d28b147959c905ca41b2b4506332a3a450b887f6b840f4a008b8ba0a44d4d20507aa2301e8b2c4a7ca272a26657d77da9cb7f4797b62d28d8657b13e5d0e013d09a56be6b27c46f11ee66871f8dae28d45f55bd322abdffb42b212093bcaf4516f4090f3bd26542558d03461f37ad792b5e205102a1aff4b8aace2ee22b2d6e0a61ee052fa4d8ac92d7238a453df74d078ae91b728b5a567ed1206fd9cdd281b3812e794d158034ff343af262f5943fc07d70ad192e957eb9212d997895b249de25b345c14e2e82f5397b71ed627fcf834fa226c35c617f7eff3f4033b629ed467e35cf7e20409437071168dd1d2e13a270e2c696b86f25d0bc84a2ff73cbd83005ebecdf2beee27a93e2d4cf31436b31c30f1e40ab3a59f5836e23fbdab6de1318a49d0a7e7d53570f631d3f74b2db8314cf339e4a5bbe1869e6cd0519a5c6a7afac6bf3a6af3f0f59171a35729e9237b4dc1535fd8b2903686439efae45abadbb77ab09cf1ee8d95d18f8dc74b7a5b6b1dbb394edbabc48e0b1443c7345f29b7797fc0fe9a857a1024dabe3f0b868e03e3841b7ac2425f05ce80f0e07c3bd51dca63abfca14a8a83161033c6d3522ebcf45214950d5a01daa716cf6f5e24b3f22ad1e27d5dff09d8c3a89f064903928495fcb770b8da274dc7bedf709c4cadbf56cb9eebd42d59c3661c0cd99bcdb7f1bf69a3e617a60c5f10970348e808b7d144f15234b556ed0691a5a5db3d9b464e2efe6d9922fcb0bbf2d2ba19f074a3489477b267c179c20ed746b718b7ae891351c88622740a13f68e46dc6d6a8d0f843cc099605a826d560f3d20980c3998297c7f0d92b62190d7ef23f0848de2bbae8fc72b1c55a2f452fad6b6d1ae88ab6363be32f181a1f7364fdbc452a94082058e2f93ec037375ebb83179c13f0eebd1abe2fb23c1281bd1d15337bc404890337fda3697b1b361457e3089dbc2f971ca699d9647cc9c9d3c951f5c0ecb24c16f5df81f4ae932a2d21f091a4a46e0ea95f73b0bfd7c9979b6bbb1cb41ed29a9b174e8f704fb720799766c12bee57cc55c511de454913c1a7bca63b8da01a705dae9444afbf967a95ffe46b65c8ce4109eec16843b9ca0e8ffe0293f00ffcb7da1728b0340814240587311a8e206e8b99d7af0ad787fc959c5f2ea7219b78c067c7049aa8a2bc78a851d0c28bf4ea4a40da0962c1052b78e25a02f245d559f49f6d83a61cc80dddadef52c2704bb30feeca063d1eec1e50b3b353a94623f9fba25ad34661ac6c722ed6823d31f805181cef8c80449a7f50a14589883041da97836986b2d5627c22dad5374ba619563b3ee04c32a0f4a51e9e7891d3b7e268dd539451a3a88265a226ebc12e69779169fdf1a9736fae6bdc0bde652c04ea960a85405c839a672e6b99e9169f0d6d87b3d9d358053b9475a87c61a775c8eeaba8a8fbffd0a859f1bcf208c0e3a8c3c2063fa3cfde94845fb324066cdb6147130d63b70de93d23aa679bca87f3f7804825013ae29fbcc2aa88018174282452ea4a8105919ec8195d98ccfe20fb41de77f8db5d6143fc2203826ab1c105510b7f685e90f02cae1774fbe1fdb55fa51f8abdd78e545d384b93199cdb1bf3627895e89835452cb935883e3d281fc534c00c8a31bfe2366ea24dabda13444814d9c8fe5be8f82386ecc055b094189309f4db5d2f665a5fdd377c89a0cd144093844411233a52fef7fb24ea4e4be4feeda06c1e138f7780bcc3a1d80724a80758fd7fb2c1e0eae834a7e6c9978ef60140f4d85424446f0fc0ade8ec89af1c926311f78aead676c28157ca890060694532f886c84f41d4634d7223c58644fd80cf5b0fd8fc1e25c38d28af8dd41598117fd056bc6dd767ccc007ba45d257e63c12c91be33c4fca52ef74e2232068429f177b1e3f0f92e4d6e8dcdb04547239ad9c5c4ed4a670a11102929d99824e1d26cd1f4d885620f833e5782603f9e390a56fa2d764d4ff3f89664d7099a0cef6a914d0032ec048401cb3b5cb249e6bcf4060ad817351365a8ad82b1bf5fcabd6cf3cfe2309d9644bba28b164a2afb3875e6862e97acab20c7627eb152a79f390858b479333db297770ea164bd89ea1f52a21e79c0f78e7d6d92d2835d0af8962d9005e169ca14e612f82b3f8870f211727421a8c77beabf644713ccfc3c1c0fbc2abba4d356a360917b726766902913420279ad5da5da0e57de6b2154ab1487367f761c40dcaa5929471f804ba6c3a419cfb15dadbfdca5a0134ee72542fe9f6f3a9997df4b7955506e7641c5f85c8dd0a8ec324c63b0e638c30d998cd0c1455e2715e638e77754e36956245c2a0ee297f6ee12db13f640935568fdfc1cd80d78726b8c8d89fb79efc4b10d6711a14f71afbfe1a843451e60936104d9722be67111ed7a55dd0b37956addcad85a7beb027dabc678299c991f9d29cad45a064132d7df220c0091f1045c2bb04b20594e7f2fd20302c69205530a672558900bd6629eb2d71cdce5b1d457b7bd310e4f3d176b2c85c71859a71e71b4308a81b27b4201b1e77bbdd180bd47ceec67090d6018e47f0cb716fbd350112db10c4b5e78f22c093b8e86ad521a141888b1c6e5950cb65771386eeb58dc63b57c29c49623b8291d46aff1f6dd91aae1ddafb044b7b5a05a12468cb2d57d65db2ee1dbfef0d0f02158c73081072b0ff539f1f110a94253d80375fad9c39db5e45f01ad738ffa950c49e9a88a730c93d11d5b219b4bce951419b05276a0a8d702e34f6da5db40e961a3e2a171828cee51114a1095c6c036d6dac4cce72c47ce84a752fd3c4e47e472845bea392fd7672f8a0a629300a83cf5457f5c049a876933255a580fb3efbc2014ff074aa3c09e57197f4f5cffdc7d66ca0c30328e6f6709670d0bcbac20e75d6d235d6d0559a997fe6b85ca3851c830598426eea8f32bf92184063205b8cd5da24a69ae72d1f175eb3af65aa11b1095ca231d041ae4fc977593aa6d132502a7b13b5d44fe40f7a33dfd1bd60897e9c1d4b28ab16b24b567ee09cbcff0e261452d78f9fd4450efdd31bf0aef41034a9d8f0e914ed8d5963149d506785718c87028e01043f31aad462ff5c5419d5fbbf2a9f9c64e2a865b8b066049b0fa76683cf36539a7d70f2f28d8eb9bfb76743d1bbe179387aa558a87ede21b65f3edd62d0fb24c11da85adf2e0d151efd44526074da8522adc7530651ba6e2701b8303b982cf7ac5e45f48669a46fba77163afadd8684425bb372193308bab25ce01c9f7cc971777d7e93d31e1c188e6ce29dcbdc596cff67ca273746c5861d70d0030fa3c5a2617e3051eec4441dd54b1359ad06068dc7f017d4926de7b36cccd3fcde7a2a718dee862aca9d873e2e7847e51986ec99504537ff5383dcfbf97181a59c13d92941b6ea2e391dee7172bd8d5517e0c3474cd4d557ea0e98d0d73d16d1c862c15bbe368ecee2ee310ca9b751d6049a887db691066c0296ff49be909b66cf292abf093efd578393ac6a50166aac08a7370180f253cea4e0aa4ea9cdc76a595e2eea8aab2aa5ac489df02b4b857b5e992fa8c0faf8079fcf48e44e1ea79416ff0e622c53760565dc04d322e4ea0a72d79d5461b7ecb522bb607ecc6e85ac5438079d9d6a2a98832ed512161f604e894bc897e33cf966de484ef0dd73eb29c6109afcfefcde3c1fd7edefb627f3a057669886eb0af4c3834369c4191347d65afdf67b3703fafd452961dc836a93aa697f3e2e9973e4f6c13b6d43f9f087bcbbebbcc269a5dfd07e393b399e7f8e05aa35564714d0e9aac0515d5292cd4a63303b875e2e7af3ecb69dbdfe7be9ee1f2e6b94919c6c8558463b29d8dedc077b5118505ccc9aa180a0e268bcaa480f37841b51d5d6bb8953d5632f68695e3d7fffdf36d6d6c60151a2c0d15842b9017142494743d717048eb94a9805759dd80c7ded9a33e8f2a5cd6a9f2b9dfe231966bfb69b7345d4b82fb5cbe19fe3ca4b6dd9a92a38d1d1a9df43b1751f3534b2576836b2401742c2d316624f8b7254fcc21e856f89b48c96d895ec5e6ded21c54c9da095bcaac650e48ed94615f06f572e38845e45e430fe7b2d28b3233c2f4d41b3e08138d6ea7614304de313396487322632f0b5ab1807b715dd53fcb0db8e52991558bc2a34cc161644bf58a96f829ea870d7b8c54421d86e056f329da526f76936c94e4f454e85599d5129ca4ee6cd9a58dc217f22964ff5cd79575025c121023eb1a1a20399f4047cdd612e2bedab4b5e449308003a000800000040026300ec007b00e67deb5742bcc673dca7066a51c5ee5ea86369e8ea2d998ae98fe976a4b1422b3bc2613531b54d77531511abab2a25a04ebfedff1eecfc9f0bb596203ceb42e76e1bb4537bd6f7d05b5c4e2d3084ad9336a8ddd0ac8b95b5dc4bac03c11021cbb5c192ad69f9da7aca05d5d9bffdd1e621368da68092c2dca279bb7e1ea20183fa420560fa3399b2107deecad4f1a47ee60063cd306f9c055462331257b80871ecee033376809d0fda0541f6c3c2ba08a51bd8ca8845e47b81f560b201524a4293afbb7ad5945df94f4cd88676956419588a63117248d8e27d0dbf011a4682d3182d3fb67ce00000e1a2a55863756baa13ce15676f715ae490e72254fd9e98d4891c380c928577b83668954172ffbe2c22a7c3351fc442c5f4f86336eb666ffe8acb2592333cd10e04e1bf4c5f3a96009ff1ca9e90f2cc76324be881712c76420e914641d7ee6ee254fddaf854f0d1a1b9b4b9c918af044e48f78215222a7afed5d47aced0a5fb7492e61f4896c8508180a232903344485473300dab91a6b129dcb5441a44d82cfb956165d49a5c9291d24f305cd196ed787f60887d14d25fd0bb5135e8a3f4f7f0bc1d08ec00c6341823e5d8cc485e6387dbf4c13535cdcffb06b792252f62769889ecc85e73e193ceb3391b8f1f823d8e328e9c1c2e35de5fc14ed62a7c92657b2b4f1398ea5cec9860eb635bd909b95a6b9d854dd9b08200b20d9669c41b5a35729a4b23f271db46025b7852111112891463094eb3fa9bfe145be0e54404a599053a855b730800750002000000000000"], 0x1440}, {&(0x7f0000001880)=ANY=[@ANYBLOB="9c1600001e00040026bd7000fbdbdf25d64e8c10f6768f8c8bab54b348470481d2de67bdbfa8685a8e8a5d098bd08bc10413e2b6d3e7deaa985d651edb38d031f57117d1ca9ad9544fcfe6d849d4ef4eb00d68c91f8bb91fc31dfd2df4be25f1a30c5c500611344ff8b900dde9beae92739d12fe5fa2d21d3823a4addbe26cc374508ec894359feae0953b8a6fc2a078418d024dec2c0d0e4d117fd70d831d92030ecf5e532a8cafa4bc3433c0ff87ed90623d601b007c1c25a62a69b27a0b459788175e25cd5b87bcdcdfd2adecb0db5f54c89fea97881f797d61d9160b0e47ec3d5df20305c0df870e9d88b332e40e10efb9cabf12a2d7c078f410d5d9dd0262f128d8135dadcb30c563a1f3b4accc62101aefa97b3a75531d67f8f55045163ad15280a3b7ea33ae73805daa8d50f2e53969926b1d55ea0a22c2a404ad5564daab21cba94da04c64477303025d12a2894737a4cdb5f0bcd7a9ea8da408792517cd6dd4b0a1d94027a7f293fa6c71dc014b7aa41b6e404fc92d6a3f50c504d15647b316022be3b42b5e04b518705005d2e2d80dcbe576f7a15e0a1f320913dc32aabdc2fa86cc7208542155ec127a00da3c20c0c6bb06b448f0c9429cc3a2dc70dd5bdbf839ad80c3d8bdb779d5bd5647501a50c1667c9fe9f6ef744adc78c916bc95ac97b776cd5c1d16b9ef587f3110f320f8fa754b92cf716bc9c383197e3f5d0e51a493d58cea98ccb5433249cfb8d57d39b70844b5222b0233909e7fa2d16294f464a0f6201656263cbd24b809e7fcc6d7e10f13ce56d6dbe068623407298619989eeba822d85c2477e0cddc7c1ef0a33c3aac0442881d9ed0094ff7adf7779d9ba279c288f8e9dec1fa865a51b915da3790d6d8ada63fcc11ce404df524ace37befa41934de63b4e620d01c87e20a295a22b2b30634cc4e40754e59cf4072ddfcbd63dd861883f966c67a12f889bf0f66167b46173ea13ec3fbce533a5918b3a8939b60d5e627894bc0c79f6c893c48570d5da25a6af9e0b713bbc803f37eedd622fc8398eef7a1233fb23e9ac6462bb048a3699415b364d0f3a7e68bd8648fcaafcce5c3ff36a3e58877031f9e1b2373b02a04106a002d14175c0d540cc38b53091be07be76da33c50de5413195ce71c443356929a2eaae5f2ffcd9816e97db829da2917fe60f69a01dcd0faebb9d24310923f1e11a550089cbc1f323298d8455d6c5fa6edc7e3b1b9da04231c7a722c9752415830e7a2abfa13a02342f603914aeed47245fa4a88868e9dba4e66d42ac8fc5a24d27a9985937091c67f69f6f0a3f82b03f261486589ab6992147f6059aba1595a747f6a66c15ae1bb96b4588d6b6b2e3a1f183e2a6ffa5ba99e8cb89b52e85076df0fbd8f0e2b301b2887d1619b3fc232eed217d0b09794e5f70a646000f545952fa158264b72a768280af4eff08591b963ed3f2055590d4c8f879f7014ffc180b0b19f61f4e12b29ff9967d621a675b88de160170b07d15831848da20f9fc777335e3aff5a6797446c998df710652b5107e6c07a575dc8911c2f67bd15372ccdabd4ece133cd92142d34881a5b654a149b4a5c584c52df4a34662876c4ff3dc13be22b83a7d9f15b49593797e5a1393d1e08c9b1bfc96a76ff225e65c651175b8cdd993530a966f9dec647a206441a4ac80eb44589d6f9ae644f7346e751efa2a18de051182c242c1a0c693e1aa527b3ab2d94459d5131ba693df4259f3aac7b2f43c522a65f9f75de7cf06c8173b86dfdc21ae6e931dde4215c5420a2118e1b022e44f4cc6efb726c108e5ec7c670578eb961678d62eded8066ac32b3eb53e4f3bd06f2c8e8f56e2176af29bbd5c660ed3aede8b9023ecd846a92488e34623dbb80604eee2e0454f0207c2ec64e510611faa465b0a30a01d8814cf2c7040d12dcdf4b5045072aad541b650ba39daf30ec49f01054e3f86d25bb05143f528cb0d5c95f74b55aa7eb0ebfb93292a57b252ede1e7c61fced0bb730767cca3c33d46cc8edbbb08c61805f7dda8840ef6916bb83789a1201a352b2b009583446632bef19165102a9082c473d95d1b247f7dd6a843f992c1c4f41a68d3900915cfd589b4ed98f583d7473b06ccf3e1373adf2767acb4cb04319eddcb3a7b868dc988be79748ae567bf75c4d184df818cd14817d4a94ce9f36010ff1cc6939ff2020e5d6f91f22c26f1d84a2d9f4189ee12572fd32e876ec249293fada1202120c4ba670aac9fc13e91d675555cb2d8850665010d25011e68213fb5f55807c240be381a86a20f0d7580b330ccd703c7759bd70ff1cffa0a95353b935f48c7a0a651d60e18cabe4f17f0df7068d9126bbb40b199236e16b7b87b2d8709b61c9d1591dae8469dd79e3f94059a4452787e1f68d3abb2c434519791d7eb0c73af0c06cbc14eba864ab68a416d0873bcb65bd7f5aff764c7163a3e1f43d9370b45ad0f00832c09608e6731d77989ade241ea1ca9a1b6064009858c3b474960fd2958f2bce39d00faffcf5173df7b32355aefd832660999cdcd184502a5cacc15e35490770b60e5d9cacfac3621b1c5b0b84df27d3cc136b3ebc74f32987c196fe94524b5d55b6c2548ed58c997010eb469375cb7948698b90b32df0cd3fc3a9756e3f176b697f55c71d7fe1f47f0cedb347439562723a09d1ae52c5458c9ab8ff2427ca3db12e050ec8899fc17530e51e474fd0c60b9acf7464e7304d916199d61f5b1df2c79af284cf997fdca2f9ecca281723602ea829cf8e1ceefb18daf037ef8bee096919067c884c4327729916d2de8d709ca95edbb9b88e60113b8c8c4f0bb7493030c8d5c027bd4bcd02fd4ca246004b163710df126ae260292fc9115aef5ad59f06e44e20b025ba4414f171971284f9428abc48aac1fe9869efa8bd7b8af461ae1679b0eddf7a8d7c719a4292117c41e5da3a4df6c9c9490509a9565c9ce1dc7f6f1aecfa96fae967d9f490d41207ff3ed3cf810e05d2ee797524b7a3af6f0e5660dfb139e72f254d1a5711a28d3b5398e8b41423675380f1e64c7526b368637a396b5a2c941d7049e8658ed09e054c3d3be4167bfbec1b32bc4f42e730549a7737b564cc874d0497a2e72dc75f70c16e029aeb036a51ad7a3bf77969ee33fba50898c919a7e6282107e54b2cae48495f088519a626dba0fd5d672590dc44abd07e3609c0ab389b5817c91eb30abfc363c267aa403cae6f233d9e5f1574a01dfa9aa0ee58f66423bacd74f1993ce6e80f5b332794392a4238f4db2c61587f410e2d3221f413661469f02a7422380a4f602462eb1391c16fca0fe24e9d63028474a67043346ae641e29fe7cd74fe677bf8e0d41a85525aaf5dfee8c626643dd6380ee37e7e031c0fe62d987965a132966ef0fcbc83bd385982fadcb646eb95ac0aa74550c11d2ab69c0e4157fa05da3c308ea5a916a18846f70a7e632323ea63a1f3fd39a55087868c43a795d65dfccde2e1c24617f9781a445b4c5d9b0676db2bee586108834c462c8728abc1ac84956de0126a776b6c2cb4bcc0e56f547986fb8d0e94e230c59c152d42856ddfad0ab66b4daa6ea7db852db9b0a03e0e28b18afeb5ec79dabb8a121c2a68872d98004ca2c36f7d74e55f3b95beabe0242bef512961afafe07c52b5d20aad0aefc81beb6c09ebd982747750f57d7a7fda823a7f29fa2312d1dc8e71c85c85949dae18bb858583ad17cb1070acb141bdcfd30682dd2ef4cbaa0d9ec34e6f80d9aa5d8060f5578e407c9c86ff8eeb13035a02e0ace8a0ea9bfe4bb5cb1c3d6fc8c32d7b8644f53c198a672fbf46649df3dbe25aab4a7a9f40118bef20eb9b53762a22283770750c3e783f01fbb0fa4b45466b532ec292fb2e461fc5359c6ceeebd7590ec4df027bc85c043e2c79fc4f5e2910fecfd83a3ffe95dbb5141a4b918475a0b6c1dfa48990ce4cf859647029b6c27a24416ccf1a32bbac722714e778ffaed097b424e9b956cb8736c509969457ba293d09e46cdd17639c076721e0ea5a296d8af8d74208d68b817aaf1cf79b894e9a98992176c996121ecc8f191430853e9de6fce7d33a5fc14000cc102772f935bba8b35c74dd7a113a85dde59d4a7ea3b7e261b504c22ef6ec45929e7bd0d858ec6cae93164ba1a69006772a030e4c0ea963050fd4b47c5d6d16c4ad6adad2ca47a221f78829a600cb4acfa614d99b5a57db3a8065fff29ac0e8ed09b2c1b8b3015b371aeff4105b88252f942a60ec78dcda432b7e16b966a0a1bf1152b3da818363b50a30c399f312a14c6ed0f6543865408c748151e186dbd3c0937e6eb56ed842aabf1949da1855d83b01fa4687b38f5d0603b2e614aad5f0cd7472827e758afb850d86f23ca312b4bdeeb55841db50961d1c4fe349839051c32806503ed3b06918066c25389b2896a7f1a2657b37595103e7cce47172974b8540ba523eadf028e4b2d34d151b4c531df779aea09236074b77ccf1525f71761b9b917e6fa993090bc365b4a3ab48a2179d4c85c0a073d7d8b77ff0cd151ee1fcf4a482e8cf48298cff33e68559ecdfde2133ff7880e30327a67b354171103cf681e8d1a86e61dab8697431a9ff3883375c898c6c163462518ea93070ade287b41ba82ebaef5989c2e4161a15041b6cbefc801b7608fd0aa8aa47494e0123d1e7b10bc4d23793118b0714c1626c76fcbf5ce7f498d7970fb320cc58c1191a5189354c408cf206be1f98ffe02d33700b8c3a625d5ad8844eda87884f4f41e13f2dba3d138251da206f585b4e782439a56c0eba8bc5df8a7248bc90fcf3859381fb171a5927f55c9bbdd301fea01de4bf606db8b9000f44a54dce6b2a199c51125db48cd169c9cf3fecb754e355ef66d897fc86eba8dd348be14ecb3c3f2525f7be0f38d6d45a390df84f811602ece2adfb102529c186b54410603a93a8c65ab9ef05942c35342996609b84f6477cf7ee2294cc67756051c390bd2ca3279644cb22b22d62e45882e2f568d94ad601b359b1b729f53c64525e9996989377821ae01a28d752e5beaa1e0231d4ed4a1a4cf378fb8aa71f2912ce91f007075c23556305711e9fa89a33ce2aa314dcb4493e4ae5b49639b869cc49ea9eafb846cdd5301cdfed3ddfdd3b39590a4a224361e22eadfeb0924be8926795f1a93cd554f8fa38ea7c6ff99e22353162066a15495ecf82f65ea10cb753629e6fb915a9750eb233d2ef362f8a0ac9b2d3c1a7cd2c510e00120dcdadb960ed5b3b9a9d67e64029019e4cc5bf58464c914d7304d768bbcde96175b40d2dab3df4c533f3889a3768eeb56264d7b2ae9af6e3ae4faef41978b068b435bf6b3b740e2c8dd655b8f2128ab3123c1008695c86f571d04e70385c696e38ed0358305a9a7558a760f5e3af4e553912c4848edf5dcc7d1eed6362f9024d2850d3c9c1d1c57d66155f5b56437561cd33168003cb380622b10694a68dc08ffe8bb6dcfc845dd3d3858996d1f2658ee2512912f28f2e00b8c4bd6139932d9dfa6345dce8e4e4a05499246733cadfb9c282c9dff91d6fa9b20ba84b51b75720de154791add655febac8842f9ae705cf36ea94127672fb9e50e74919819aec96304a0eb3d9e5513b2310e9af6b7ec83e258f1f87dacf46b78913c2a18bac38bb2912a44acb8f09214a67896be9b7e504ba9da969c86910f6c3d3106d5997d5a66f63731c57fb68620dc8ecff06762d3d391efe8eab272b620fe3c5bc90890e109fbb1945944aab5232b1f57367f76ca2450d483c6628aa1c8b5b9343a3dec0747ffb9879c99f40985f26e5471d51ff967a5d84fc60216d4a74ad91574a79d742c842936743938864a94a474b60c940eef2e2e338bef1ec361eaa873df082aa8f831fb57c718c26c7933047d84253bc04f0e021effbea16b88e9fb3705babc56a60e1acdcad8b0e76b00e2ffeaf572976c086b07a60d7796ada6e12c379809c9b09ef54615c6011aa5697b51e499d7adad30f274aed32f09c5e6771cbde187c79d07177b1ef6fc0eff45f68bb9bc497b52a23b0c77ffdf10f8c60b0e73a6cad43a5c654fccc67d9ca0b6d491e1f8d69c5dd9eee7ee60acf2a0adbf43d0e07883a0ae6d85f7c0763c60076c906e691275bd65f135f9125981f570919b1415059e156523bf47a5beedd0f13f5cbab919322d856ad4713c083eee70e1afec0cebab4cc39c9bf716e4dfa20c966846ad42cea7ed94bfcc4ca89f935f7ba80a8ca3878dcf53b1493586745de7fa06aec3fd8e3a148a4445bce59a4e58094a9d144a1e555c4a9e3c0c1687cceeefa0ab3d10d929d7662b0a8e5913027b7a3d68b70e727017663acffbdab4def6405e3b6df0f7fec320146f08a60ca6f14f9eeb1763b753d18ec102fd1d3453582cea595bdd23ffc9a5070ce5e1973fb9caab972f3e475cb71b45e9dd5fbacd8118f4bcf3f3ce42e3ad8ca6fc70529b15586cab90c23990fec52c8643746f33af38b60bbd745aec9296eb22ec3beeddac31754b31e4d516d7ba9deee9b47e387e17503682654137e00bc035d8a51b1b11f814f62803803864c7205437c2291b7d30e2175ed0bf3d2cbc874e79cd15ddee685f70d78e5cca5971edf476f1cbbab2b6b2278146c7d862532a23d3d74f2a072c24348acb357df3ac26de39c66b9cacac8b1fbd1db1b43d9c00a042e0bdc2a604544838a13d6d530dea543304a3b7a6f02049fcb5fd90ae5ae219eecf4c9f877a1f666606e929ea2ae72d31751f4fab6ec3b426e7b2b565f07e7fa458a61e4e8f22a515b273320a977fefcddd4c9822a9b5a119c69a4fc7bec1436173fd51bead509cb6cdb45d3829b342a80725cc06673d06834e6f7a937363ffb54d4a45aacbe69793851151f41da5d21efb2b34c427eb3184ad477741e4229dbe0abd44337166afadad3fd886b36555d1efa3ea0dccb4515a175ca591012a62c6cac111c28fe2815daaa2a447c4a63d1d4a7ec6b8935d4bb2bb9f7b005df8f74c5c5dcad73d1f5c3d0c119acfd2b1a8306953d6dd4dccf8bae8c82d62e668b4ec7e4c9897fb585a7540c99317852292ca690e4af19af212ca270cd2a803335f0abcfd8443ccf46f9427a0531d24898e18e353e4410db42e70a412cbb36758f60be7fe353d0f00042c8a863c2594fdff2a6fb5eeec4a982591fe38d0dfc81260026cbf8c36a1b5f27ebd2e1642f3a21cd8be9daebc778d5c98cbf8b4ae171b9552546a3a9230f95476611ce990926295154264b774db070b2a9bb3a63ae4ff7fcf1a6fdc09fe9200017006d696d655f747970656d696d655f74797065747275737465642e00000400420006e11ff70cccf46eacf23f485d59083b373d95ecfba08ad6874136d497e64b4dc316553bc945d3c8e474c38dc576374eddcca387e59fee0cdf56d72191c55251f74222d5063f768aa958721c8180ce49b007122b88f200000014000b00fe8000000000000000000000000000bbf001830001e8367feff7d2450adb2a3ae896234b9db0caa6a8e585013d415b8f5afe96aab00a47f6b43fedb9952475310e34c4f587289d4f2ec8886b842ba0f12ad2cd4fca81c5d7c6aa5da6db1733ec576d896a26489ca3107f45985df59893c2cfff82160c005800710d00000000000004e5d8ea520d8d10a2bc1ad53eb3f63eaca86dbbdd4e04cbf2cd1ad1e8c8edc2ce206e25752d2b93f70f8c3833388364fa608dde6185054584cc331aa67e49baee848013a014ea5e4dfb6078fe73c6f621064e1eeb395b3dc3bf47c11530ad8dacfbc6e128c26b332281cba27aa1d8f97e64ee33f12f3d9fa083029c61fdcb311b85aeff971128fcb9a8d3207d0653a1ec002600619a73fe688278b0070a7445b0cd73df3131f7ac6acbc7c111150153a343e2829a1fe0e57e9e443d25a6a0e3e5212a996a79aefbbd5b2ffa783667a113490cfbcb0998f3f688694c72316848cc51318ac85f47f4d5f81c747ce792bf00c5df25a56ef4805de4bf4f009e13281b5046513b948c850cd9111d06507abd1c42c010945b6de7c93a47c629ef936ba3e45da75438a33fdac34bbcd1d5b707a4d39e45071c6e218ade3388d07d93343ce5c362b9ac683e7b7c044712aafe3725dd58fc4a537a08dad1b6dce655d6f872e52d65a20d945ea18bd9d5c2d188247509d00bf8deda9e5c000000000000"], 0x169c}, {&(0x7f0000002f40)={0x328, 0x3a, 0x4, 0x70bd2b, 0x25dfdbfd, "", [@nested={0x234, 0x7c, [@typed={0x10, 0x4e, @str='/dev/kvm\x00'}, @typed={0x8, 0x13, @u32=0x5}, @generic="736f24c4b1cc4a27f31106916d3ba2c0c9b1e6953c26f44f599a15c3ee36cf00c8a3fb7f8bebc2dbddfed2b2a4350855b3e57d1cd733ade448321654acce7b7d3d700a0cd6d9e45cae15815af05e356208b043ed9580041df809377a0348d81eca879d0898d63fb914c2e06e34", @typed={0xd8, 0x3d, @binary="7e3b9dcf5cde7fa1d53a1e21154be1389b603ade81e3d64f158a5baa934af2be924129cd8a9157b467180c63904f3af7fbe7c3b71fbba8d923f1c95aae1b28702e028417b90468bae0145ca9415370f23e687cbd80062b21b7c4fa73df3f232788efc312be8a8035ab9e697bdfcdbf751d0575769d295d55dd7184ca819f73e03a2df8ae0f8e9adf682ceee1e46abfae8d624d73a048ddec3e7010d02290e3e7d0d5f2a817b969f54a94e92eece9dd2843eae1e6dffda335f68c4351e1e1255ec143607682baafaa4d0680585c4d092a5a4f13f9"}, @generic="d0ce2080538da6f5bacada4c5abf8097fe19482adadd580f2e00db533931f239af7932139499d3a26f33af9c2c2de06585df464fc3764960fec85334b943d8c61261d5fffd47bab9d6b8f944fa2e8282ea7730dba1fccfdf7f449e1b3aeb90e2d172835bcd7425aba8dec5220b7d48ab3b44c7d527020353cbb008c6cfd38ada1fc185e7fbee4970de14c947b0455183bf56f3a9bed598eb8c65036cc859d1347e6cd07bc1772a20397df8d62c52847f334e5057b23024ad083edcb8d184d15f23", @typed={0x10, 0x64, @str='/dev/kvm\x00'}]}, @generic="3e326ecc0bd006395b935297428092cafe69a8e6c700f0f74000957ecd4faf06721ccef8aadd3638151f8c75479182dd3fa110f6b448121e8d777d44dbc01e3724202e443d45450459f11daddce0ddc7fb2258c7ca2ec01603", @generic="9af0172767c23a771c2e931f84967e4d31814fd163e8bb38c4c46c9aa9f64547fb6a89651253434fd1e00bd3219f1584ce7a9feb8cb7e4f32774c8377cd3fc774ed6953d3369019cfa2163654a6464bda1a6903f9bdf2539d6b35528b9d7d2074dd822ae522caf5adfa7fd46d0810c3e4fa7c8931ca09849b19e3d08c7567ece8fd1f75ab0859b97"]}, 0x328}, {&(0x7f0000000240)={0x7c, 0x33, 0x11, 0x70bd29, 0x25dfdbfb, "", [@generic="8877135dcf8703c9a8de54855fe932c77eaf465d831b425a543e1c4b3414464f42dfbdb7b51e9af344edd863c8f93f7d745fd5abf55ab96df6a010781f0a3ce4962c7dde3c05e0924f616614115f9e540e67d5e840c1f29f85f89731f06decb1", @typed={0xc, 0x33, @u64=0x7}]}, 0x7c}, {&(0x7f0000003380)={0x4d8, 0x3d, 0x404, 0x70bd2a, 0x25dfdbfb, "", [@nested={0x14, 0x6c, [@typed={0x10, 0x53, @str='/dev/kvm\x00'}]}, @typed={0x14, 0x63, @ipv6=@remote}, @generic="135acdd370a521be6c8999299f89b8a0263c071cfa74648d8559dcefb700a63a058349d54a150618c924529a0ce8469a1ceac9bd883c82f81ef345a831bc5b01e2434b2c3f9336a36afa3eac09212345e4d193c7fdb00c4dc61f5c76c1843be3504a79ed30d744b5dddc85534732eae91fae23ae1050caa0e5c210ba0adef13216711f96725797164a972fa48382b43436723f7a72709b22", @nested={0xe4, 0x6f, [@generic="9882dd6a6f5b48c3693ad70372324ff700d9d734eda2f15bab88aa5e9919874331999662a4f1a62493d1589e53308643ab9003eb09cb3cae3121182d55792c660f552660a9152ac7a3e68845d1aff03542da529b5bde18556da5326ec8e3ae6f4ab15aff6142ae3ecd8607c994a99f365960598330f534d396ce009b90c56d2f4eb8b45f6565b01056162b088023346201faf9403ded8a17dfe4bee8f27f07", @generic="1ef23f56abf3962018a288d38bc81eb970791e506766e1f32b92bcf3421a2960662c6d1da34742907a32f8120d0ad1708e677b198e1b9eb0b978f1a57d5e"]}, @nested={0x2e4, 0x4d, [@typed={0x8, 0x89, @pid=r4}, @generic="8370e9b7e0d84d7c52971c342eff82b5a5e91ea2a647857d3257b14e9b2b14202677cc5fa810ca239ea286f1eb0b2bd913d703c7521aee8bc695f340fe62b5cde88136491bea3601aa7cb6df41776ff47b6e10eb120765d928cbc9462226afc7049476880c80feef9cef99f87a0d0378166d71b7f3212448b47298b31f43902212a152b0d8a7e7635c90d3b49412701c8484d31779ebc006fc31ba42b7ecd22717418f0ed0c2b3bc896ffa087ed2d471ce81fa8db3ad2e3473705c4430e9dc25f91348eff01f8119679ad9eeb77fb6e5c0095c", @generic="7d95fe7cce5c2310e939b3ba1625766239cda442ae2ebae18d0b545ec200ddc82ddd56bff3a69bc77465b66da1a71e205e42908bf0e1c6744b76f3dfe7aa3b1bbb9ec6cb854c0c73b55f912a3d66d49130a42b5605c19f65cbfae23731d73e9a43e095be39f84882227571427b874a064f24fd050f66b199859e3f8c043f0f9473263f8a255678c455d963d7b7d4544ddf684c5a1ac047fbfde4b4a685d134942b5c89b577dc2a14a3651c0714964bc57ac39be4f8db5fb0477b2cdede00e1fabf14b9d5bd3ac4ea39d1c599af9abb607406d7ac22ef84913f6d82f55ae57c76f522846c1e6a53302dd3d3112f", @typed={0x8, 0x8, @u32=0x1000}, @typed={0x8, 0x26, @u32=0x5}, @generic="b96d2aba18851521b1305e1d0a2977a1442d055b2122bf234a9e1ff8ff804aab0ab596fee1", @generic="4abbc55437ed8306d50888114bf1fe83cd0a0b26db78e410822fedcb96ee97d9d98f1e7d021cdbabb859", @typed={0x8, 0x4c, @ipv4=@multicast1}, @generic="589e0339adb7a7fcc5cac9433e516a0f3f789fa8c5464de21b7664616c080f2943e4175d11c5be5cbf5455fa79fac381795e1bd9ca12c0fda8b6ec5b1c235b81062ee2feb8c9fe0fa762e855edb63d20cf66b0395040588f25f73d157d2ffc6228f9eb18fc699070b5ffb133deb440d684c1a221399cd1a1f2441534594301f97e66667b6691111d65997756a8434144c8225b7f81686b61d02fd62db35601a89f20c26c227cad7de29b1aad8bb79b1e3d"]}, @nested={0xc, 0x4e, [@typed={0x8, 0xf, @uid=r5}]}, @generic="0a2bb38bd8718489c20c9b8141e4261c6a61956b6536fca007b6b5d6f1d12fbb3e52efec44ff8e", @typed={0x8, 0x52, @pid=r6}, @typed={0x4, 0x5c}]}, 0x4d8}, {&(0x7f0000003880)={0xe8, 0x23, 0x8, 0x70bd26, 0x25dfdbfb, "", [@typed={0x10, 0x13, @str='/dev/kvm\x00'}, @typed={0xc0, 0x81, @binary="a7196dff5d4d4567f5d690c2b4bdbb01a1378e5f3e3bf4b6c62dc3070d418cf7aad90f828985f7ec62394012180de987cab2fb91d7ef4789fa8fad1bbcc54b55da13e7d5421d4d633c30e01da9e034dfa9811b8281db516bb7a785537f51514ab9f993cdf198c1d8bfe9fa5c9ec817c5ec2c8be4db9c17b0247ff99fc73ddf307e94f717bdfb7151540d0ce701cf2149e77c844726d5e192e0aef3bdd858c13bae0fe035ef77b71c96951aaa312e571a1fd68add60121336e3"}, @typed={0x8, 0x19, @u32=0x40}]}, 0xe8}, {&(0x7f0000003980)={0x2f8, 0x15, 0x10, 0x70bd2a, 0x25dfdbfc, "", [@typed={0x14, 0x3, @ipv6=@mcast1}, @generic="3af513c83c2a17d3e29c69b0b32b5c7e75dd864a4d02d133235c356e383147c13346ab2f60de5a38fdcbc3e6ffe5b994a025fc97b30b1c283d02d0c30655c6b2da954a83a0a24e955c36738ef0b5adb1b35bd6ffefebe2e59bd2f9e51abb8b4c38159bac725b7a455d4ca6425cd9949917eb124c076a69db6308bf27d60b5c1acc6ac239b41dd51d53a0a0c1952b52a8f176edba7d4a9cd6a2e20881a753d913797f295c42812b3bc03e0278c16aa9e9a7c3d452c32dfa5c7f747376ff6e07faa14ba6471b85b3c65fcb9d36072f0e90a187f2", @typed={0x8, 0x95, @ipv4=@dev={0xac, 0x14, 0x14, 0xb}}, @typed={0xc, 0x86, @u64=0x2ac}, @typed={0x8, 0x69, @u32=0x81}, @nested={0x2c, 0x11, [@generic="152b2529e158c8cb70fc69fe", @typed={0x10, 0xd, @str='/dev/kvm\x00'}, @typed={0xc, 0xd, @u64=0x8}]}, @generic="42c90a115db3bbba7ee68b8f78b6404180d326834827d1ac54441230d0fe1043e8bd05eb5b9100e6347dd39001e30e07decfedb1facbb28c33298aa9865a02a149eb3df91b08a7e49467f4d753e0c812342d70e8a594b6d2af1bdea45161ae9ced5de836618a288c4827e47fe1be76b40df7b792672d5d5cba3baf5696cd8d99726148e4a072e22142862c6a8315400a6ab34edbd1c6bd30f801d5ec390c7f060580106528e3632234baf36c3e9fa3f1bff9f4d92ef398a5950305cb620f9594ab49e20cfe1e76de6edf84716f7a0ca2f918906a6c22e6ad6472791b24e3498e7d821d002ed718475e97f28c383c173be752b6", @generic="2dcba91fdc9013a8157657645f390714b0576605b0349662b833c34a8e34cecd1ee27bca7d4d2229221308c99d4eb9ff052a99277f0744983b3b5abba0a2550b442c43b2f3b0164c3010d912f24ae76904e4d3f55cd155b6bbe1fb82e909bd02078d9d280719d4ea94d32e5d6b72b9699a0c9861f573efd50251ea83ba1ea9ef7add39f9da3f55e0ad6197f393898c4d4819e70673c4f14240e814b7bf958ae3cfbbb6dc9d177ccf1caa734517569af89cc98c13cd3fae73c09ddb22d4b005e9788f75dcac6a"]}, 0x2f8}, {&(0x7f0000003d80)={0x2f0, 0x10, 0x4, 0x70bd26, 0x25dfdbfb, "", [@nested={0x1a4, 0x81, [@generic="05dee32155b45f13c4c26bffce4243e2e99d64de4856ef397a7e047c1790fa44caca71c739bab78679d45346527061925c66ff060b93b09f49ae57acdc06555ff0dfcd23b025a776aa791b118a86d7c91e4ce2871240c54da9e99c6106ac57249e82956d2fc0d1486d05363adfa6e8ee0b67298f9ab019a2e5ea3faafdaa069347bc78bc867429b87fd0142c14a755e1b39a8a15ef51aa", @generic="ff18ea0ef06f15b0aad6ae5a0d8adc2263e88c3185a48e553fd97c4271b0fa1ff4e489d352b1da9e32c76422aab4f0f745e151d8e42ebceb50cb4ce46ab81fa15d0faefac358353a2d75c1b6595b8d28d0ad2ae5452803043f0c55272e0014538158c37709cba993f1972267b4c2095d86", @typed={0x8, 0x31, @pid=r7}, @typed={0x8, 0x38, @fd=r0}, @typed={0x88, 0x7, @binary="e9886ae8f29b536e917addde75ea18220fc3baf9a6f497bfcc12c67a87229ec29b8ec3a98e0ca3d8f8f56529e5a9325185e601d8485963ba6f65af61174e9c615b151aad91430521f51f1880f59f604d3847a2736d48393a6215db5a3850f276dba9f22834dd45a39bb29fb5af17d0b2d65eac3b72a5af92c421f5d719614ebea028"}]}, @typed={0x8, 0x4f, @u32=0x9}, @generic="b0dad5df0bbd", @nested={0x124, 0x38, [@typed={0x14, 0x84, @ipv6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xb}}}, @generic="e20224b40bafbb9099b16ed632451d79cfb5504c58f35c9bf2f25793696c7b369e558d63ac4dff04cc3ed97a3041ee0441cb626865a02e24c9f9c092df4d272302aef44590fdefafb4b570370f84d2ab5bb623584f9506bb4677a8da81a8d8a5737d085abe67cd716068d201f596fc8c9d9db0341b2fe7356285068d91ebd2ef8d765dd4ad7fd5e2accf8a621868429d2d84e02ce91cced51536ae5c6d1df3d66288f5262314a63faafc90f47f7ac2a7291a3038", @typed={0x8, 0x800, @u32=0x4}, @typed={0x8, 0x4f, @uid=r8}, @generic="5ad880e69f0418e7992c348e45aa939d07a0c06590f7f1733c75ae0e3f9f50a70d8dbdeaa1ca92adfb6366bc466dbb14566264cac20724f529c89b650c9512e63b1d3dbe2c"]}, @typed={0x8, 0x82, @fd=r1}]}, 0x2f0}], 0x8, &(0x7f0000004780)=[@cred={0x20, 0x1, 0x2, r9, r10, r11}, @cred={0x20, 0x1, 0x2, r12, r13, r14}, @rights={0x38, 0x1, 0x1, [r2, r2, r2, r2, r2, r2, r2, r2, r2]}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r18, r19, r20}, @rights={0x28, 0x1, 0x1, [r1, r2, r1, r1, r1, r2]}, @cred={0x20, 0x1, 0x2, r21, r22, r23}, @cred={0x20, 0x1, 0x2, r24, r25, r26}], 0x138, 0x40080}, 0x40804) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:34 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') r3 = gettid() stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getpgrp(r3) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000680)={{{@in6, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast1}}, &(0x7f0000000780)=0xe8) getgroups(0x2, &(0x7f00000007c0)=[0xee01, 0xee00]) r9 = getpgid(0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000b00)={{{@in6=@mcast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000000c00)=0xe8) stat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000d00)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000d40)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000000e40)=0xe8) getgroups(0x2, &(0x7f0000000e80)=[0xee00, 0xee00]) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000ec0)=0x0) r16 = geteuid() lstat(&(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r18 = getpgid(0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000fc0)={{{@in=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@remote}}, &(0x7f00000010c0)=0xe8) lstat(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r2, 0x10, &(0x7f0000001740)={0x0, 0x0}) lstat(&(0x7f0000001780)='./file0\x00', &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r2, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000018c0)=0x0) stat(&(0x7f0000001900)='./file0\x00', &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0}) r26 = getegid() r27 = getpgrp(0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000019c0)={{{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000001ac0)=0xe8) lstat(&(0x7f0000001b00)='./file0\x00', &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000001bc0)=0x0) fstat(r1, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r32 = getgid() r33 = getpgrp(0xffffffffffffffff) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000003100)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000003200)=0xe8) lstat(&(0x7f0000003240)='./file0\x00', &(0x7f0000003280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r2, &(0x7f0000003380)=[{&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000080)="cce7b21f5c5109b74b7f02a4", 0xc}, {&(0x7f0000000200)="7235375626a9be7190d0cbdf09007d2db892e3c844bfccfd06897147f6de", 0x1e}, {&(0x7f0000000240)="3653b7984e14ca4449ffbf48d300de46110f23741129c6827ebad381489c2e2b5cff5a7fb07badf78e837bfd4f277030f8cecc77012fbf52d87e0e2752a234a5bc283fc881b4fb55a1cff84423c1690a66329158", 0x54}, {&(0x7f00000002c0)="c7f994a3b42c1b511144e012cee8b4f178db99f70fd392d5b6018a855bf5ee65f9781154d07625f3324bedf14110d33e1e14e79a41c3de9ff1757c69de103303f9942d4f62e645f987039cf887ecfd19feb1ab80ddc1fcb36b090928059fb5042fcdae51895de6fca628c19e7b93856fc47c22c88316", 0x76}, {&(0x7f0000000400)="425559e4b256c7d6111d96352b6d303723ab3a67458edbdb0c598e24d934c258fed4a50c22ca74a685e89857b3e18b2b2e6f89343bb3ba9fe0655d4b75db8a257061eff510682c2518de87d42a8a2e2ae91461236cbcaee948cdb60a458cfc4e07c53feb0df1aced043b090a5083a3490cfb6ef4771224556741f0be191fcef5c76885bd69f4c2ad4e40687583b73b79db52ae945fdf58e451e040932744c538db250ea2876d83670fc9f02bbecfd1e907052863ee9c2710583f8fac8253973305d887b237c54a9b0f3aa2fc75408f908331692098481288162505b51239d095daaa", 0xe2}], 0x5, &(0x7f0000000800)=[@rights={0x28, 0x1, 0x1, [r1, r2, r2, r1, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @rights={0x20, 0x1, 0x1, [r1, r0, r1]}, @cred={0x20, 0x1, 0x2, r6, r7, r8}], 0xa0, 0x40}, {&(0x7f00000008c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000ac0)=[{&(0x7f0000000940)="e863fe31855eebe8a97e827db9e44509887e3c362cd4402dc07519aec6af37cec0c77405487e01d3d134390cac0d883c7661fd4c88fec7bfbd2561", 0x3b}, {&(0x7f0000000980)="6288305570213836a5bf1d356511eb8bc63f532fffcab8d47d2a93aeeeff8e6766e24fb6", 0x24}, {&(0x7f00000009c0)="45a00867331beb6a077fc5bddf4af6c31489c3220f0f0c1cb9da31d0644b1575ec79807bc392c3c6095c01ff9320b709f8d57276fc01f06bd26fdb0fe05a3543bf5cfed19fc854fcf97336679e4ca0fe8863fd11687136429fae74", 0x5b}, {&(0x7f0000000a40)="91625dfcc336a2bace10f7c8b0c44ee49767c3addd28b2e8fb5462343ab8dcf0a0e904525e89ed045787fcf6716ce63f81839cc0c3a0b5189219ad8749064271baa74c02794c50517f53f76f4b70abbcfd052a6b0eb21e250766523bf8eb13a96a", 0x61}], 0x4, &(0x7f00000011c0)=[@cred={0x20, 0x1, 0x2, r9, r10, r11}, @cred={0x20, 0x1, 0x2, r12, r13, r14}, @rights={0x38, 0x1, 0x1, [r0, r2, r2, r1, r0, r1, r0, r0, r1, r0]}, @rights={0x28, 0x1, 0x1, [r2, r1, r0, r2, r2]}, @rights={0x28, 0x1, 0x1, [r2, r0, r0, r1, r1]}, @rights={0x20, 0x1, 0x1, [r0, r2, r2]}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @cred={0x20, 0x1, 0x2, r18, r19, r20}, @rights={0x18, 0x1, 0x1, [r1]}], 0x140, 0x20040040}, {&(0x7f0000001300)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000014c0)=[{&(0x7f0000001380)="e0c436b242231b42633b104170b987bbbce0496e6f463209ea7831c078826254bdfa70a409ccf4ed5ea19e8195a897a9f06778f51691170b145d29d6d25fcb313247dc4e92fe1e95fe2da5e00654896a5766ca05784de5477524f53ebeb4d43f36368c77b410f3647a45e1250f31660f045193854fe57d57e6b7d55ddf43ac355410162d53f6894ad09b35fc3a5cef73fd9c9bc196ddcea826fb70a5aed2d9c6e006a5de0e64b3c8c2edf2e45b2bcb0b56300d4136782526f9644f27b57ba19171e294d67840", 0xc6}, {&(0x7f0000001480)="31d64fe756c140e59277390a945b02bbd7757d16d6d354cf1dff5bfd31ed94183866e6696d8d8eab780d088d1c6417832669342b42bc2ef038c5", 0x3a}], 0x2, &(0x7f0000001500)=[@rights={0x18, 0x1, 0x1, [r1]}, @rights={0x38, 0x1, 0x1, [r1, r0, r2, r2, r0, r1, r0, r0, r0, r2]}], 0x50, 0x40}, {&(0x7f0000001580)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000001600)="1e2c52d3365e1948ea840ef5e8fb6fba6f656101", 0x14}], 0x1}, {&(0x7f0000001680)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001700), 0x0, &(0x7f0000001c80)=[@cred={0x20, 0x1, 0x2, r21, r22, r23}, @cred={0x20, 0x1, 0x2, r24, r25, r26}, @cred={0x20, 0x1, 0x2, r27, r28, r29}, @rights={0x10}, @rights={0x18, 0x1, 0x1, [r2]}, @cred={0x20, 0x1, 0x2, r30, r31, r32}, @rights={0x38, 0x1, 0x1, [r2, r1, r1, r0, r2, r2, r0, r1, r0]}, @rights={0x20, 0x1, 0x1, [r0, r2, r2, r0]}], 0x100}, {&(0x7f0000001d80)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000003080)=[{&(0x7f0000001e00)="d81577d2e408de7e29f0befd1648d60c77229e62cc5bac4a80a6716c49a87665e3d62ebb04ff74673e3548c76f0f44609dc4dbfd2e6f2600cc1eb7a6f25ba7f3ae8cedf153a6cd4d6d4faa4414713df2e5c8c0e934332ee2a9661b03b11425aecd0b2e2a8c4d5535398ee23b74dfed9d3a96a40b79cd011006253470ac4bc326be350def09e1ffb8ae67bc68b04e99f10d41595568cc5f55104a2476067cf9063933c1e6894e755bf1020d4594f253d297923c6c500b90d572997e7f1763ecbfb0d241c14194dde1d0ce5e2a659a1f61fbe900594f86a5e9fd86c19411c8717bf53585ba0204af6bd1b6cc65f95b700ae28d750acd8374c41841e717dffb8b92bc9194cc4489d6472efb4f91aa28d8ebfa4f4f82663f0a99569f6dd5d3ea9ca529767e9c94baf0c582e78ddad9d63622ddf0dfbbd76817f88da769740a2b3d359862840ef0b0c7cf973c390ac8b92756cfc725d46e2f9eff5192633f1258e6fd074d0f25cae64b774ea4349d3ed42d92fee1295a7c5f83b44f827966496ac7e80df505096d7a90c8226a7a7550bf3419616c65987af3123e2182c3a5eae6531843882f5a7a61fc94af9b79d646f74e938f5af31b4e61e766bc97ce558942c571818d7af2634bb58c3310e6fe100bd9457e0edd042bfb15a0bd322b2359ff4196b5d804e7702e73fad0b5d8694ee1cb18c627aee1cbe4b1d153071959aac8a16fc1fff80343bc3f38e5b7159ece4a9b47a62bdc9f6055be6ea91e03fa3d0f87262bbcc1077e294120b53bde5c7f6fd92b4cd514cf833d9eb4ae8db61c3f8e87b655b1443c0aa21c09b8f00cc36e2a063af3ec67aac9fdaeedce4191a0a2cd21ff6c46990adc4cadc8f00f8f7a87e9645e20a6b0dc817731cc1ec0107d45b53910692c9d2d5af1c7c1e99749e9768eca65ade8f33379947b5ce7d9106cd0f8b2e3a64e5eb83e4741808dccc6d81727d938e10471638da944a5facb9e2aeb6ca61b9ebd848068a39620f59fd3433576e000082699f4bf645cbcb268809349d432987b8bfee6e52bb3c308799bdb72f3f04fd80f2d6db3cf838445f42bdee547e8044c880d38304140a3d3614dae4bfd9b3801fe6c480fd492b2d163362d01ba094c19e7ed1e343d368e3d084869945c71830f2c15108e23133ea776d0f024f0ebce61d29017d433a8706a7af2b078b0986a44cabc12c07e66344b9f08ecbefabdc2cb87b9ab339f44dde81dd23cc87bb91b4fbcc80049e6e503675ee46365238f8dd49e424496723cb3b4ab9aea547cd7170148e8759672e95569530c5314b4c463c832f7e3e44163139920e4d925f84f81aacb22cce8dd479213f10bd930fd24e085f12a3c4ad920934a2f68ddfe19fea4fdc81801e0ec57e5a26e061daefd5feef50d30076f4f2d7e262dded1527eed9305e02478daf869d445cb1f85c2c50c33d7076aa8ceb064331fbecb72d634db785e3fa35b9917a7fd3ba2b7d6f1116f1dc67cf0d094c561c5c2b7614738dbff875af6ec191949def4c1682ba268d5f2275c1413863f011ee3f37fdf1ed2ef08b1f510b35bfc8504fc7884d39c78191f596a3cceffceffb64bec613dd6365a4163eea8261900f10eeefbec170f4b50a1e5d810c347298b079b3f45ba63d33e4fdc63e96ec6813526ea406ac8da78dc332dc84585f217b37ca14575167b7e1beeb7502fdcc1e1922e32552ac087a647f8bcc843d5fe1895a538a1a36c92c2945c458735ceabb37ba53f535bacae92382967d09af673f2a7ae407dec577dab79620cd7e841a99beaac15583799afc9056193e1639962c01b79f7a10ba336ac9cfdee37486bf75113565efebee9b6de7c507a36e2c00cff30389d9d0ee5ec4dd11177435f70af35f081142e434bab1b6a737a1358ddd144cc0de66d5c449e955824ca368981c756c28564d71f5ec565baf4543a0348e39c3c29d85dc5331f9a14522157d785ded460b288af238e3f903fa65b4adbc75b5737804cf64355ac6bbcd4b111ed21526b3ccaaf110f36df54be0cb1aef30143f929a69165331a408a104677f8855845707de8c7414d61d5753cdeba3e09da0f61266f1650276689036062477890431fe5fe990d968506d1b6512230e3c979641def2f59ebed46012a6a502ab0b80f8de5dcfd18948a406c316fdc2a3ececc26eafefe45353d10bfa719860b5f032f813f08ad8ce9ace5d334d17d83df6184b6d072a6a08d679ce8d0dd204d424ee4a0f95616da0ba32b93eaacbf07847366dfff636fa7410c149d2909fe785b37d1b7caada153b18ce10763a18cfbd2a0325077baf5a523a39135fa41325294dd5fe2fb4439647a159c24310931189e47a71aa335267440116ac71a90c7005236f4e0a5362b42b422e5bd815ee330c625746053891fbd2ef12d08cf5d7002c1624efdc9fe251e1639d0935aaa6ab0b4c784264527c9d4297f24982fb69fcc636523db0170146b036837b2daa5453a573bd76daaec99d85251e9da0f062d851a528ffb9a44da70c3b3c8bfdd5d97187035ab2640617e438daa05bf8720272c5a1b90aeb918305370f6c4b7069fd54e4f35024716e5404e2f553fa767901604b8ad0d383276b1f9fc3a152f20f944f1e839c1d648a79794c76321d70c4cb996f0c61c01caab78c7dedabbdea28a9ddfdbf49a91d343a5425f54c38ea36190c3443e988363cd18f4640c5a70b14bbb683555ea5e1333e1d7725f02e9f6428075770ef7dc0b244954b88bbc86328d0ada59300839adb21c999ef9c07b15a6291aba47ecca23d9eef7dd8db793c2c3b1aa050946eb3af2d683e34a596aa7accbc1873aa55987f7b078f7b8beb4d7d512eaa72ac07b1282bc0bae5814a36fae575728798d42aa759cabe889303e981bb7dc781b95892440d640a4def452d023d5909ec87a1ca42829c090ef7f7afb65da6536342af1d4292e817bd680c71769e64ddf9254e745b0f2d7d43626f6f889c1facd32122b2761cf9ce7423b3f997024f4aaf7c6a7b345bf2b1e08cf5246e977f865bdec0700c8f0ae05ef9a62f72996fce20b75d99a80cf8eee4428f76020e46f25c9f469f5096ea65b00f42a4dd299feb719f5e3b52a0eed7b9df3ec95b64a05e8deeef73f7acc8b60cc29e58f300665112ae7d2e74e05cd258000241da1a1fcbbec986384197f119a6fc2b2d5f515468865ec4130745651997f6e8a73d8c469092f54498eae6cf0896280d8449ed664219c0b66b13ec4702d9416960152de1d7c9cdae1ccca32ca9c1691ff9b091d783ec7195e884a5eec7974714efc3ad48a5722efc0446dfd533fb487af319b323dca590f2c61e99431e9b2895a6d5da43e89b700ffd4df894528be1035fc260fdc4d5d2dad7002d29350af01199d3189952a551d070931884dd623c857726e15d113f66ba61f311c60a5caa6a001cd78e531e5528cbfdbcfffe32eeb8f8876259d1d330126e0a6036ae1702f152392c4813879f03e8b4cbed6509c7400384e4d3bcb05e0b8a2b842ab651cabcc702c10e25aabbcba168c916422e90fa385ad65e63a546ffb319d0de41df4df74fe915e4b9b72c3ff74124bc9b19b6865cdf44d3c78010b606ed802247c45e8b3664f792f9429d5b818cdd7636aee0f2b3c2a6d99656867fdbbbac2105854aa54c34cb3238284b353515fce4236d3df19fac8fc5cc4fc7b76b8f4e6f50bfd695f844385d9678bd422ae1ef4428afd55f808c4b5ccb717f9aa74708a72ce59fca851b40288f8e2e752ed464276724501d13d72c1275ea572c23033f2193d569ec4bd4dd34b063de83fcf4eb297372592be0ae81a587786cc983cb1b2a3350a24e4194a71f3cf305e2988af43eaad1db0c98648876f79fe20a3844b77ddde20efbbe9b047b3f8b80de0819366489a007ea3f60628f3edcf85563be51a80a84ae16fc4691d8baf2fbd6405a04369e4121f2d47988f15659156782982ffc666a487fe1b17f9361a67f84bdb3a6363f1a62b77e46cb58a597cfcbc071e9bfde46a122ccddd262886fdcceb173bcb5c7f1a067f49d9933c886ec5e4c7a7b067c2a55d53f1bf32058b19450a2425e56f578cd6aefe5aa8a67673f28561738f21d7a093564be7e1316992f8c674a73b2788605897b26f2d404f1141709c4c33bcebe494fe0c12fc184a4d65b62f2d8631cec405cf5fef8b9ea5166a4a2863809c49c17fff1cae27a30f7885a178c6f6db624540200b2826be51fcdece2b5b439399af364dfa0fdeb1c596052ad50d984e01a7786129ff815aa9635e2c129df40b1241a180706eeb5ad8405b44310ae5feae94da69e6ea063abfb0569d0b080b25da142743c00b19c78e55d0e1c5e8595062dba4c04d6952c53cfa1f9b031ee6c97f9d729ba4f44e0f36153712489883bee6f30e97d933c3617cf5f8fe88251fe9515e8f0410a8242fae4c6e3af6137061022b0b2a473ffbab07977ab3e3274a62b5403f3cfd77893dd04b2b0a5338d6f90fe6cccf81b881469ad090b48136b7937b33b41ce46692afc4036593cf6a8f6a8fcafd8fc7086ec115c6c41eaa1523922f37248913e4c9f32a793818681ca60b9a9fb988c3d17bdeba0922fa110238c5345eee91d50db01ea1384fcb156ed1b6d89b8174bfbb373c563758365dc726d6a49f6b36affd4b879892a32e7bc5352c30a4ffab698bc663e0a5d998f5e4ae1a08d278f4b458ddd66b1dd9df4d4ef2b8428adead8b477b92c6aff9542c3dc5377151978e70941c4b7d49dba12f6a6680c9fe4069a2cde73cdebb6b72f863182b09c862d300f6bf73903a5afe9ecc8e04fb708cd69da0bd89c104c597bdf5d9d7068a2a27424076151200e355ee468a3c08e0b823a8b201e2bacc083329ee36ba6321129aada8e1074466bca7ef4d9336ae81b2fef578a21b1e8ae72d3a80d1510fed1def4ef90dfadb5ad1e94390857a1e05e522e4bb8b3f661cff998bf73e7dab2ef60470a402e471b3cf97a14d29c1258df6a001024e0030e3a9eb18482bbd9a6c998d86bcd4828abced8863e3f9f59aa96fcb253a9cf09d02dccb91fb617fedb0a31b59902ed6db6646515fecc0105f49f3831cda162ed249ec053a91e18c6879d7d8bd69f94029ccd9cf61c58bc6dfe9b3c18df2eec6aedc76ed3e247578c16b7eb1d88e27c07c3a009d7ddd62c7c0e33249bd07317e23e7d86606a9f1681923b44ce2b6684cdf91e68a7f16463cb3aa4b77909505b310329ce673d4100ad97b7c5c18f7c238f8f1df51ccacad1dad72b9ecce710a5efd3c6544cd0f36e5953e86c3a61aa751678cc4dd40abe1d47d1b17642e49a41591550eb4118df23abb5e41e3996df95b8b912752d262f14e6478fd78bdf2eb9db5016850ce58e1a5f4d9a9db0794b1130495767856a7b2bb8797fb6095f47ee9494eda989e8776282cbf3282b0ef2ec66ad61b45e83806fb1ea73966edd46fe9dffe60585497b1f46f4edac891cdf8b867211502740b47ba27e9ed9794f5a6507782023797889b2f664a1f63bed97a8758510bf1b37451a61cc116e73c9ff1086555d3f6822bf86b9938d8e6a19add9d9cfdc626b4f96234f3f7d03f935d492efcd8e512c8454eb78d4a39bb0cace083fdebd3cc51d955da081ae41f290033a1f46464d8b5e5d8b6e51045bae38de49b98573b03105c1332562114236364a368562d2481d31983e75fa74259a5a55fb71574aafdfb9bcafa1b7382ea969b50b32893c55041081c546f7712ab209ef92f0471a9589d628f8f27a6d89f53a9afcf9debc2b1f828f9c2a8a5864a5aa2ef59", 0x1000}, {&(0x7f0000002e00)="1e282302952d12e1163e3b2e94e36970a63c27b6b22914acaa0befb9e09dae9601a57e58d78166efdccadfce299c100d2d4a9fc8e227c176", 0x38}, {&(0x7f0000002e40)="77300c650b661b907d36d8d516459e5ac91889341d9ded14f33f57bfdd70776b75cd6eaba733e2423c57b48cbcf5c0b8c9b0e7890300b89685caadcacf8da98d9e73fbd5a847d7530b2da1410bc7aefb728e6074d912f0c651174586cbbcad51c0b0dbf402e2b617", 0x68}, {&(0x7f0000002ec0)="175902c1140c088271be41ad02c42c550a6df6daccb083f93cb8a39819553692aa1fd2eeab596fe9b15b1ed20ba6a37597cf9be258d348a408e491fcef26cac62963e11c2afdf66c69b67667d44825cdae6a7eb9fbfa175c62c9025ddafc76ddbf09b593ffb880af53cf49ac1a5ebdf46ff67a843797ba260abc42092d751a2a278c699cf68c6ee205ff655a86234cb02b41f6707bf2d2be1389", 0x9a}, {&(0x7f0000002f80)="5a507922220b69d251c17fe7fda9ed91b8aaf50b57c634cc2133eea47905d5f41011e69126ca44e65554cccf04fbca9436aca68f544dc2b97030d2fc8b770cff51adb39b6164834fdd15f6fd0d3fcf73837178c0a4caa02882cbdf6b668c86426d6dd85c6e085b9e592505afea840dae8245d172fdfb9d9fb2a9054897723b1036b723264a015424faac5bdf4e80e9e6d1e381cc662b7fcf2f565bbc7dacf727e5aebd5ab6f99b16f9c7ad09e19976d5a50bdb0ce3466f01c6954ea76dc6d27b079f46e2d1cee35d63514480e49d1ce0c15b1e1f19af5bf3b6cdf55a50cae576147930765a8d16d5eac04deb5afe4b2582e5913dd3ad08962690e08b5d", 0xfd}], 0x5, &(0x7f0000003300)=[@rights={0x18, 0x1, 0x1, [r1]}, @rights={0x20, 0x1, 0x1, [r2, r0, r1, r2]}, @cred={0x20, 0x1, 0x2, r33, r34, r35}], 0x58, 0x44014}], 0x6, 0x0) execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000200)={0x10000, "07d30fb0e21f880fa81b5c2797a7b03b41102a9835a98080a5ad2b7c7fbc535a", 0x800, 0x400, 0x80000000, 0x2, 0x4}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000002c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0xfffffffffffffffc}, {0xfffffffffffffffc}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r3, 0x0, 0x486, &(0x7f0000000100), &(0x7f0000000280)=0xc) 06:12:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000380)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[], 0x7}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000002c0)) 06:12:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000000c0)=ANY=[@ANYBLOB="fbbae9a2327146b997e5ccb417859609bf26"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) r3 = getpgid(0x0) r4 = gettid() r5 = dup3(r0, r2, 0x80000) kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r1, &(0x7f0000000140)={r5, r2, 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:34 executing program 2: ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = epoll_create1(0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00') epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000d36ff4)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f00000000c0)) 06:12:34 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000000), 0x100000008001) 06:12:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) socketpair$nbd(0x2, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r3, 0x1) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x101000, 0x0) write$P9_RLERROR(r3, &(0x7f0000000100)={0x12, 0x7, 0x1, {0x9, ':systemlo'}}, 0x12) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000ff7000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000340)=0x10200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 530.722784] *** Guest State *** [ 530.726398] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 530.735597] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 530.744690] CR3 = 0x0000000000000000 [ 530.748469] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 530.754698] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 530.760803] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 530.767720] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 530.775878] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.784103] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.792251] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.800271] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.808513] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 530.816839] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 530.825055] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 530.833203] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 530.841225] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 530.849418] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 530.856008] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 530.863729] Interruptibility = 00000001 ActivityState = 00000000 [ 530.870008] *** Host State *** [ 530.873534] RIP = 0xffffffff812c8203 RSP = 0xffff8801774bf3c8 [ 530.879577] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 530.886234] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 530.894212] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 530.900158] CR0=0000000080050033 CR3=0000000186e78000 CR4=00000000001426f0 [ 530.907440] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 530.914306] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 530.920388] *** Control State *** [ 530.924077] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 530.930782] EntryControls=0000d1ff ExitControls=002fefff [ 530.936488] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 530.943601] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 530.950303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 530.957107] reason=80000021 qualification=0000000000000003 [ 530.963594] IDTVectoring: info=00000000 errcode=00000000 [ 530.969074] TSC Offset = 0xfffffeded6ba38b8 06:12:35 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002840)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="b7f2288a911993d5265df5cf1cdd8b55", 0x10) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000001d40)=[{{&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000240)="21790693c68470e91f53bb097ac60541", 0x10}], 0x1, &(0x7f00000005c0)}}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000000040)=[{{&(0x7f0000000140)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000001600)=[{&(0x7f0000001540)=""/165, 0x7e0}], 0x1, &(0x7f0000001680)=""/72, 0x240}}], 0x3fffffffffffffe, 0x0, &(0x7f0000002240)) [ 530.973626] EPT pointer = 0x0000000167faa01e 06:12:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_MAP(r2, 0x4018ae50, &(0x7f0000000040)={0x6, 0x7, 0x5}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:35 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000001380)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, &(0x7f0000000300)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f0000000080)=[@transaction={0x40406300, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)}}], 0x0, 0x0, &(0x7f0000000300)}) [ 531.632032] binder: 12453:12455 transaction failed 29189/-22, size 0-0 line 2855 [ 531.656182] binder_alloc: binder_alloc_mmap_handler: 12453 20ffc000-20fff000 already mapped failed -16 [ 531.702186] binder: 12453:12455 transaction failed 29189/-22, size 0-0 line 2855 [ 531.723078] binder: 12453:12461 transaction failed 29189/-22, size 0-0 line 2855 [ 531.769322] binder: undelivered TRANSACTION_ERROR: 29189 [ 531.783792] binder: undelivered TRANSACTION_ERROR: 29189 [ 531.789302] binder: undelivered TRANSACTION_ERROR: 29189 [ 531.885846] *** Guest State *** [ 531.889182] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 531.898265] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 531.907272] CR3 = 0x0000000000000000 [ 531.911021] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 531.917142] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 531.923258] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 531.929967] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 531.938163] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.946301] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.954978] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.963121] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.971241] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 531.979369] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 531.987530] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 531.995709] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 532.003855] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 532.012248] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 532.018696] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 532.026366] Interruptibility = 00000001 ActivityState = 00000000 [ 532.032781] *** Host State *** [ 532.036022] RIP = 0xffffffff812c8203 RSP = 0xffff88016c1ff3c8 [ 532.042164] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 532.048612] FSBase=00007f09ac9c2700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 532.056588] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 532.062640] CR0=0000000080050033 CR3=0000000186e78000 CR4=00000000001426e0 [ 532.069703] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 532.076521] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 532.082882] *** Control State *** [ 532.086395] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca [ 532.093222] EntryControls=0000d1ff ExitControls=002fefff [ 532.098715] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 532.105800] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 532.112617] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 532.119228] reason=80000021 qualification=0000000000000000 [ 532.125700] IDTVectoring: info=00000000 errcode=00000000 [ 532.131185] TSC Offset = 0xfffffeded6b95170 [ 532.135654] EPT pointer = 0x0000000167faa01e 06:12:38 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000001000)={{0x100000001}}) r1 = syz_open_dev$sndtimer(&(0x7f0000022ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f000000efcc)={{0x100000001}}) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000001c0)) 06:12:38 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r1, 0x28, 0x6, &(0x7f0000000080)={0x0, 0x7530}, 0x10) 06:12:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, {0x0, 0x100, 0x2, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffffe}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x1, 0x1) ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000100)={0x8, {0x9, 0x4, 0x1, 0x7, 0x6, 0x7f}}) 06:12:38 executing program 0: syz_emit_ethernet(0x14, &(0x7f0000000040)={@local, @dev, [], {@generic={0x8863, "94a7030000e8"}}}, &(0x7f0000000000)) 06:12:38 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000300)={'sit0\x00', 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x602, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r2, 0xc0505350, &(0x7f0000000280)={{0x4, 0xffff}, {0x101, 0x1}, 0x0, 0x4, 0x3}) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) signalfd4(r4, &(0x7f0000000040)={0x6}, 0x8, 0x80000) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000200)={0x4, 0x0, [{0x6, 0x7, 0x1, 0x6, 0x2}, {0xb, 0x9e4e, 0x8, 0x100000001, 0x65}, {0x8000000d, 0x8, 0x4, 0x5, 0x43}, {0x80000007, 0x3, 0x2, 0x600000000, 0xffffffffffff8000}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:12:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000300)=ANY=[@ANYBLOB="fbfd9095"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000140)={'ipddp0\x00', 0x4101}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, r3, 0x0, 0x9, &(0x7f0000000180)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30) capset(&(0x7f0000000240)={0x19980330, r4}, &(0x7f0000000280)={0x20, 0xfffffffffffffffd, 0x9, 0xfffffffffffffff9, 0x0, 0x5}) ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000000340)) setxattr$security_selinux(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='security.selinux\x00', &(0x7f0000000400)='system_u:object_r:traceroute_exec_t:s0\x00', 0x27, 0x3) 06:12:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d5c60") r1 = socket(0x10, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000002c0)={'team0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000100)={"7465616d300000ffffffc000", 0xc201}) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x1}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e24, 0x5, @ipv4={[], [], @multicast2}, 0x8}}, 0x0, 0x11, 0x0, 0x6, 0x44}, &(0x7f0000000140)=0x98) 06:12:38 executing program 2: mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) mlockall(0x7) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x0, 0x105100) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f00000001c0)={0x4, 0x10001}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa) recvfrom$inet(r1, &(0x7f00000004c0)=""/4096, 0x1000, 0x40, 0x0, 0x0) keyctl$get_security(0x11, 0x0, &(0x7f0000000300)=""/119, 0x77) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f00000014c0)=""/153, &(0x7f0000001580)=0x99) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f00000002c0)={@rand_addr=0xfffffffffffffffb, @multicast1, @remote}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000140)={@multicast2, @loopback, @loopback}, 0xc) renameat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000400)='./file0\x00') openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) 06:12:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000000c0)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180)=r3, 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 535.053641] IPVS: length: 153 != 24 06:12:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 535.144175] *** Guest State *** [ 535.147629] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 535.156786] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 535.165826] CR3 = 0x0000000000000000 [ 535.169576] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 535.175798] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 535.181956] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 535.188738] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 535.196965] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.205100] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.213359] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.221388] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.229624] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 535.237849] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 535.246073] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 535.254224] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 535.262441] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 535.270472] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 535.277094] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 535.284690] Interruptibility = 00000001 ActivityState = 00000000 [ 535.290940] *** Host State *** [ 535.294340] RIP = 0xffffffff812c8203 RSP = 0xffff88016ac8f3c8 [ 535.300365] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 535.306977] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 535.314978] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 535.320905] CR0=0000000080050033 CR3=0000000177c49000 CR4=00000000001426f0 [ 535.328117] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 535.334957] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 535.341037] *** Control State *** [ 535.344730] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 535.351434] EntryControls=0000d1ff ExitControls=002fefff [ 535.357135] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 535.364275] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 535.370979] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 535.377780] reason=80000021 qualification=0000000000000003 [ 535.384301] IDTVectoring: info=00000000 errcode=00000000 [ 535.389781] TSC Offset = 0xfffffedc7915dfa4 [ 535.394310] EPT pointer = 0x00000001a677401e 06:12:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RREADLINK(r1, &(0x7f00000000c0)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) 06:12:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x10000, 0x0) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={r3, 0x32}, &(0x7f00000002c0)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r5 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) setsockopt$inet6_mreq(r5, 0x29, 0x14, &(0x7f0000000200)={@dev={0xfe, 0x80, [], 0xf}, r6}, 0x14) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 535.853937] IPVS: length: 153 != 24 [ 535.973984] *** Guest State *** [ 535.977663] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 535.986770] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 535.995759] CR3 = 0x0000000000000000 [ 535.999513] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 536.005724] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 536.012022] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 536.018737] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 536.027015] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.035149] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.043338] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.051367] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.059557] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 536.067679] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 536.075893] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 536.084016] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 536.092203] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 536.100209] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 536.106815] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 536.114428] Interruptibility = 00000001 ActivityState = 00000000 [ 536.120707] *** Host State *** [ 536.124171] RIP = 0xffffffff812c8203 RSP = 0xffff8801abfef3c8 [ 536.130220] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 536.136818] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 536.144926] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 536.150856] CR0=0000000080050033 CR3=000000017a897000 CR4=00000000001426e0 [ 536.158094] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 536.164922] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 536.171016] *** Control State *** [ 536.174675] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 536.181378] EntryControls=0000d1ff ExitControls=002fefff [ 536.187063] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 536.194156] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 536.200886] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 536.207703] reason=80000021 qualification=0000000000000003 [ 536.214208] IDTVectoring: info=00000000 errcode=00000000 [ 536.219691] TSC Offset = 0xfffffedc053f6320 06:12:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000200)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 536.224205] EPT pointer = 0x00000001736ea01e [ 536.480774] 8021q: adding VLAN 0 to HW filter on device team0 06:12:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000040)={@local, 0x7, 0x0, 0x3, 0x0, 0x7fffffff, 0x2, 0x7}, &(0x7f0000000100)=0x20) ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f0000000200)={'dummy0\x00', {0x2, 0x4e22, @multicast2}}) [ 537.495004] 8021q: adding VLAN 0 to HW filter on device team0 06:12:43 executing program 1: r0 = epoll_create(0x200) pipe2(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) openat$cgroup_type(r1, &(0x7f0000000400)='cgroup.type\x00', 0x2, 0x0) fcntl$addseals(r0, 0x409, 0xc) r2 = fcntl$dupfd(r0, 0x406, r0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000180)={0x0, 0xc6, "d5bcafeb97b1226d4023350ea45b7b0948070ce91ac997a75da9b4d9ac9a93e05d8dfd247cb6711654063df2085ab4639f7f507822d58b1a8a1100113ce5e91e8fc8327c57ed71f0490ef51ef0d8058c92fa9602c472100fe4f85e0784909a37a7f38883215c88459cc2ffb5007c66d8dbe8ab01b33f2bad1a56b351a6cd991d860e59a254e4a2a6d162b2fdd827466da9f803c82b309c701ce4548bdb9a2063a020ca43ffd371255b9b913579881ebcffd278ab51b988f69e679e543b0e469d2fb07902de48"}, &(0x7f0000000280)=0xce) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000002c0)={r3, 0x55, "538011cdc9253897d5a8ad62fef7acc626db2a7724972196be80554f5b6d8f80e45736436c088ef38f43f59957668c33c956333da9bd3dfb30c155b1e0b71787a4927202a481cb85a734f94633683eb22030ab430e"}, &(0x7f0000000340)=0x5d) accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r4, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={0x0, r5, 0x1, 0x2}, 0x14) 06:12:43 executing program 2: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000f12000)={0x400000010, 0x0, 0x0, 0x70a1}, 0xc) 06:12:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) getpeername(0xffffffffffffff9c, &(0x7f0000000200)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000040)=0x80) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000100)={0x81}, 0x1) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:43 executing program 0: perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000f12000)={0x400000010, 0x0, 0x0, 0x70a1}, 0xc) getsockopt$netlink(r0, 0x10e, 0x9, &(0x7f0000000000)=""/6, &(0x7f00001bb000)=0x6) 06:12:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = getpgrp(0x0) kcmp$KCMP_EPOLL_TFD(r3, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 540.031299] *** Guest State *** [ 540.034857] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 540.043908] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 540.052930] CR3 = 0x0000000000000000 [ 540.056689] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 540.062910] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 540.069013] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 540.075875] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 540.084049] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 540.092213] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 540.100239] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 540.108416] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 540.116660] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 540.124880] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 540.133088] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 540.141106] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 540.149337] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 540.157525] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 540.164169] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 540.171795] Interruptibility = 00000001 ActivityState = 00000000 [ 540.178052] *** Host State *** [ 540.181286] RIP = 0xffffffff812c8203 RSP = 0xffff88016c1ff3c8 [ 540.187545] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 540.194177] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 540.202190] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 540.208142] CR0=0000000080050033 CR3=000000016cf3c000 CR4=00000000001426f0 [ 540.215390] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 540.222226] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 540.228307] *** Control State *** [ 540.231975] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 540.238791] EntryControls=0000d1ff ExitControls=002fefff [ 540.244469] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 540.251472] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 540.258364] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 540.265112] reason=80000021 qualification=0000000000000003 [ 540.271465] IDTVectoring: info=00000000 errcode=00000000 [ 540.277157] TSC Offset = 0xfffffed9db0e7075 06:12:44 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r0, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x80) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x37) sendto$inet6(r0, &(0x7f0000f6f000), 0x5b37ca81a71c1086, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) close(r0) getsockopt$inet6_int(r0, 0x29, 0xff, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = accept4(r1, 0x0, &(0x7f0000000000), 0x0) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x40) shutdown(r2, 0x1) recvmmsg(r0, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0x80, &(0x7f0000006100), 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0) [ 540.281518] EPT pointer = 0x000000011e04201e 06:12:44 executing program 2: socket$inet6(0xa, 0x800, 0x2) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) getresgid(&(0x7f0000000180), &(0x7f0000000380), &(0x7f00000004c0)) setgroups(0x1, &(0x7f00000006c0)=[0x0]) recvmmsg(0xffffffffffffffff, &(0x7f0000006840)=[{{&(0x7f0000000700)=@nfc_llcp, 0x80, &(0x7f0000000680), 0x0, &(0x7f0000000840), 0x0, 0xd}}, {{&(0x7f0000000d80)=@alg, 0x80, &(0x7f0000000c80), 0x0, &(0x7f0000001140)=""/154, 0x9a}, 0xd5a3}, {{&(0x7f0000001a80)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000004540)=""/4096, 0x1000}], 0x1}}], 0x3, 0x0, &(0x7f0000000cc0)) r0 = socket$inet6(0xa, 0x400000000001, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6) r1 = dup(r0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) timer_create(0x0, &(0x7f0000000500)={0x0, 0x0, 0x4, @tid=0xffffffffffffffff}, &(0x7f0000000540)) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) lseek(0xffffffffffffffff, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x1fe, 0x4) ftruncate(r2, 0x80003) sendfile(r0, r2, &(0x7f00000000c0), 0x8000fffffffe) pipe(&(0x7f0000000080)) write(0xffffffffffffffff, &(0x7f00000001c0), 0xffffffea) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0) recvmmsg(r1, &(0x7f0000003440)=[{{&(0x7f0000001840)=@ax25, 0x80, &(0x7f0000001d80), 0x0, &(0x7f0000001e40)=""/169, 0x42}}], 0x21b, 0x2000, &(0x7f0000003500)={0x0, 0x1c9c380}) 06:12:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(r0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x4040, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000009000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="640f06b9ba0900000f32b8010000000f01d90f00db660faeb00e000000b98b020000b895000000ba000000000f3065f3d87bd5f48fe878c3aa1d000000000f06", 0x40}], 0x1, 0x7c, &(0x7f0000000240)=[@vmwrite={0x8, 0x0, 0x5, 0x0, 0xffffffffffffff0c, 0x0, 0x4, 0x0, 0x9}], 0x1) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1fffffffe, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 540.748976] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 06:12:44 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r0, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x80) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x37) sendto$inet6(r0, &(0x7f0000f6f000), 0x5b37ca81a71c1086, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) close(r0) getsockopt$inet6_int(r0, 0x29, 0xff, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = accept4(r1, 0x0, &(0x7f0000000000), 0x0) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x40) shutdown(r2, 0x1) recvmmsg(r0, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0x80, &(0x7f0000006100), 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0) 06:12:45 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="fb87296c9cdfcb9c32a44c1d86309e8d3000190a902fdf94aef995fa3c2ef935363e406b6fcd84a70d8c416fd3a844c10c7a949aa954b2ab4cebcd84c77aedf5e58cf7585f7a3e712291a0492a4bb231564925702707cca5fd517ed32f0481d24140840be519aec3e980ca485b0716588720b9f6725eaaea2981521ef211b9a991afd09412052dc1e49193a54478a02c40c88ef6e96079923e86cdf30dc9cd953c88e4640feb2d86593473f21da0caf5ca242418064dc157b213"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:45 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000001380)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, &(0x7f0000000300)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f0000000080)=[@transaction={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f00000001c0)}}], 0x0, 0x0, &(0x7f0000000300)}) [ 541.357029] binder: 12634:12636 got reply transaction with bad transaction stack, transaction 17 has target 12634:0 [ 541.368031] binder: 12634:12636 transaction failed 29201/-71, size 0-0 line 2777 [ 541.504904] binder_alloc: binder_alloc_mmap_handler: 12634 20ffc000-20fff000 already mapped failed -16 [ 541.553156] binder: BINDER_SET_CONTEXT_MGR already set [ 541.558690] binder: 12634:12636 ioctl 40046207 0 returned -16 [ 541.597966] binder_alloc: 12634: binder_alloc_buf, no vma [ 541.603944] binder: 12634:12643 transaction failed 29189/-3, size 0-0 line 2970 [ 541.618151] binder: 12634:12636 got reply transaction with no transaction stack [ 541.625942] binder: 12634:12636 transaction failed 29201/-71, size 0-0 line 2762 [ 541.650337] binder: release 12634:12636 transaction 17 out, still active [ 541.657461] binder: undelivered TRANSACTION_COMPLETE [ 541.662807] binder: undelivered TRANSACTION_ERROR: 29201 [ 541.698056] binder: undelivered TRANSACTION_ERROR: 29201 [ 541.704042] binder: undelivered TRANSACTION_ERROR: 29189 [ 541.709633] binder: send failed reply for transaction 17, target dead 06:12:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000140)=ANY=[@ANYBLOB="00fd2a5f89c47071db0afc5372f0a7ed8dd7d1426dca6a8423c4a45c79ed325768bd2ecd22d5708734d5f3d371a9c51849075ae0eaa5761ae34f82d73ef1bb30dfef4e7c089f2c303c96aafc79e175bff2f7772d746de09a076a8abe9c586e0b4d4c04c8b5b9"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = accept$alg(0xffffffffffffff9c, 0x0, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, &(0x7f00000000c0)={'teql0\x00', {0x2, 0x4e23}}) 06:12:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f0000001ac0)='/dev/dmmidi#\x00', 0x0, 0x40000) getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000001b00)={'ipvs\x00'}, &(0x7f0000001b40)=0x1e) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x2008c0, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)={&(0x7f0000000040)='./file0\x00', r4}, 0x10) 06:12:48 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x200) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000240)={0xfffffffffffffff7, {{0xa, 0x4e22, 0x4, @mcast2, 0xf174}}}, 0x88) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) semget(0x3, 0x4, 0x600) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000300)='y\x00', 0x2, 0x2) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000340)={0x0, @local, @multicast2}, &(0x7f0000000380)=0xc) execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$BLKIOMIN(r2, 0x1278, &(0x7f0000000080)) socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f00000001c0)={{0xa, 0x4e23, 0x19f, @dev={0xfe, 0x80, [], 0xb}, 0x8001}, {0xa, 0x4e24, 0xb52, @mcast1, 0x6}, 0x0, [0x101, 0x6, 0xe1c9, 0x7ff, 0x100000000000000, 0x401, 0x2, 0x10001]}, 0x5c) 06:12:48 executing program 2: pivot_root(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000480)='./bus\x00') setgroups(0x0, &(0x7f00000006c0)) perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) lseek(0xffffffffffffffff, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x1fe, 0x4) ftruncate(r2, 0x80003) sendfile(r0, r2, &(0x7f00000000c0), 0x8000fffffffe) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r1, &(0x7f0000003440)=[{{&(0x7f0000001840)=@ax25, 0x80, &(0x7f0000001d80), 0x0, &(0x7f0000001e40)=""/169, 0x42}}], 0x21b, 0x2000, &(0x7f0000003500)={0x0, 0x1c9c380}) 06:12:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000002c0)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_open_dev$sndmidi(&(0x7f0000000280)='/dev/snd/midiC#D#\x00', 0x8, 0x200000) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x80000) accept4$unix(r3, 0x0, &(0x7f0000000240), 0x80800) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f0000000100)={0x0, 0x400}) 06:12:48 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r0, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x80) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x37) sendto$inet6(r0, &(0x7f0000f6f000), 0x5b37ca81a71c1086, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) close(r0) getsockopt$inet6_int(r0, 0x29, 0xff, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = accept4(r1, 0x0, &(0x7f0000000000), 0x0) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x40) shutdown(r2, 0x1) recvmmsg(r0, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0x80, &(0x7f0000006100), 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0) 06:12:48 executing program 2: 06:12:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip6_mr_vif\x00') getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}, [0x6, 0x80000000, 0x80000001, 0x3ff, 0x9, 0x3f, 0x7fffffff, 0x5, 0x58100000000000, 0x8f6, 0xd3, 0x5, 0x2, 0xbd, 0x3]}, &(0x7f0000000140)=0x100) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000180)={r2, 0xa1, 0x40000, 0x400, 0x1, 0x1a5b}, 0x14) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:12:48 executing program 2: [ 544.934426] *** Guest State *** [ 544.937964] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 544.947559] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 544.956550] CR3 = 0x0000000000000000 [ 544.960323] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 544.966660] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 544.972790] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 544.979505] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 544.987676] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 544.995899] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.004026] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.012256] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.020277] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.028442] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 545.036635] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 545.044756] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 545.052902] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 545.060910] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 545.067597] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 545.075197] Interruptibility = 00000001 ActivityState = 00000000 [ 545.081466] *** Host State *** [ 545.084806] RIP = 0xffffffff812c8203 RSP = 0xffff880167bdf3c8 [ 545.090838] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 545.097840] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 545.105874] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 545.111947] CR0=0000000080050033 CR3=000000016a00e000 CR4=00000000001426e0 [ 545.119020] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 545.125930] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 545.132148] *** Control State *** [ 545.135640] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 545.142496] EntryControls=0000d1ff ExitControls=002fefff [ 545.148002] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 545.155120] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 545.162188] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 545.168812] reason=80000021 qualification=0000000000000003 [ 545.175326] IDTVectoring: info=00000000 errcode=00000000 [ 545.180812] TSC Offset = 0xfffffed73d8cc3e7 [ 545.185307] EPT pointer = 0x0000000169d7701e 06:12:49 executing program 2: 06:12:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x400000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) clock_gettime(0x7, &(0x7f0000000100)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r0, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x80) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x37) sendto$inet6(r0, &(0x7f0000f6f000), 0x5b37ca81a71c1086, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) close(r0) getsockopt$inet6_int(r0, 0x29, 0xff, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = accept4(r1, 0x0, &(0x7f0000000000), 0x0) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x40) shutdown(r2, 0x1) recvmmsg(r0, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0x80, &(0x7f0000006100), 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0) 06:12:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x7ff, 0x64a440) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x28a02, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000240), &(0x7f0000000100)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r4 = gettid() fcntl$lock(r2, 0x26, &(0x7f0000000140)={0x0, 0x3, 0x2, 0x8, r4}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 545.623325] *** Guest State *** [ 545.626701] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 545.635837] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 545.644915] CR3 = 0x0000000000000000 [ 545.648671] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 545.654820] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 545.660851] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 545.667691] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 545.675840] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.684091] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.692256] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.700294] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.709644] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 545.717831] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 545.725987] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 545.734158] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 545.742314] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 545.750331] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 545.756906] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 545.764511] Interruptibility = 00000001 ActivityState = 00000000 [ 545.770766] *** Host State *** [ 545.774142] RIP = 0xffffffff812c8203 RSP = 0xffff880167bdf3c8 [ 545.780171] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 545.787234] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 545.795177] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 545.801122] CR0=0000000080050033 CR3=000000016a00e000 CR4=00000000001426f0 [ 545.808315] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 545.815143] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 545.821231] *** Control State *** [ 545.824873] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca [ 545.831579] EntryControls=0000d1ff ExitControls=002fefff [ 545.837209] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 545.844294] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 545.850996] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002 [ 545.857727] reason=80000021 qualification=0000000000000000 [ 545.864182] IDTVectoring: info=00000000 errcode=00000000 [ 545.869787] TSC Offset = 0xfffffed73d8c4b6f [ 545.874289] EPT pointer = 0x0000000169d7701e 06:12:52 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffc, 0x4000) accept$inet(r2, 0x0, &(0x7f0000000280)) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000080)={0x0, 0xfd}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)=ANY=[@ANYRES32=r4, @ANYBLOB="5c4b7244dfb5dea3ed26519948229deec1445f6bb0952c2d25380bfbe0d2e4361a13a0252bdec2ad337ac5328ea4aaa507a857132f371a11098a49aa909c43b88cdea4eefbc567c63002efbdf55994315013d110c04e64f969ac817c3db52b6393afbe40ea9a5ecd0ee0291efa51a345c06709508d6f6dee092242eec329fc3ca8719c38e11a4c6f751ac13bae66363de3cd155a9bfb384d6457d067a804272115d7f93bf93161a8445607a9b53d15982e3ee4529564b5166d2bb128f87f5384599ca968042d427be7bf3a21721506b5811d5171a06e14f36d2ee989e53a15ae7d88b07ed986c13110daa62e0977416847ad26bbb35a4dc1ce485cbf"], &(0x7f0000000200)=0xe) 06:12:52 executing program 2: 06:12:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x80440, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x8, 0x7}, &(0x7f0000000200)=0x10) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f00000002c0)={r3, 0x8}, 0xfffffffffffffe4e) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:12:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000200)={'filter\x00'}, &(0x7f0000000040)=0x78) r1 = syz_open_dev$audion(&(0x7f0000000480)='/dev/audio#\x00', 0x80000000, 0x20000) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x8000, 0x30, 0xffffffff, 0x386b8236}, &(0x7f0000000500)=0x18) socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000540)={r2, 0x1}, &(0x7f0000000580)=0x8) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x9, 0x101000) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000280)={{{@in=@loopback, @in6=@ipv4={[], [], @broadcast}}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000440)=0xe8) 06:12:52 executing program 0: [ 548.653593] *** Guest State *** [ 548.657094] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 548.666165] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 548.675165] CR3 = 0x0000000000000000 [ 548.678913] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 548.685147] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 548.691240] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 548.698201] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 548.706343] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 548.714655] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 548.722824] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 548.730838] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 548.739046] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 548.747189] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 548.755354] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 548.763702] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 548.771905] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 548.779914] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 548.786538] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 548.794171] Interruptibility = 00000001 ActivityState = 00000000 [ 548.800423] *** Host State *** 06:12:52 executing program 0: 06:12:52 executing program 2: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000540)) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) [ 548.803857] RIP = 0xffffffff812c8203 RSP = 0xffff88016a3ff3c8 [ 548.809888] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 548.816545] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 548.824648] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 548.830581] CR0=0000000080050033 CR3=000000016ae43000 CR4=00000000001426e0 [ 548.837823] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 548.844651] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 548.850725] *** Control State *** [ 548.854377] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 548.861087] EntryControls=0000d1ff ExitControls=002fefff [ 548.866792] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 548.873939] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 548.880653] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 548.887439] reason=80000021 qualification=0000000000000003 [ 548.893940] IDTVectoring: info=00000000 errcode=00000000 [ 548.899435] TSC Offset = 0xfffffed53f1a3f05 [ 548.903983] EPT pointer = 0x000000016903601e 06:12:53 executing program 0: 06:12:53 executing program 2: 06:12:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x2, 0x400002) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000100)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_S390_UCAS_MAP(r2, 0x4018ae50, &(0x7f0000000040)={0xcd, 0x46, 0x9}) 06:12:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:56 executing program 0: 06:12:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:56 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x6) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x200000, 0x0) r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x40, r2, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x8}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000081}, 0x20000000) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:12:56 executing program 2: 06:12:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x2, 0x200000) ioctl$DRM_IOCTL_SET_MASTER(r3, 0x641e) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:56 executing program 3: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) r1 = socket$unix(0x1, 0x2, 0x0) r2 = epoll_create1(0x80000) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xd, &(0x7f0000000680)='vboxnet1em1*\x00'}, 0x30) lstat(&(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = fcntl$getown(0xffffffffffffffff, 0x9) getresuid(&(0x7f0000000880), &(0x7f00000008c0)=0x0, &(0x7f0000000900)) lstat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r10 = socket$nl_crypto(0x10, 0x3, 0x15) r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000bc0)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xb8, 0x4, {"f50ea882370013320474c84891614f490c0ad958c49712e8f0feb047e8989d6e6bbccf1227f8a440f076aa411a7767b8fe4e0bfb8db26bc63efe5bee344516759dfe323dda2d53d45381221ffe6b53bbb251639e9fb35703a14f2329e11a278d200c9856f8aae7cb0602313422c9442241f91dd243de8554fa7e238a5e99555d1bf5a5a2d90e5e4b66d2d851fafc64929dbecdf52d7c73115aaee3079319b8"}}, {0x0, "b74dfa1b1447ff6524ac75ab05e6a88014b0bf4c771cfb2852ecae3b7f751821b04d602b0c530b77601c97eb4f2c2e98c795e6e601cf6c45912d94531c6ff423018ea6527a04f798c4f3044f8214f911b370e5b9873e384151f8f31ef079ec845d9f7cd318641f852f4fa22ea0b12dd7caf35e9f"}}, &(0x7f0000000b40)=""/127, 0x12e, 0x7f, 0x1}, 0x20) r12 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000c00)='/proc/self/attr/current\x00', 0x2, 0x0) r13 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000c40)='cgroup.type\x00', 0x2, 0x0) r14 = syz_open_pts(0xffffffffffffff9c, 0x100) r15 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/autofs\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000cc0)={0x80000001, 0x2, 0x0, 0xffffffffffffffff}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000d00)={0x0}, &(0x7f0000000d40)=0xc) r18 = geteuid() lstat(&(0x7f0000000d80)='./file0\x00', &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socketpair(0xa, 0x100000000800, 0x9, &(0x7f0000000e40)={0xffffffffffffffff, 0xffffffffffffffff}) r21 = openat$md(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/md0\x00', 0x0, 0x0) r22 = bpf$PROG_LOAD(0x5, 0xfffffffffffffffe, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000ec0)={0x0, 0x80000, 0xffffffffffffffff}) r24 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000f00)='/proc/self/attr/sockcreate\x00', 0x2, 0x0) r25 = syz_open_dev$sndtimer(&(0x7f0000000f40)='/dev/snd/timer\x00', 0x0, 0x40000) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000f80)={0x4, 0xffffffffffffff9c}) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000fc0)=0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001000)={{{@in=@broadcast, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000001100)=0xe8) r29 = getgid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001140)=0x0) r31 = getuid() getresgid(&(0x7f0000001180)=0x0, &(0x7f00000011c0), &(0x7f0000001200)) sendmsg$unix(r0, &(0x7f0000001380)={&(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000040)="9fe7ae31b53d54b3bd3fd445650709373365eb235ffabe8f46a1", 0x1a}, {&(0x7f0000000280)="52b2cd136a6139822ea52ae8d805cee17deca29b4c116a8785346861c7f18e8e899563143d04f01831a551b8b256a18e881db45ff1d5ff00bfcac2501ac6fcb7d846488dcb650acfce67ef84", 0x4c}, {&(0x7f0000000100)="556accf41d0919adba16ccbd", 0xc}, {&(0x7f0000000300)="9ccfaf152f3d2f74bf3b0d8650a28fc3739a98959bcdbd3ddd1d0501d66fb6494d5c911fa719558dcb1acaeba1bdf53c6e61456faa37d4e4b51ca4cc6ce6c1f68e64a362354d8bfa5d04b5762e2875bfb3d289dd45090377421e46185734da8da7f67b75ba05a7e2aff33ff6016960b068a1c66e22591f109c95b58ad7", 0x7d}, {&(0x7f0000000440)="22a0be70bfdeba5caf6cf5458794896f43497bd278fb1fa516c7feeaed271a9e373b5c2a4fc63710d28825f84c73fe190c1077679dbadc84eacab2560c0af32ed97f83f07e53ba5183001adf1223f29e48cd738124e925436d931748c35deebdc23aea0e9332afe4e3c6c4b3dc119f1247a38f078a446957e0b8217ef9d283197e77f00271bc8aa5f63fa8f8e7f179049023", 0x92}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="2001000000000000010000000100000023ee855ed4dbb9dd68ef0c0a5010c53402671c6fa910f7de604e2cab2e114ad8b1721b969e7eae71b503704370a21ba8", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r12, @ANYRES32=r13, @ANYBLOB="20000000000000000100000001000000", @ANYRES32=r14, @ANYRES32=r15, @ANYRES32=r16, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r17, @ANYRES32=r18, @ANYRES32=r19, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r20, @ANYRES32=r21, @ANYRES32=r22, @ANYRES32=r23, @ANYRES32=r24, @ANYRES32=r25, @ANYRES32=r26, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r27, @ANYRES32=r28, @ANYRES32=r29, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r30, @ANYRES32=r31, @ANYRES32=r32, @ANYBLOB='\x00\x00\x00\x00'], 0x130, 0x1}, 0x40000) r33 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r34 = ioctl$KVM_CREATE_VM(r33, 0xae01, 0x0) r35 = ioctl$KVM_CREATE_VCPU(r34, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r34, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r35, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r34, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r34, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r35, 0xae80, 0x0) [ 552.485407] *** Guest State *** [ 552.488867] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 552.498072] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 552.507103] CR3 = 0x0000000000000000 [ 552.510864] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 552.517034] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 552.523205] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 552.530016] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 552.538272] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.546441] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.554647] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.562828] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.570849] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.579013] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 552.587506] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 552.595771] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 552.603937] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 552.612153] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 552.618599] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 552.626274] Interruptibility = 00000001 ActivityState = 00000000 [ 552.632694] *** Host State *** [ 552.635933] RIP = 0xffffffff812c8203 RSP = 0xffff880167b3f3c8 [ 552.642142] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 552.648597] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 552.656641] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 552.662767] CR0=0000000080050033 CR3=00000001abb56000 CR4=00000000001426f0 [ 552.669826] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 552.676704] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 552.682907] *** Control State *** [ 552.686400] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 552.693297] EntryControls=0000d1ff ExitControls=002fefff [ 552.698787] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 552.705974] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 552.712868] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 552.719500] reason=80000021 qualification=0000000000000003 [ 552.726068] IDTVectoring: info=00000000 errcode=00000000 [ 552.731780] TSC Offset = 0xfffffed3304facb7 06:12:56 executing program 0: [ 552.736135] EPT pointer = 0x000000016918801e 06:12:56 executing program 2: [ 552.875270] *** Guest State *** [ 552.878633] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 552.887748] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 552.896743] CR3 = 0x0000000000000000 [ 552.900575] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 552.906718] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 552.912920] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 552.919710] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 552.927857] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.936004] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.944190] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.952796] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 552.960816] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 06:12:57 executing program 2: [ 552.969010] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 552.977144] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 552.985352] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 552.993477] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 553.001487] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 553.008089] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 553.015804] Interruptibility = 00000001 ActivityState = 00000000 [ 553.022219] *** Host State *** [ 553.025462] RIP = 0xffffffff812c8203 RSP = 0xffff88016604f3c8 [ 553.031490] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 553.038157] FSBase=00007f09ac980700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 553.046112] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 553.052185] CR0=0000000080050033 CR3=00000001abb56000 CR4=00000000001426e0 [ 553.059240] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 553.066107] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 553.072303] *** Control State *** 06:12:57 executing program 0: [ 553.075802] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 553.082648] EntryControls=0000d1ff ExitControls=002fefff [ 553.088137] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 553.095289] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 553.102123] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 553.108763] reason=80000021 qualification=0000000000000003 [ 553.115409] IDTVectoring: info=00000000 errcode=00000000 [ 553.120900] TSC Offset = 0xfffffed2fc7e0c64 [ 553.125366] EPT pointer = 0x000000016730c01e 06:12:57 executing program 2: 06:12:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x10200, 0x1, 0x7002, 0x1000, &(0x7f0000007000/0x1000)=nil}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100), &(0x7f0000000240)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhci\x00', 0x800, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000200)={0x7, 0x1b, 0x1}, 0x7) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) close(r0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:12:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) r3 = syz_open_dev$admmidi(&(0x7f0000000200)='/dev/admmidi#\x00', 0x6, 0x42000) ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, &(0x7f0000000240)={'syzkaller1\x00', 0x5}) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:00 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x10020000, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) socket$pptp(0x18, 0x1, 0x2) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000180)=""/2) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000080)) execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) r3 = getegid() fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r3, r4) 06:13:00 executing program 0: 06:13:00 executing program 2: 06:13:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) r3 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x50) ioctl$EVIOCSABS2F(r3, 0x401845ef, &(0x7f0000000140)={0x2, 0x8, 0x1, 0x2, 0x10000, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x1ffffe, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x9fc, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x81, 0x200) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x3) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 556.863168] *** Guest State *** [ 556.866634] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 556.875743] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 556.884748] CR3 = 0x0000000000000000 [ 556.888519] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 556.894735] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 556.900745] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 06:13:00 executing program 2: [ 556.907708] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 556.915849] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 556.924056] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 556.932212] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 556.940233] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 556.948532] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 556.956723] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 556.965575] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 556.973735] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 556.981911] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 556.989944] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 556.996572] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 557.004178] Interruptibility = 00000001 ActivityState = 00000000 [ 557.010436] *** Host State *** [ 557.013861] RIP = 0xffffffff812c8203 RSP = 0xffff880175f3f3c8 [ 557.019889] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 557.026535] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 557.034570] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 557.040501] CR0=0000000080050033 CR3=00000001ac1eb000 CR4=00000000001426f0 [ 557.047751] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 557.054581] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 557.060653] *** Control State *** [ 557.064393] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 557.071088] EntryControls=0000d1ff ExitControls=002fefff [ 557.076760] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 557.083839] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 557.090539] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 557.097311] reason=80000021 qualification=0000000000000003 [ 557.103765] IDTVectoring: info=00000000 errcode=00000000 [ 557.109277] TSC Offset = 0xfffffed0d8277d35 06:13:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="c442ddbf4608430f01df6598c4a1fa2c9e060000000f060f185c38000f01b60000010066baf80cb8250e938eef66bafc0cb003ee67460fa166470fe3b700900000", 0x41}], 0x1, 0x9, &(0x7f0000000280), 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 557.113796] EPT pointer = 0x000000016ab8101e 06:13:01 executing program 0: 06:13:01 executing program 2: 06:13:01 executing program 0: 06:13:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) ioctl$PPPIOCGL2TPSTATS(r3, 0x80487436, &(0x7f0000000200)="d71812b6abdaec0ea7fc051d40b41de050c6b0879af838ef76789f7c31983424fdd9880cb6222f356389426d1b746e5fb1250f128b0a40df42e142490e314c760150bcebfee536e6f8bcbc75bf592a31bd75114cd9514593991d595fc319a1e9bdafb74b985d308b8d9deab6b5f17058b1fa6145f6d811fbbc5a226ab0fcf1a407c59281b838a51c3d8a") 06:13:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) fcntl$notify(r1, 0x402, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:04 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000400)={0xc06, {{0xa, 0x4e22, 0x2, @mcast1, 0x7}}, 0x1, 0x5, [{{0xa, 0x4e24, 0x400000000000, @mcast1, 0x5}}, {{0xa, 0x4e23, 0x2, @local, 0x8}}, {{0xa, 0x4e21, 0x6, @empty, 0x7ff}}, {{0xa, 0x4e21, 0x282, @mcast1, 0x3f8}}, {{0xa, 0x4e20, 0x6, @local, 0x8000}}]}, 0x310) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:04 executing program 2: 06:13:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="dd"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:04 executing program 0: 06:13:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000200)='/dev/admmidi#\x00', 0x80000000, 0x0) ioctl$RTC_EPOCH_SET(r2, 0x4008700e, 0xffff) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x200000, 0x0) ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000100)={0x2, 0x101}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:04 executing program 2: 06:13:04 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000000)=0x100000, 0x100000008001) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000140)={{0x0, 0x13ab4f3, 0x8001, 0x1}, 'syz0\x00', 0x24}) personality(0x0) 06:13:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000240)=ANY=[@ANYBLOB="1873a10d84e05379"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getpeername$inet6(r3, &(0x7f0000000140), &(0x7f0000000180)=0x1c) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x8000, 0x0) 06:13:04 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x400000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) dup2(r1, r0) 06:13:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x3, 0x3}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) getpeername(r1, &(0x7f0000000280)=@generic, &(0x7f0000000300)=0x80) fcntl$getownex(r2, 0x10, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000040)={0x1, 0x5}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000440)={0x0, 0x0, 0x2080}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000040)={0x500000000, 0x72a8, 0x7}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:05 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, &(0x7f0000000300)}) ioctl$BINDER_WRITE_READ(r0, 0x40046208, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000300)}) [ 561.415409] binder: 12948:12949 transaction failed 29189/-22, size 0-0 line 2855 [ 561.441802] binder: undelivered TRANSACTION_ERROR: 29189 [ 561.481127] binder: 12948:12949 transaction failed 29189/-22, size 0-0 line 2855 [ 561.555216] binder: undelivered TRANSACTION_ERROR: 29189 06:13:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) r3 = dup3(r0, r0, 0x80000) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=@deltaction={0x1bc, 0x31, 0x520, 0x70bd27, 0x25dfdbfb, {0x0, 0x1, 0x20}, [@TCA_ACT_TAB={0x7c, 0x1, [{0x14, 0x12, @TCA_ACT_KIND={0xc, 0x1, 'csum\x00'}}, {0x10, 0x13, @TCA_ACT_KIND={0x8, 0x1, 'xt\x00'}}, {0x14, 0xd, @TCA_ACT_KIND={0xc, 0x1, 'gact\x00'}}, {0x10, 0x11, @TCA_ACT_KIND={0x8, 0x1, 'xt\x00'}}, {0x10, 0xd, @TCA_ACT_INDEX={0x8, 0x3, 0x5e}}, {0x10, 0x1d, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x13, @TCA_ACT_INDEX={0x8, 0x3, 0x81}}]}, @TCA_ACT_TAB={0x88, 0x1, [{0x10, 0x1f, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0xa, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffffffffffa}}, {0x10, 0x1b, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x4, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x19, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0xb, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x14, 0x13, @TCA_ACT_KIND={0xc, 0x1, 'csum\x00'}}, {0x10, 0x13, @TCA_ACT_INDEX={0x8, 0x3, 0x400}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0x14, 0x4, @TCA_ACT_KIND={0xc, 0x1, 'skbmod\x00'}}, {0x10, 0xa, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x4, @TCA_ACT_INDEX={0x8, 0x3, 0x56}}]}, @TCA_ACT_TAB={0x48, 0x1, [{0x14, 0x1e, @TCA_ACT_KIND={0xc, 0x1, 'police\x00'}}, {0x10, 0x1d, @TCA_ACT_INDEX={0x8, 0x3, 0x5980000}}, {0x10, 0x1b, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x11, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x24, 0x1, [{0x10, 0xb, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0x1a, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x1bc}}, 0x40000) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x10200, 0x1, 0x7002, 0x1000, &(0x7f0000007000/0x1000)=nil}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100), &(0x7f0000000240)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhci\x00', 0x800, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000200)={0x7, 0x1b, 0x1}, 0x7) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) close(r0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:08 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x800000000002, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000100)=@can, 0x80, &(0x7f0000001640), 0x0, &(0x7f0000002c40)=""/4096, 0x1000}, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="160000001a0081aee4050c00000f00fe078bc36f1600", 0x16}], 0x1, &(0x7f0000002c40)=ANY=[]}, 0x0) 06:13:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x101200, 0x0) setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000100)=0x10002, 0x4) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:08 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) getsockopt$inet6_dccp_int(r0, 0x21, 0xa, &(0x7f0000000080), &(0x7f0000000180)=0x4) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) mq_unlink(&(0x7f00000001c0)='/dev/input/event#\x00') ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x20) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 564.249272] *** Guest State *** [ 564.252921] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 564.261996] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 564.270874] CR3 = 0x0000000000000000 [ 564.274803] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 564.280819] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 564.287003] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 564.293892] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 564.302104] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.310219] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.318444] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.326667] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.334797] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 564.342984] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 564.351023] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 564.359243] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 564.367387] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 564.375586] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 564.382168] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 564.389653] Interruptibility = 00000001 ActivityState = 00000000 [ 564.396100] *** Host State *** [ 564.399331] RIP = 0xffffffff812c8203 RSP = 0xffff88016ab9f3c8 [ 564.405494] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 564.412103] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 564.419958] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 564.426622] CR0=0000000080050033 CR3=00000001690e4000 CR4=00000000001426f0 [ 564.433848] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 564.440555] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 564.446785] *** Control State *** [ 564.450282] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 564.457143] EntryControls=0000d1ff ExitControls=002fefff [ 564.462739] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 564.469700] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 564.476555] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 564.483300] reason=80000021 qualification=0000000000000003 [ 564.489730] IDTVectoring: info=00000000 errcode=00000000 [ 564.495365] TSC Offset = 0xfffffecce7f0aecc [ 564.499716] EPT pointer = 0x00000001ab9ac01e 06:13:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100000001}]}) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snapshot\x00', 0xfffd, 0x0) r4 = mmap$binder(&(0x7f0000fec000/0x13000)=nil, 0x13000, 0x1, 0x10, 0xffffffffffffffff, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000100)={0x0}) r6 = mmap$binder(&(0x7f000000e000/0x4000)=nil, 0x4000, 0x4, 0x80010, 0xffffffffffffffff, 0x3f) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f0000000200)={0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000440)={0x78, 0x0, &(0x7f0000000240)=[@free_buffer={0x40086303, r4}, @acquire={0x40046305, 0x2}, @clear_death={0x400c630f, 0x2}, @acquire_done={0x40106309, r5, 0x3}, @increfs_done={0x40106308, r6, 0x3}, @acquire_done={0x40106309, r7}, @acquire={0x40046305, 0x3}, @clear_death={0x400c630f, 0x4, 0x4}], 0x83, 0x0, &(0x7f00000002c0)="1fdf86a286c2fe5b2e606d85823e5cbf3ba659ece9e21b42250774cbeef05ae69c9109bb6353cd5e7fc86f20c7c6217a0a0640a269a9c19361c405c93451f47488dfd765fd58f3d58ef559684bdbb82324ae2cd06d5bd2f4c89a9ca4ad9473bfc5d4ef62257402f4c03ec958677593b95933199a353b7fd6a71a0206f0e12dc9051437"}) ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000480)=""/112) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, r3, 0x0, 0x6, &(0x7f0000000040)="215ba9602c00"}, 0x30) capget(&(0x7f0000000580)={0x399f1736, r8}, &(0x7f00000005c0)={0x7ff, 0x2, 0x5, 0x3, 0x3, 0x7fffffff}) 06:13:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000200)=@ng={0x4, 0x8, "ed88c949a1101e9906a70f223be5eabcfa"}, 0x13, 0x2) 06:13:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = getpgrp(0x0) kcmp$KCMP_EPOLL_TFD(r3, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 565.366132] *** Guest State *** [ 565.369642] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 565.378766] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 565.387859] CR3 = 0x0000000000000000 [ 565.391721] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 565.397836] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 565.404046] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 565.410771] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 565.419003] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 565.427191] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 565.435384] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 565.443541] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 565.451586] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 565.459719] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 565.467924] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 565.476098] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 565.484263] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 565.492436] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 565.498896] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 565.506535] Interruptibility = 00000001 ActivityState = 00000000 [ 565.512932] *** Host State *** [ 565.516164] RIP = 0xffffffff812c8203 RSP = 0xffff88016ab9f3c8 [ 565.522356] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 565.528826] FSBase=00007f233e51d700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 565.536804] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 565.543136] CR0=0000000080050033 CR3=000000016c052000 CR4=00000000001426e0 [ 565.550187] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 565.557022] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 565.563231] *** Control State *** [ 565.566717] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 565.573562] EntryControls=0000d1ff ExitControls=002fefff [ 565.579058] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 565.586184] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 565.593025] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 565.599648] reason=80000021 qualification=0000000000000003 [ 565.606148] IDTVectoring: info=00000000 errcode=00000000 [ 565.612190] TSC Offset = 0xfffffecc487510a3 06:13:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0xfff, 0x5}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x20001) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x4000, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 565.616558] EPT pointer = 0x000000016ab4e01e 06:13:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:12 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x101, 0x8001, 0xa, 0x3, 0x7fff, 0x100000001, 0xffff, 0x6, 0x0}, &(0x7f0000000180)=0x20) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000001c0)={0x0, 0xc0, "77618edc68b8c1eb5514eafe582dabecf28ebb26f6cb18465a037fb762a3fcce4e1a4ee5f71ccb238b9bba806ed67e48704389fe61b817ab67d6c44cf5f1c5348c23512e98d6a563c3adbeda38dd4bcf5c31722dd807e23ef5868ee396977661313f6a7af8a7f21b358b2783698f33f6bef548606812d7d8517f1e5e8b10bcd4cd7e23bbb366b96abce0b294d80abe17d77c8380a4d581aae437303871095c6d3175ddb8c0d4b2abf464f0b5806de34b132d55d693336feb0afdba06485fa719"}, &(0x7f00000002c0)=0xc8) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000300)={r3, 0x101, 0x1, 0x9, 0x420, 0x7, 0x0, 0x9, {r4, @in6={{0xa, 0x4e21, 0xfffffffffffffffc, @dev={0xfe, 0x80, [], 0x11}, 0x100000001}}, 0x72c3, 0x1, 0x8, 0xffffffffffffffff, 0x100000000}}, &(0x7f0000000400)=0xb0) 06:13:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="ff491d280c5b6ddb2b4e017af04d95852157d08b600d175a786dac8e123d33bced5bcb1e17684604b646377e426746b3f700b8dd81a5bba10dfef64014df3b8b559089164c3d1a55d0933ed6ceb92cbcc080a56c50d725e29a3b09dc610859af3c2f8bbca3072864dfcc25ce0002bdf6904c301623a7c5162459d31172c89616f5ebed5aeb50398f29839f76697b86d5f88bc3e7a239f864b851b8c7de010ce731b13bd4582660c686aa603c7797a43ac3b7ff3444ee2e75"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:12 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x20200, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000240)={0xa, &(0x7f00000001c0)=[{}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f00000002c0)={r1, &(0x7f0000000280)}) r2 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x121000) write$P9_RRENAMEAT(r2, &(0x7f0000000080)={0x7, 0x4b, 0x1}, 0x7) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x3}) socketpair$unix(0x1, 0x80400000005, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$void(r3, 0x5451) 06:13:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x90200) write$smack_current(r3, &(0x7f0000000100)="706f7369785f61636c5f6163636573738c776c616e3100", 0x17) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:13 executing program 0: r0 = socket$kcm(0x2, 0x5, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) r2 = getpgid(0xffffffffffffffff) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x4000) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000080)={r3, r0, 0x3}) setsockopt$sock_attach_bpf(r0, 0x84, 0x64, 0xfffffffffffffffe, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x7) 06:13:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x501000, 0x0) ioctl$EVIOCREVOKE(r2, 0x40044591, &(0x7f0000000100)=0x1000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000200)) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:13 executing program 2: r0 = dup(0xffffffffffffff9c) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000000)={0x0, "22b2f952ba90e69989041e0fe5b6cf70b58e79b281a104069a11afad19908488", 0x3, 0x3, 0x5, 0x4000, 0x50800, 0x2}) syz_emit_ethernet(0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd606d1111002f67000000000000000000000000006b7aa464bdfbd1b00000000000000000000000050420880b000000000000050000000000000088be00000000100000000100000000000000270022eb0000000020000000020000000000000000000000080065580000000068a27bd9e914f9c06fadaaaf5c7f8af12a96a60f5da17edfda0de5ee14a96c52d03217260c4c79871efc59c70ffe620985f0b52284fbcb4a199a4854c8b3d94a4f974c000e0e94acccd067c499c938ced5280e0b939b6d574aec1753e35539ae3ddcb40dde54afb615eb10cb3cf24d5332740cf97ca3f85214485f2d8f3e3c208bccc2ae3e44a297dd5ca6f9ce81d25909992297d7da4e137375eea1b1d3e84e74f7f316bc17e472ded5f7bfc01bc91447cd1b2f0a1d5e0c9bd1d8e6226365ca698d2f077f5c8ebd56b9c7874e5edab1319e71cc3c855e41d59b028f9de5fdcfbdf99e20f3"], &(0x7f00000000c0)={0x0, 0x0, [0x0, 0x0, 0x52, 0x98]}) 06:13:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x100000000000033a) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:13 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) syz_open_dev$vcsn(&(0x7f00000016c0)='/dev/vcs#\x00', 0x4, 0x20000) r0 = syz_open_dev$amidi(&(0x7f0000001700)='/dev/amidi#\x00', 0xd208, 0x80000) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x6) r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x58a2f98c, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f0000001640)={0x0, 0xfffffffffffffffd, 0xfc, 0x2, @scatter={0x5, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/136, 0x88}, {&(0x7f0000000180)=""/57, 0x39}, {&(0x7f00000002c0)=""/208, 0xd0}, {&(0x7f00000001c0)=""/5, 0x5}, {&(0x7f00000003c0)=""/142, 0x8e}]}, &(0x7f0000000500)="703ab1dc217917af873512e51b22d6e1a6fcaac929ad8f7c10bce53e532e4ffb45315f5817772f6a6dc3af2683409aeedb40f9a8716969200b670656c1b8471db25f0abf6c19bf24f9b3fa3f1a992bed4bc43c08effc4e1782d89ceeafa4862eabe3318f7a3b0733bb8fc0966c36431391ecc923a7d66e184acf8a0c62cf6bb2d91775a9c161f4070fecf2d12dcc4abb5989ce4dc3149c21184cf01a2ab08eeb852978cb5e05c87762a7558a4b897dbd7df0914be660248341e3091dfc0952a835058688d10e000fd5a152024f329743cf6db195d1cd51ef3e7fb6a9dd466b4e13a10a3d4e02a94ca3473bd0e6f62c1254b00638106c462c48f968ad", &(0x7f0000000600)=""/4096, 0x46a, 0x1, 0x3, &(0x7f0000001600)}) getrusage(0xffffffffffffffff, &(0x7f0000000200)) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x10000, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'team_slave_0\x00', 0x400}) [ 569.800630] *** Guest State *** [ 569.804574] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 569.813690] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 569.822707] CR3 = 0x0000000000000000 [ 569.826493] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 569.832717] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 569.838750] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 569.845774] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 569.853938] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 569.862112] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 569.870143] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 569.878388] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 569.886595] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 569.894851] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 569.903041] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 569.911066] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 569.919284] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 569.927441] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 569.934115] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 569.941751] Interruptibility = 00000001 ActivityState = 00000000 06:13:14 executing program 2: unshare(0x2000400) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='autogroup\x00') readv(r0, &(0x7f000005a000)=[{&(0x7f0000d1d000)=""/203, 0x52e}], 0x1) openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x440000, 0x0) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040)='nbd\x00') sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0xc, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x80}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x1) [ 569.948022] *** Host State *** [ 569.951999] RIP = 0xffffffff812c8203 RSP = 0xffff8801673ff3c8 [ 569.958045] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 569.964655] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 569.972761] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 569.972796] CR0=0000000080050033 CR3=00000001690e4000 CR4=00000000001426e0 [ 569.972832] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 569.972861] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 569.972876] *** Control State *** [ 569.972903] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 569.972926] EntryControls=0000d1ff ExitControls=002fefff [ 569.972956] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 569.972990] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 569.973016] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 569.973039] reason=80000021 qualification=0000000000000003 [ 569.973060] IDTVectoring: info=00000000 errcode=00000000 [ 569.973081] TSC Offset = 0xfffffec9e9efc879 [ 569.973103] EPT pointer = 0x00000001a62ec01e [ 570.053510] *** Guest State *** [ 570.053547] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 570.053579] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 570.053598] CR3 = 0x0000000000000000 [ 570.053621] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 570.053647] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 570.053679] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 570.053713] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 570.053754] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 570.053794] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 570.053833] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 570.053873] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 570.053912] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 570.053943] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 570.053990] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 570.054021] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 570.054060] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 570.054088] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 570.054122] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 570.054149] Interruptibility = 00000001 ActivityState = 00000000 [ 570.054166] *** Host State *** [ 570.054197] RIP = 0xffffffff812c8203 RSP = 0xffff8801678ef3c8 [ 570.054243] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 570.054277] FSBase=00007f09ac9a1700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 570.054307] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 570.054341] CR0=0000000080050033 CR3=00000001690e4000 CR4=00000000001426e0 [ 570.054376] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 570.054404] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 570.054419] *** Control State *** [ 570.054466] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca [ 570.054491] EntryControls=0000d1ff ExitControls=002fefff [ 570.054523] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 570.054551] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 570.054577] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 570.054604] reason=80000021 qualification=0000000000000000 [ 570.054627] IDTVectoring: info=00000000 errcode=00000000 [ 570.054648] TSC Offset = 0xfffffec9e9ef90b7 [ 570.054670] EPT pointer = 0x00000001a62ec01e 06:13:17 executing program 1: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000340)={0x3, &(0x7f00000001c0)=[{}, {}, {}]}) r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x3, 0x2, 0x9000}, 0x4) r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x4000000, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='vboxnet1lolovboxnet1eth0vboxnet1user}:wlan0\x00', r0}, 0x10) socketpair(0x11, 0x7, 0x7ff, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_buf(r3, 0x0, 0x20, &(0x7f0000000280)="bb6f9daa1457be3fa413607316fc3e6e07f8db959626a1d9fd91f28a4a451730f9b4d9a59b93df7cd292fd6b3120582dc3d18bd3a64d0bed6bf599130ecf665c6b99ce31aec02206d251ca95a29b85e43fbea14e0babccc8c64268c13bab280db31f851b497e329ba33f8c6a4473682e7a6c2c325f12b1beb9a0364b8900ac7cf2326d9be01e1f2b5eaf05dd62c2bbd5401d101532f06609c36f2a42976af494ab9180281577b64b8b0c9b6531c7fec6c4999ee6112547db0553e071", 0xbc) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x78004, 0x0) ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x6) r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:17 executing program 2: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x45, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000280)='./file1\x00', 0x0, 0xffffffffffffffff) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) setitimer(0x3, &(0x7f00000000c0)={{0x77359400}, {r0, r1/1000+10000}}, &(0x7f0000000100)) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f00000001c0)) r3 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x408080) ioctl$KDDELIO(r3, 0x4b35, 0x2) utimes(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)={{}, {0x0, 0x2710}}) 06:13:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x0, 0x8000) getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000000200)={'mangle\x00'}, &(0x7f0000000280)=0x54) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) prctl$setname(0xf, &(0x7f0000000040)='/dev/kvm\x00') 06:13:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:17 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000006c0)=0x200, 0x20) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x800, 0x0) r2 = getpgrp(0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000080)={{0x0, 0x4, 0x1000, 0x7, 'syz0\x00'}, 0x0, 0x120, 0x27, r2, 0x5, 0x3, 'syz0\x00', &(0x7f0000000040)=['GPL{)em0:vboxnet1[%\x00', ':GPL(\x00', '@selfppp0nodevself\x00', '\x00', '+#\x00'], 0x31, [], [0x9, 0x4, 0x5, 0xc7]}) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) [ 573.459235] *** Guest State *** [ 573.462791] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 573.471920] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 573.480809] CR3 = 0x0000000000000000 [ 573.484753] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 573.490852] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 573.497166] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 573.504020] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 573.512223] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 573.520251] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 573.528403] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 573.536651] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 573.544804] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 573.553035] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 573.561081] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 573.569271] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 573.577422] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 573.585671] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 573.592442] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 573.599966] Interruptibility = 00000001 ActivityState = 00000000 [ 573.606439] *** Host State *** [ 573.609721] RIP = 0xffffffff812c8203 RSP = 0xffff8801736df3c8 [ 573.615883] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 573.622474] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 573.630327] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 573.636475] CR0=0000000080050033 CR3=00000001a64ec000 CR4=00000000001426e0 [ 573.643662] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 573.650375] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 573.656612] *** Control State *** [ 573.660114] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 573.667001] EntryControls=0000d1ff ExitControls=002fefff [ 573.672679] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 573.679656] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 573.686513] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 573.693334] reason=80000021 qualification=0000000000000003 [ 573.699703] IDTVectoring: info=00000000 errcode=00000000 [ 573.705410] TSC Offset = 0xfffffec7f90572a8 06:13:17 executing program 2: unshare(0x40000) r0 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000001100)='syz_tun\x00') r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x5}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(r3, &(0x7f00000000c0)={0x18, 0x0, 0x2}, 0x18) splice(r2, 0x0, r4, &(0x7f00000002c0), 0x18, 0x0) r5 = dup(r1) ioctl$RTC_PIE_OFF(r2, 0x7006) ioctl$KDGKBMETA(r5, 0x4b62, &(0x7f0000001080)) ioctl$KDGKBDIACR(r5, 0x4b4a, &(0x7f0000000080)=""/4096) lseek(r1, 0x2, 0x3) [ 573.709801] EPT pointer = 0x000000016ce6601e 06:13:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair(0x0, 0x0, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000100)={0x0, 0x9, 0xff2, 0x7, 0x2, 0x9}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000240)={r3, 0x5, 0x7, [0x5d1, 0xb7c3, 0x8, 0xfa18, 0x2, 0x3, 0x5]}, &(0x7f0000000280)=0x16) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:13:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 574.119040] *** Guest State *** [ 574.122741] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 574.131969] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 574.140850] CR3 = 0x0000000000000000 [ 574.144808] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 574.150828] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 574.157037] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 574.163888] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 574.172053] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 574.180082] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 574.188242] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 574.196405] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 574.204597] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 574.212757] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 574.221020] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 574.229182] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 574.237351] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 574.245577] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 574.252171] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 574.259670] Interruptibility = 00000001 ActivityState = 00000000 [ 574.266127] *** Host State *** [ 574.269375] RIP = 0xffffffff812c8203 RSP = 0xffff88016a36f3c8 [ 574.275664] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 574.282279] FSBase=00007f09ac9a1700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 574.290166] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 574.296302] CR0=0000000080050033 CR3=00000001a64ec000 CR4=00000000001426f0 [ 574.303566] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 574.310285] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 574.316586] *** Control State *** [ 574.320091] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 574.327019] EntryControls=0000d1ff ExitControls=002fefff [ 574.332656] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 574.339655] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 574.346612] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 574.353363] reason=80000021 qualification=0000000000000000 [ 574.359727] IDTVectoring: info=00000000 errcode=00000000 [ 574.365479] TSC Offset = 0xfffffec7f904e722 [ 574.369852] EPT pointer = 0x000000016ce6601e 06:13:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="33000000040000005cc99dac582f56fb683be268651365a38b3c7d1b0246f4fa21b2259df344ffd7aeda54a4074bb222805c53d6ce44b73931fe57c581a86f0403aa20777f5fcbca6e7000e99d199c508b7499aa099bf87cb2d7f0ac6ca0fe97805623b024de6fbd1be52f466b2991e3d18017faf3a9f18703714b63a1"]}) 06:13:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={0x0, 0xfff}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r3, 0x100000000}, &(0x7f0000000200)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:21 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e20, 0xfff, @mcast2, 0xfe9}}, 0x3, 0x3, 0x6b6, 0xffffffffffffff01, 0xa}, &(0x7f0000000080)=0x98) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000240)={r2, 0xee}, 0x8) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x200, 0x0) ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{}, {}, {}]}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000100)='/dev/kvm\x00') 06:13:21 executing program 0: r0 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x1, 0x101000) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000140)={0x0, 0x0, 0x2080}) r1 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r1, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10) socket(0x27, 0x0, 0x0) 06:13:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="396ae953df7997f38463e2d86e3c5523ac4f723ecd8ccbfb661ea77d4620565295f7f268e4bf939d56d0b1e4b2a8e5329cbf529387909a3a98e6523f1e9d5623df0f5a86f4242b37286bcdae599cec03e944b6d1849f2c864ab9d64172e570604fabed769f66fc20036577bcd5b8c73f20c1c4f499cc90ceedb4d978555f0a5f"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r2, &(0x7f00000001c0)) r3 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x3f, 0x80000) getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000180)=""/18, &(0x7f0000000280)=0x12) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='veth0_to_bridge\x00', 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:21 executing program 2: socketpair$inet6(0xa, 0x0, 0x9, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@ipv4={[], [], @multicast1}, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@rand_addr}}, &(0x7f0000000180)=0xe8) r2 = getuid() r3 = getgid() fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {0x1, 0x4}, [{0x2, 0x4, r1}, {0x2, 0x7, r2}], {0x4, 0x5}, [{0x8, 0x5, r3}], {0x10, 0x4}, {0x20, 0x1}}, 0x3c, 0x1) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0) ioctl(r4, 0x820000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000002000/0x4000)=nil) 06:13:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) getpid() ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:22 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000080)={0x0, 0x200000022d, 0xfffffffffffffffa}) modify_ldt$read(0x0, &(0x7f0000000100)=""/216, 0xd8) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7, 0x40000) r2 = accept4$packet(0xffffffffffffff9c, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000280)=0x14, 0x800) ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000002c0)={r2}) 06:13:22 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000200)="0a5c2d024031628571704f6a90b5cfbd6620f4f784458bb46115b2506382d6d7995fabccaabf85cd58772367807813d4c3d9f5f3e31e1beb56c0fa77a74f82b65911530991aa559cc0387a2962aba1343b20a206052b5ece7c546159359a0000000000000000000000") r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x638, 0x0) ppoll(&(0x7f0000000000)=[{r1}, {r0}], 0x2, &(0x7f0000000080), &(0x7f00000000c0), 0x8) 06:13:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="ff"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x2b64000000000, 0x2000) accept$packet(r0, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000740)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000780)={'vcan0\x00', r4}) 06:13:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000040)=0x6) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x200, 0x0) ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{}, {}, {}]}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000100)='/dev/kvm\x00') 06:13:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="ff"]) r1 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x6, 0x10000) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000240)={0x3, 0x7, 0x4, 0x204000, {}, {0x1, 0x8, 0x365a, 0x101, 0x0, 0x8001, "68f78f05"}, 0x5, 0x1, @fd=r2, 0x4}) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x7fff, 0x0) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x20801, 0x0) syz_kvm_setup_cpu$x86(r4, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x3ed, 0x60, &(0x7f0000000000), 0xe4) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'nr0\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000340)={r5, @broadcast, @multicast1}, 0xc) 06:13:25 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES16=r0, @ANYRES32=r0, @ANYPTR64=&(0x7f0000000180)=ANY=[@ANYPTR=&(0x7f0000000080)=ANY=[@ANYPTR64, @ANYRES16=r0, @ANYRES64, @ANYRESOCT=r0], @ANYRES64=r1, @ANYRESHEX=r0, @ANYRES16=r0, @ANYPTR64, @ANYRESDEC=r1], @ANYRES16=r1, @ANYRESHEX=r0, @ANYRESOCT], 0xfffffffffffffe47) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) fcntl$getown(r1, 0x9) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000001c0)='\x00'}, 0x30) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340)=0x0) r3 = syz_open_procfs(r2, &(0x7f0000000300)='\x00\x00\x00\x00\x00') execveat(r3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:25 executing program 0: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x80000, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000001c0)={0x1020000000000, 0x7fb, 0x6}) r1 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x2) r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x4080) readv(r2, &(0x7f0000001400)=[{&(0x7f0000000000)=""/46, 0x2e}], 0x1) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000180)) write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [{0x20, ','}, {0x20, '{-[*[+\'+'}, {0x20, '/dev/snd/pcmC#D#c\x00'}, {0x20, '/proc/self/net/pfkey\x00'}, {}, {}], 0xa, "ec50ccf77fb75a1036ac6ee29159561338d0051aacb34f87218f8b0f"}, 0x5d) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x0, 0x612402) write$evdev(r1, &(0x7f000004d000)=[{}], 0x18) 06:13:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x200, 0x0) ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{}, {}, {}]}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000100)='/dev/kvm\x00') 06:13:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) lsetxattr$security_smack_transmute(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000200)='TRUE', 0x4, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00') ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f000000e000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x200, 0x0) ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{}, {}, {}]}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000100)='/dev/kvm\x00') 06:13:26 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000080)={'icmp6\x00'}, &(0x7f0000000180)=0x1e) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20040000008912, &(0x7f00000001c0)="0a452d0240316285717070") r1 = socket(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000480)=""/102, 0x66}}], 0x1, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="7f454c46000000000000000000000000000000000040000000000000000000000000000a1bb6de15803552d00000000000000000380000000000000000000000000000000000000000000000bdb6fbeac58dd6363150215e0f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000"], 0x78) socketpair(0xa, 0xa, 0x8, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000040)=0x10001) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000200)={0x30, 0xf43a, 0x40, 0x3, [], [], [], 0x2, 0x7f, 0x42212122, 0x5, "eac56fa2315d2c83a47454fbc59fc14c"}) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f00000000c0)={{0x4, @multicast2, 0x4e21, 0x2, 'ovf\x00', 0x6, 0x0, 0x5f}, {@multicast2, 0x4e20, 0x1, 0x10000, 0x101, 0x1}}, 0x44) ioctl$KVM_GET_EMULATED_CPUID(r3, 0xc008ae09, &(0x7f0000000340)=""/137) write(r1, &(0x7f0000000140)="240000005a001f00ff03f4f9002304000a04f51108000100020100020800028001000000", 0x24) 06:13:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x20400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f00000004c0)={0x0, 0xffffffffffffffff, 0x20, 0x1000, @scatter={0x2, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)=""/109, 0x6d}, {&(0x7f0000000300)=""/228, 0xe4}]}, &(0x7f0000000280)="37d1d87e4e8ab76bb9104141fd7d863e9121d6832002730a7b59fd7180d2db38", &(0x7f0000000400)=""/124, 0x8000, 0x2, 0x0, &(0x7f0000000480)}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x37, 0x40000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:26 executing program 2: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) fchown(0xffffffffffffffff, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x6c00) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)={0x3, 0x4, 0x4, 0x4000, {r1, r2/1000+30000}, {0x5, 0x0, 0x8, 0x200, 0x3, 0x5, "fc44aa52"}, 0x3, 0x7, @fd=r0, 0x4}) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0xfffffeb3) write$eventfd(r0, &(0x7f0000000040), 0x8) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) socketpair$unix(0x1, 0x20000000080002, 0x0, &(0x7f00000003c0)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 06:13:26 executing program 0: sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020d000010000000000000bd42990000000000000600000000590f000001000000000000000000000000f2812678e5390efe082942000000000000000000000000000300eaffffff0000020000009807d70600b56888af561b78076ec99e06f1eb00000000000000030005000000000000000000000000000000000000000000"], 0x80}}, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=0x0) prctl$setptracer(0x59616d61, r0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="fbf39d8124686269cdc4080b757f3c54d2b62b1b78fccc6efa40fd35c5e84c5ccec185e2c20b8cd6bbc216c1a889a4caa10af5b24d1252"], 0x1}}, 0x0) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000240)=0x1c) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000300)={@empty, 0x21, r2}) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x4000000000002b9, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x100, 0x0) socket$key(0xf, 0x3, 0x2) [ 582.830335] *** Guest State *** [ 582.834184] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 582.843264] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 582.852268] CR3 = 0x0000000000000000 [ 582.856027] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 582.862248] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 582.868270] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 582.875232] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 582.883406] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 582.891431] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 582.899707] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 582.907951] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 582.916167] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 582.924343] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 582.932636] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 582.940656] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 582.948853] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 582.956995] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 582.963570] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 582.971056] Interruptibility = 00000001 ActivityState = 00000000 [ 582.977525] *** Host State *** 06:13:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = dup3(r1, r0, 0x80000) ioctl$SG_GET_REQUEST_TABLE(r3, 0x2286, &(0x7f0000000200)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 582.980764] RIP = 0xffffffff812c8203 RSP = 0xffff88011d40f3c8 [ 582.986938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 582.993558] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 583.001398] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 583.007576] CR0=0000000080050033 CR3=000000016af9b000 CR4=00000000001426f0 [ 583.014759] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 583.021480] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 583.027800] *** Control State *** 06:13:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) fcntl$setsig(r0, 0xa, 0x4) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 583.031297] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 583.038340] EntryControls=0000d1ff ExitControls=002fefff [ 583.043961] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 583.050929] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 583.057819] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 583.064652] reason=80000021 qualification=0000000000000003 [ 583.071004] IDTVectoring: info=00000000 errcode=00000000 [ 583.076667] TSC Offset = 0xfffffec2efd15d75 [ 583.081063] EPT pointer = 0x0000000175c1501e 06:13:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x20400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:27 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket(0x10, 0x802, 0x0) sendto(r1, &(0x7f0000000140)="120000001200e7ef007b1a41cd00000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x144}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1064}, {&(0x7f0000000400)=""/120, 0x4}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f0000000000)=""/22, 0x15}], 0x8, &(0x7f0000002400)=""/191, 0xbf}}], 0x464, 0x6, &(0x7f0000003700)={0x77359400}) mknod(&(0x7f0000000180)='./file0\x00', 0x500, 0x1) 06:13:27 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2080, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000200)=0x18) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000500)={0xfffffffffffff001}) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={r1, 0xb4, &(0x7f0000000240)=[@in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e23, 0x1, @empty, 0x200}, @in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e23, @rand_addr=0xfffffffffffffffc}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0x1f, @empty, 0x1000}, @in6={0xa, 0x4e24, 0x9}, @in={0x2, 0x4e21, @broadcast}, @in={0x2, 0x4e22, @remote}]}, &(0x7f0000000340)=0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl(r2, 0x3, &(0x7f0000000440)="bcf334bed40258d565fe2b74bf87a1e4cf22e18b749127f584e07302d9452f3cfb967762b78d66af5a9e27e0ac7b1a6fa0bdd9891f535a3fe80377cb23e3f85ea84005d7021d133ba6b2940aa85516a9f1622477d9be67864957c9e961653e2df29da7bd1ae92e50a9c1798d610362456fbe0bfa4ecbd4f162af9798b1037032d8425c16dff36061ba55a59943dea22a44d20e905fc21e75413049762abae3b06e2cb85481d74fe751ba9b") ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000540), &(0x7f0000000580)=0x4) 06:13:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {0x2}, {0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = dup3(r1, r2, 0x80000) ioctl$TIOCEXCL(r3, 0x540c) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:31 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000180)=""/72) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = getpid() r2 = syz_open_procfs(r1, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:31 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x18, &(0x7f0000d01000)=0x7ff, 0x4) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="5780d01c", 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0xcc3aa5d7db2cfd28, 0x0) sendmsg$alg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)="129e22e69189a8c8368a4564d837503efa0f6081abbe56bdaf4ee9953fe3802eeeebeccde1fc74ac06d4a9", 0x2b}], 0x1, &(0x7f0000000180)=[@op={0x18}], 0x18, 0x8000}, 0x20000080) sendto$inet6(r0, &(0x7f0000adb000)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524cf9ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c906a38cbda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be7700d66f2d2c3a63dba8eb35e7127246029e222f0b2aebbe767f5125e2d9ea5d5987b9bb96f303e4f3c647c776c5b6306472896dcebe0de6d001b453a4e26dfe433b409586e0faca3ee89e8b936ea46b97a0f663544a8f4784c6b484334949f583b02557645c7d7884910eaf4879da3f4f37ce789b728a49d0546730e2adb0a9cb74620b0cf3a28061a607089a47a23e831c16dd002fc6ad4ebd7c62d265da40d6bfd145698d18d14522e19aa599cd9e412c4644dccb31849bd5e31411c6ff9249be50762cc6fdaa01a7cdcb162dc0516524002b688a462f69b6cce348a6dc5e9356ae3938909ea062f9501220214e83a4e621b8d685925c92c7564e9132cfe10f8acb646b731114ff101479f99d70a4bd6033bf5e4e6675120fa21d0610a685af21ba76162fa5cc571056b295b8f9987fdef14526be89516234dee2d93bf7ceba533af07bb7a6e9f1d5756f81a7558b5e029e662c5dfe00f657bd5a5165c6d44bd90f719342b7ac36eb8f10cdaeda44c079ecb31d324125ac848a27ba173ad35d1acd4e206387ecea474d6a70086d225448e247bfcd51ecae1f15dfe10acc50e7757cca9c5ef80562b63224c3259d6d1fc928264d356b8345ba03e10cd6970c0343ee98359dcb5920b83cb0aa034807f40050c6cf63543e107d85bfa82ce4f5e90f6078a743b0c7ccdd007c7c0115abfd5a9a52873b7b5da78a1ab7404016c5d00aabcfc3e16070b8222a99efebebf6042e6da1dbb3e782d831c0eb4f464b82abc0a8", 0x7d0, 0x0, &(0x7f0000809000)={0xa, 0x4e24}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000080)=""/49, 0x31, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote}, 0x707000) 06:13:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup3(r1, r1, 0x80000) r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = accept(r1, 0x0, &(0x7f0000000040)) ioctl$BLKBSZSET(r3, 0x40081271, &(0x7f0000000440)=0x8) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000240)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000340)=0x269) accept$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000540)=0x14) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000005c0)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000600)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000700)=0xe8) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@dev, @rand_addr, 0x0}, &(0x7f0000000780)=0xc) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000bc0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000b80)={&(0x7f0000000c00)=ANY=[@ANYBLOB="fffc0000", @ANYRES16=r4, @ANYBLOB="16002dbd7000ffdbdf25030008000100d78fc34ef7d784b57888459f61cb4701c2015a25f1913f24c4abf9c7702f557648af5b9d2309d5b1bfb632beef7c13f53536d4f632ac4113ad602f7385c3d1b0c4475a368a7c1d736b7a2c7c440af044b74e575397c911e5e27b2af28e55d969d71a7667494143ebc84e767ab3f923983b71628f0cffcc16ef3ba6c24cf76614a33ebcec75457f744fedb31420314f4344c84ac602995de857f8c0", @ANYRES32=r5, @ANYBLOB="8c0102003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100008038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000000003b38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000200000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400000001006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000003c000400707c040801000000000000d40800000009009006018000000100ff00000000000100005609000000530060a11f000000000001000000000008000100", @ANYRES32=r7, @ANYBLOB="2401020038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000800000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400ff03000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040007000000080007000000000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004003200000008000100", @ANYRES32=r8, @ANYBLOB="b400020038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400050000003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r9, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b00000008000400010000000800070000000000"], 0x390}, 0x1, 0x0, 0x0, 0x801}, 0x4000) 06:13:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2, @loopback}, 0xc) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x80083, 0x0) write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, 0x2, {0x7, 0x1b, 0x7ffffffd, 0x6404, 0x7, 0x5, 0x38c43ed8, 0x2}}, 0x50) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000000)={0xd7, 0x22, 0x0, 0xffffffffffffff9c}) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e00000027f0000010156000001000053e0000002a6200d694b4c64aaa9add28b3600227e6d99e78c134ccf08bd7785ea4803ad37d8583233c2974132dae0041ee0bdf41d3705055a66b6a8e8c4e9f1f361295f6e2bfac3fc094e2498939507a3332f4a5d165c97ad218f94dcd41f8baeb626572c7e786a2e441426a16dbbb42a56b7b520cdd5d710d5bb7d258106b218f2f35de5575a0c8cab2f88aad30efc340dc3c8a36cbb1f920c"], 0x36d) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2, @loopback}, 0xc) 06:13:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000100)={r3, 0x3}, 0x8) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 587.169260] *** Guest State *** [ 587.172750] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 587.181899] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 587.190760] CR3 = 0x0000000000000000 [ 587.194618] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 587.200623] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 587.206770] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 587.213642] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 587.221760] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 587.229786] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 587.237930] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 587.246061] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 587.254260] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 587.262380] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 587.270401] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 587.278630] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 587.286762] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 587.294881] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 587.301322] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 587.308918] Interruptibility = 00000001 ActivityState = 00000000 [ 587.315286] *** Host State *** [ 587.318518] RIP = 0xffffffff812c8203 RSP = 0xffff88010a8af3c8 [ 587.324641] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 587.331090] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 587.339084] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 587.345126] CR0=0000000080050033 CR3=00000001695f6000 CR4=00000000001426e0 [ 587.352385] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 587.359128] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 587.365375] *** Control State *** [ 587.368863] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 587.375675] EntryControls=0000d1ff ExitControls=002fefff [ 587.381172] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 587.388298] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 587.395108] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 587.401933] reason=80000021 qualification=0000000000000003 [ 587.408294] IDTVectoring: info=00000000 errcode=00000000 [ 587.413938] TSC Offset = 0xfffffec0a40df2ed 06:13:31 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x1, 0x0) pipe(&(0x7f0000002380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000140)=0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000002240)=r3) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f00000001c0)={0x0, 0x0, 0x2080}) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000002300)=0xfffffffffffffe00) write(r2, &(0x7f0000000080)="8b0b55ad3d030000007764184a4a18fb06539ff52c60e105d683d793b2900b65294958a38e8af58e06e7da08a6dbf2601a38a72ca49c9d642c988d240000008000000000733b071f1427019b0008ed4e0a2ee351ecb763a7bedcaa266746", 0x5e) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0xfffffd8a}], 0x200000000000000f, 0x2) ioctl$RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000100)) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000022c0)={'ifb0\x00', 0xd202}) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000002280)={0x1, 0xfffffffffffffffc, 0x9a, 0x47d8}) [ 587.418282] EPT pointer = 0x000000010e1da01e 06:13:31 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xc, 0x0, 0x4, 0x0, 0x14}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, 0xfffffffffffffffd, 0x0) 06:13:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x101) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) socket$inet6(0xa, 0x80000, 0x200) recvmmsg(r0, &(0x7f0000002cc0)=[{{&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}}}, 0x6d, &(0x7f00000013c0), 0xbd, &(0x7f00000017c0)=""/4096, 0x1000}}, {{&(0x7f0000001700)=@sco, 0x80, &(0x7f0000002c00), 0x30c, &(0x7f0000002c80)=""/33, 0x21}}], 0x2, 0x40000026, &(0x7f0000002dc0)={0x77359400}) sendto$inet6(r0, &(0x7f0000000340), 0x128, 0x0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @local}, 0x1c) 06:13:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xc, &(0x7f0000000280)='/dev/rfkill\x00', 0xffffffffffffffff}, 0x30) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000300)=r4) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x40001, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, 0x0}) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000200)={[], 0x6, 0x6, 0x8, 0x7f, 0x14e6, r6}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="21de6b3515b0a60997507e711c9f824075acd349a10297595dc00f52aff93ce4f191aa115c1cba3cf4428a683a9d38c52b9e6c5d49feea9c78b60ed1f48af09831cab013b681a03be6543ee3286b81fea702f959eae5ee32e9f4069c97d99c85afa0a8a40703b54e667001ca35eb734e3a57e6b4797b4de92d0715bf033845b46c18459ad4a89e142ebb03413eea693c52"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:32 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000005fd4)=[@acquire, @acquire={0x400c630e}], 0x0, 0x0, &(0x7f00000001c0)}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="270000000000c486"], 0x1, 0x0, &(0x7f0000000240)="ce"}) clone(0x0, &(0x7f0000000040), &(0x7f0000000200), &(0x7f0000000100), &(0x7f0000000080)) [ 588.308223] binder: 13463:13467 unknown command 39 [ 588.313358] binder: 13463:13467 ioctl c0306201 20008fd0 returned -22 06:13:34 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/mcfilter6\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:34 executing program 2: r0 = socket$kcm(0xa, 0x122000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000003840)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000340)=[{&(0x7f00000037c0)="d90d0000768606681d012f629c75adfa4208d5febf524a024aface6a6ac7d846ed2fa163e15ffb5033e9ad60d7a8a295b90bf9cc8578ec03a10c48d401050b0a2f858ad2c4aa592d", 0x48}], 0x1}, 0x0) r1 = memfd_create(&(0x7f0000000040)='^@keyringppp0self#-em0\x00', 0x1) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r1, 0x4) 06:13:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000000100)={0x5, 0x6, 0x8, 0x300}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000200)={r3, @in6={{0xa, 0x4e20, 0x4, @loopback, 0x20}}, [0x79, 0x3, 0xfff, 0xa2, 0x1000, 0x7fff, 0x89f, 0x7f, 0x20, 0x3ff, 0xc81, 0x0, 0x7, 0x7e, 0x8]}, &(0x7f0000000040)=0x100) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x44, r3, 0x420, 0x70bd2c, 0x25dfdbfd, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x4000, 0x0) syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000480)=0x4) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000300)={{0x3000, 0x0, 0xf, 0x100000001, 0x37, 0x4, 0x101, 0x100000001, 0x3, 0x5, 0x1f, 0x101}, {0x6000, 0x10f006, 0x0, 0x6, 0x8, 0x3, 0x1000, 0x400, 0x8, 0x80000001, 0x7, 0x10001}, {0xf000, 0x5000, 0xc, 0x8, 0x0, 0x6, 0xfffffffffffffffc, 0xffffffffffffffc8, 0x4258, 0xb8, 0x9, 0x3}, {0x10000, 0xf000, 0xf, 0xffffffff, 0x9, 0x7fffffff, 0xb6, 0x8001, 0x10001, 0x4, 0x2c, 0x80}, {0xd000, 0x6000, 0x0, 0xfff0000000000000, 0xc658, 0x95, 0x8000, 0x9, 0x8, 0x4, 0x7, 0x5}, {0xd000, 0x110000, 0xf, 0x8, 0xba81, 0x627, 0x7, 0x1361, 0x4, 0x5, 0x10000000000, 0xd93e}, {0x10004, 0x0, 0x0, 0x4, 0x3, 0x6b, 0x8, 0x3, 0x48, 0x1, 0x7fff, 0x1}, {0xd004, 0x4, 0x0, 0x7, 0x401, 0x26, 0x7ec, 0x800, 0x6, 0x5, 0x4, 0xa00000000000000}, {0x16000, 0x4}, {0x10000, 0x6000}, 0x0, 0x0, 0x0, 0x80, 0x2, 0x5000, 0x0, [0x4, 0xfff, 0x286, 0x5]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0\x00', 0x60600, 0x0) ioctl$BLKFLSBUF(r3, 0x1261, &(0x7f0000000200)=0x9) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:34 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10) r2 = memfd_create(&(0x7f0000000040)='\x00', 0x2) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000280)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000200)=0x37b) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={r3, 0x4, 0x30}, &(0x7f0000000140)=0xc) sendmsg$rds(r1, &(0x7f0000000f80)={&(0x7f0000000640)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000dc0), 0x0, &(0x7f0000000fc0)=[@mask_fadd={0x58, 0x114, 0x2, {{}, &(0x7f0000000e80), &(0x7f0000000ec0)}}], 0x58}, 0x0) 06:13:35 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x1410c2, 0x6) ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000400)) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x1, 0x6, 0x10000101) ioctl$EXT4_IOC_RESIZE_FS(0xffffffffffffffff, 0x40086610, &(0x7f0000000540)) 06:13:35 executing program 0: 06:13:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x80, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x20802, 0x0) bind$pptp(r2, &(0x7f0000000100), 0x1e) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f00000002c0)={0x0, 0x8}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x1}, &(0x7f0000000280)=0xfffffffffffffe5e) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000540)=@sack_info={r4, 0x519a, 0x8001}, &(0x7f0000000500)=0xfffffda1) setxattr$security_ima(&(0x7f0000000340)='./file0\x00', &(0x7f0000000440)='security.ima\x00', &(0x7f0000000480)=@sha1={0x1, "839389171947d25a211ad51818c5c8e842d04e04"}, 0x15, 0x2) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x20002, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r5 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x6f8, 0x4902) write$9p(r5, &(0x7f0000000240)="c24e10752ad6c6464d7e567c1ce12592ab0c1c04c513bf6a1c88a4e990872bd4ba9785fce0fb3d2decf6d372282f7c54448b15a57c22f8ca257e783df5dc", 0x3e) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x8cfac84c6d720721, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:35 executing program 0: 06:13:38 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xffb3, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)=0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000200)) getpgid(r2) execveat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=[&(0x7f0000000180)='\x00'], 0x0) 06:13:38 executing program 2: 06:13:38 executing program 0: 06:13:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f00000000c0)=0x1954) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:38 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000004c0)={0x0, 0x5}, &(0x7f0000000500)=0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000640)=ANY=[@ANYRES32=r1, @ANYBLOB="c70000001b3e4914866cf18b24f69267284c17a4b7537e29d81ade8f1e45a599e34ceba007e415612239fee893d7a12c1e4827f8d85a642dcc8127aee17d95ddd50762c30de1c793977496a50bd99447653aaa490c6107d00e4b19423fedcd250cd3bc5b18320860ae969fc7de82f948215b3183444747d7051253c13f8998f3972e4d0cd85ddd1fbc405b5f8c9f0dfcce497f78f698263289a03bafb81883915e74f3739d29ebe6442d5463fd12ed53e22fe55c7f26c0f3c849543718be5787100527bd82d8153b0f1df2c3fdf8764da4b81d55351093ceb33c0069059a3373c8da5fce4fe930fb196a90cef664903d2e947c8f63b4c44f"], &(0x7f0000000340)=0xb) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000440)={r2, 0x1c, "c20acd00163c5326f8448c651de93f76890edcab62f8b6d6453e90b1"}, &(0x7f0000000480)=0x24) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100), &(0x7f0000000040)=0xc) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000180)={0x5}) creat(&(0x7f0000000140)='./file0\x00', 0x10) setsockopt$inet6_tcp_buf(r0, 0x6, 0x218, &(0x7f0000000800)="8b0711826f21ab61f55d03781690e0567d38b021cfb2b293ff0f17b635f207fa7996bf053dc26db69f322c79620c99579f0ff9f6393a08db9342194d44cb822ac464ceb33877fd489c00800000000000002947b8419e44c445404ea08e42ed87d3dee44de18c029f4b3452f0a567fe08d6a5c501000000c6c2adb391c9192aeb2501842fe40476330b9a14757134ccaf6cf84b71228355b86bee87ea882f633e03e1162258f50100de63287be67378bcd9fae10efa28ca7b31440000043a5dcd8c7a3197070a8b00bae1ba1bd2dc3730acec919e7777c799cd2c09846095822aa45092df78d2e4dbcde8612127da8b8bedcdff070000000000008315d32dace908dad789003fb0accccc621973bf9535c171a22cd10723f61461eb817e1e6da139f2a194f4d8712c40ce46f0e03a19cf2d16d844622e0ae982c8a99620e5e958da3008d841e665910f043818c55e0da756602e562956916888fc88fa9f96e71f51003b09a35e4b10dfebe335c738133d8110", 0xfffffffffffffd68) ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_execute_func(&(0x7f0000000280)="440fd4d8446b70fe8cc481c15955f666460f72e70b65436c64a72e650f01821700000036420f7096000000009bc401dd59445ba3dbd8") 06:13:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) r4 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xd2e, 0x200000) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000100)={r3, 0xc7eb}, &(0x7f0000000200)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 594.726268] *** Guest State *** [ 594.729620] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 594.738879] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 594.747906] CR3 = 0x0000000000000000 [ 594.751787] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 594.757785] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 594.764054] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 594.770865] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 594.779025] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 594.787200] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 594.795337] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 594.803592] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 594.811715] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 594.819721] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 594.827928] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 594.836118] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 594.844269] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 594.852384] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 594.858817] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 594.866438] Interruptibility = 00000001 ActivityState = 00000000 [ 594.872860] *** Host State *** [ 594.876113] RIP = 0xffffffff812c8203 RSP = 0xffff88010bc7f3c8 [ 594.882255] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 594.888694] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 594.896652] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 594.902694] CR0=0000000080050033 CR3=000000011d57d000 CR4=00000000001426f0 [ 594.911317] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 594.918155] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 06:13:38 executing program 0: 06:13:38 executing program 2: [ 594.924364] *** Control State *** [ 594.927854] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 594.934684] EntryControls=0000d1ff ExitControls=002fefff [ 594.940172] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 594.947303] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 594.954200] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 594.961293] reason=80000021 qualification=0000000000000003 [ 594.967756] IDTVectoring: info=00000000 errcode=00000000 [ 594.973364] TSC Offset = 0xfffffebc90d92425 [ 594.977720] EPT pointer = 0x00000001a659401e 06:13:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2000000000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:39 executing program 0: 06:13:39 executing program 2: 06:13:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r4 = memfd_create(&(0x7f0000000000)="776c6197b000a8f602d0a2c2a582c3c86818b3bfd25a1f6a2d25749f377c03d1ba30a2dec37181251be19032789a3f9da8c9c1db30b7ee7596adae0096e8a1adf519d3ee845d75d985f3ce093d6d77aef1bd974bdda5428e53b9bd362a4c34540dcf267467324671ae9c80a0b1040a57cc4327db5b028df0149495f06358246100253f25d93a97bd9ae3e9b6ad8353ed8905a6db91f4e98a6a036ee84895e27e7126f712ccea596d582829b39105280374dee2d74eb8fd755880995d3c63953e65e5f57e2d290dc84e6cb48c6cf7fb88790a2b08122cd79d42626346660cb4739602fc8f0791b6d573d6d8e06c3f216c5aa37b72", 0x0) unshare(0x20400) close(r4) fchdir(r4) msgget(0x3, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x97cc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:42 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f0000000180), 0x0) 06:13:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x10004, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="f9"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) open_by_handle_at(r2, &(0x7f0000000300)={0xe1, 0x4, "c636530b0f8b47f74d90026f3c3f008bdb883feeebd00ee94925faaf79d35bbf3dda10c1a6086096beeef5bf855113ce12e2054c7dca4d5b6a708a54b9c03d32d701413c4f3fbeeee720cad8ee89a066442520aeeb5c9e2b352677f4087c06522d1b0f885a2feda3643f77a46becd3b6b766ff32bbf3f6e4d0008cabb916b148cd3f1e8f7c888f3aa6dbc32cd4ad81ae746357460733a3c3259b5ff2212bd119cc83eb8571b2aadf64960c6816b41f7b31136f67c658c282a5ccb01d1af8c949d8d208090d315ef767187dff408f79f4c2f633201a5a21d8f9"}, 0x101800) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x1, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:42 executing program 2: 06:13:42 executing program 0: 06:13:42 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x6) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x22a, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000100)=0x100000001, 0x4) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:42 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{&(0x7f00000002c0)=@in={0x2, 0x4e21, @broadcast}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000070000008908800000000000"], 0x18}}], 0x1, 0x0) connect$inet6(r0, &(0x7f00000000c0), 0x1c) sendmmsg(r0, &(0x7f0000000440), 0x400000000000211, 0x810) 06:13:42 executing program 0: r0 = userfaultfd(0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, &(0x7f0000527ff8), 0x2, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000000)={0x7, 0xd9}, 0x8) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x730000}, 0x200000}) 06:13:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="1fc5d4102f7631f2d8c871dcd6e8039a54b10bc7fd534a0f19d2da2a644836d3aa13778db3d7b7bff0067cd7e226e2c1a6c7f00ba09818cd5167bc5a4e53664d9bfa916e1f73a2d7967a79646ada7d8469", 0x51) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="81"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:43 executing program 2: r0 = socket$inet6(0xa, 0x202000000801, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@mcast2, 0x800, 0x0, 0xff}, 0x20) 06:13:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) setsockopt$inet_dccp_buf(r0, 0x21, 0xc0, &(0x7f0000000040)="96c8b441ee9d387723b83bba9dcc02064b9f5dc6f6d172e21c7e1dedeef5c7277a3bdc715183255e6fcec2ba7683fd22a0", 0x31) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:46 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0x26d8ef4e000000, 0x2000) ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000180)=""/109) r2 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x6, 0x30}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f00000002c0)={r3, 0x2, 0x7ff, 0x7fec, 0xfffffffeffffffff, 0x40}, &(0x7f0000000300)=0x14) syncfs(r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') ioctl$BLKFLSBUF(r2, 0x1261, &(0x7f0000000240)=0x1fffe) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000400)={{0x7, 0x7, 0x60000000000000, 0x40, 'syz0\x00', 0x101}, 0x1, [0xffffffffffff48d8, 0x6, 0x0, 0x92, 0x8, 0xa63, 0x6, 0x2, 0x1000, 0x6, 0x1, 0x4, 0x7ee, 0x3f, 0x6, 0x1, 0xaa75, 0x74f6, 0x0, 0x8001, 0xffffffff00000001, 0x10001, 0x7fff, 0x800, 0xaffa, 0x7, 0x1000, 0x3, 0x2, 0xfffffffffffff801, 0x5, 0x0, 0x8001, 0x49, 0x1, 0x2, 0x101, 0x6, 0x100000000, 0x8, 0x9, 0xfff, 0x80000001, 0x9, 0xbbe, 0x1, 0xb5f, 0xc3, 0x8, 0x9808, 0x100000000, 0x8, 0x3ff, 0x9, 0x3, 0xe760000000000, 0x2, 0x100, 0xeeb9, 0x3ff, 0x80000001, 0x800, 0x0, 0x8, 0x141, 0x0, 0x6, 0x7, 0x7, 0x1ff, 0x680e, 0x3, 0x8, 0x7, 0xeb, 0x4, 0x4, 0x9ac, 0x10000, 0xac, 0x2, 0x46c, 0x1, 0xc946, 0x2, 0x3, 0x0, 0x8, 0xf4d4, 0x7, 0x10001, 0x6, 0xe0, 0xedf5, 0x81, 0xfff, 0x9, 0x7, 0xca75, 0xa07, 0x8, 0x7, 0x7ff, 0x8, 0x58, 0x0, 0x9, 0x3f, 0x40, 0x0, 0x4, 0x2, 0x601, 0x40, 0xffff, 0x5, 0x8, 0x401, 0x2, 0x5, 0xd3, 0xff, 0x98a, 0x7fffffff, 0x2, 0x7ff77018, 0x9, 0x3], {0x0, 0x1c9c380}}) execveat(r4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x54, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:46 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x4, 0x202) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[], 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000001340)}, 0x0) 06:13:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:46 executing program 0: r0 = userfaultfd(0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, &(0x7f0000527ff8), 0x2, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000000)={0x7, 0xd9}, 0x8) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x730000}, 0x200000}) 06:13:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x80) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) poll(&(0x7f0000000040)=[{r2, 0x411}, {r2, 0x80}, {r2, 0x2000}, {r1, 0x200}, {r0, 0x8}, {r1, 0x140}], 0x6, 0x9) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000280)=0x0) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x5, &(0x7f0000000440)=[0xffffffffffffffff, 0xee00, 0xee01, 0x0, 0xee00]) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000480)=0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@remote}}, &(0x7f00000005c0)=0xe8) lstat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000001c40)=0x0) getresuid(&(0x7f0000001c80)=0x0, &(0x7f0000001cc0), &(0x7f0000001d00)) r12 = getegid() r13 = fcntl$getown(r2, 0x9) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001d40)={{{@in6, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@dev}}, &(0x7f0000001e40)=0xe8) r15 = getegid() sendmmsg$unix(r2, &(0x7f0000001f00)=[{&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000100)="19a26522cdb1b7c1e0463bd54baffecc3e87242cb9deda0a5b89b5f7f994e7cf5a7c8419b53eb2f69e35939c8aba38e3a360c812b80af27a52df", 0x3a}, {&(0x7f0000000200)="207376b0e11c4efa2d232ed78e5660aadf3db709765d42070ebb01e48f1dcd2538183d866e61b3c3", 0x28}], 0x2, &(0x7f00000006c0)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @rights={0x18, 0x1, 0x1, [r3]}], 0x58, 0x4004}, {&(0x7f0000000740)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f00000019c0)=[{&(0x7f00000007c0)="91022001b2fd986a9e094ba4ef1c4a1e063f98ef52b52916a925ed95a6067e64d3a8153a8cbb6895e2c9e040a4deb3fab417fe087eec1619559891fea3c1e864253d9cee00067595c5f2b73a4fc235e5a33f4c3cc1b5aaec19a94fe8d5ff6aa80a631d0641a21c7675193604b7da6b991256d3c4f7650057f2b6668349df6139182166ba", 0x84}, {&(0x7f0000000880)="e43a2fba661405bf08725ea44597ea8baeb7f22b5958f24013f5fdebe3bbc225dda8", 0x22}, {&(0x7f00000008c0)="d30e3af69c9d9be0b640a9f524f7580b63bfc5593b4e9460bdbfd7f4ffbef4a8639924da03baa6926a5be6397c11bf565a20420c5d5b904ee3070c332207eeb45e93ed3922faca05897670dcc9186fb9108223d043d62767", 0x58}, {&(0x7f0000000940)="8b07760296ce46df610fe85d0d9c3d857894543c641150ec0988915694b3c09068e017809ee11d48a47d0c11c8e46caacdab44c453b34e9eeea07a7017b99619e2", 0x41}, {&(0x7f00000009c0)="ae0d341c7480e44043af1a31312c8e9109fd1d03bc90767b8755641bccbaca6110c81c3b3ff3ba62e944c8c7483054f44060408f6293a63ea31e74e91a0c30685c217e73fdc3d35a4a5ea1a4349c452234b8f32aa13193d21af57906d9a8e4155a30e749a0bdd43ba3ed322067e4b71f793c632b081cd5b5d96624a15cb9e24b781c72263df381491e64db25f67feea1078ea39aa6a8604ef6c9660710678120a27d9b3b1593f8e17fc9ac39e2f8a4233dff4fb2b2f3dcce4908b7aa5c943c63612d03001715512d9aa347a2915f3c37c4252dd0369cc7d434899a7cd1a8fb86002c1d22c8d2192e05e05d7198fb0e83ec3cae29270ed69c65e0d676b34b5b6763b7b14cf9029a1c1f396b8339b311a236c771b9ad77a1e5f3404884cf3b78328126473b0afc2865ce3c7f7ac4f2a75f071647810fe709f4eea5ac5eaa111095991f133a447a91aebc8f348e3fb39e2f0b1e0ae3983b60c25b51d4366927548072f7eed8cee07ecf94cfa0651f83f7cceb5a9a905404dadb7c4609a995801bbbd654a8fd3e5ff099ac3e677b94121f6595587dab3e5f5a3c89fa86bf60253954b50d4eac0d054da5e6e05415be0393da7995bdaf30137fdc9c42ef89e14670fcf64b3a464e4f8ebd848ab2acce53ec48c621f35d3b65aab2ea5a7a3ba14f54e49a5e4a08d4f143593e906fd3f8e36752e1206f297f246268110dec90949feac3e18029e84b21d9dc25dc51b240cbbb1578e5db8190cf290269547af78bafb5a8707da7d2c896d4ae8231c5c0192377dc44d11251c49b53bd188ecce85bdc724641255febff1bf9d1d85b4f7a0aeed66348e7be01dbbeeaa96852a817c97bc94c3d403a7f647c7ca37275830663f7b95e7d8ffbab68445c0525f8ea6d20eae508950796d9840e66c41f450d51d9ea755b1b17e40b90e59d93b720288288c57a7c8714cb7b6f12b9a49a2b9fbb5ca6486e0da937f0dda0d8679b5fe62ebea319ee0b60df5e6c054f23cacf63566e9965ea395a77436224056824a92c0e65b19f656538473050bdaec916c67f70bb90f15b733ef8f0b035403922a598803a7a030acf7d5c85bc7705e231be46ce8838c228c33133dcdb28ef22e5dc86ad477d2f1d437be6f297e1fdc3a5b1f60b57c7e67ace9e4ede6f8f6b09381dad976914a9780861f3db23ddca589d750065e4695f5f83f04e86f9d5b75fb2afd203c565563a1bf934b70376db0ae2d4d6e1cbdb1d0014aefae8f605626fe4bafa5241db2a3a84c5cb05a791a92b41a473af60c84aec1fdc88a5c18e025569cca3b763e97f0e7b2f51288522945a22ecae673527f5869b91f764b6d0d414f66e6208e3b126ba66fb8206d15b6f6c373cc506b1b6700449a5f1336247e0cc69d378f8d789553c3ee158b6a252bdb1a78b24c020851635bde2e4868faaf938c49d85e096f4e4a769c1ea06f6fdda261977bb5783ce557ca08c2c8c983c54a22521482815f934b974fd77822c6ae574ac9789550134c5f53e36d922574194e71d20ec985babab81d918a623cfb2e9a999a8f0a67ad0678b98778a72ff8645db6589069405cf2d41dfacd99aa7d2b1dc3b036212cf817bce20f67ac5872d78455e5ccb629181838e7dbc81c27ecab4e5a0aa7b1375b9b86f0b97168fa1fa4fc2ba0e8dce8cd30e8c127ec888c1ba5fdbb0b846aea63a4dc7f639302de670cbfcadca0478e3fe7432c7d5115be03273468a7974c5ff9c0fa34961a6eb4a2d60946522aae5f196be050bdf7f7641c90b0012772551e34ce5705322ece89b40e575d2cf0dad869b019d49885e5498494f94636359e287de63f150a0b2c7a6ce657685ffa579fa9dbc60dd7fea9892e8601e718877b7c17ae36e14ec41daa631d3091dd8a5ee06a1992a2e856629df060baaad9d90a7284d071ebfd20957580feb0c4f31282b217ddb3608f4fc47ea0568779aac588fcdc8f7f0721289b4c397f597b9c2b1a990fe9ebe4a07e811a784f11ef65568232978fc522ccb9af152e9d4ec024e41e4281f31c0d0ff723a6c6b53ed37ba747138ec33917c6104c25d7919128a82bc0c13fd7568c02af134a3c27aaed184accf5301fe88e1c1be076143a2570084ccb6a12ad7936914664d7df459a239d8d20aae3b83dde294854004441e75cdb62f893b625a61a0a54a720b2f9b0862813743d47b229c2f41ec15246c5d4602c56b3c93ad98c9edd3a78323163b9db24a06572f6ba10506ceb34de073b5c9f2e9814e4016b6214f6ca2e32d63e37a954199c6741dd6560d130bf6d4d93ecf48337e279c0df470e0a9d8ff55333504830a89acf976fa7bc3348195843ea78d98e2d46e8902816ceeea94b61fa90ba22e4217b3dd56f3ddf423293f533b6c0e3ee3eec3ced5f9d56ad3ee69a33b936d94f3f5bcb58fabc9385b7172c0b247b9773e4f7940662e123e56fbab950f565516ec958b8e8fcc955e3bf079611c07d90a9ce63e51d78f7c4563843dd2152843027c98426f5999e32a7fa30748ccb613b1c7a75fdebcc7955baa1c47fb6420cf2e1464d6c4892a509ad0d231e2d72c49d366f91b4148aee972409dcd4898b3e8c0778b6bd9a251e22a93bef1b184aba0c05c30f7edee71ade48545f417ec73c740183b649b26870a443c553d2412d8b64aa3ef1f6175ba1fdf6c67a43f246da233a115050600ff451192717fcebba9bb0428848349b6d7d7fbaecd147ee45d1816109a96e86c7096582fc43ae7f2b3287bd4311e54768022625b4d09465ee61aaccf8b1611d6f4b9a8732a47798f48e39fbd1f163a90c6b3be35a35b77282ae166cfcd1c413856a125c80abf438aa60f17c79525892d4d169c474d97fe533afe2e73bf10b64d29bc48df54d726a6022b924360c162a01a6ae29db910739cb9eecd2538df4b114e44f65f6d7ac01576ab51ea2178d339f1eb7b8c0576f35d85fdcd80364c1d40d190ab3048fe11eaf0b46d8c2d2d96b135baf690e13be50a26e5789267de3371cb53426ac649393561417d6fa176c7f58727af8fae606dbf1b3a3782e6c49b8412ea60cc818b109d6a70689fdea8b29fc9ec18b816949609585c060b7fb4efebbbdda6aefbad8733ae4f02975edbac9f8ebf02fa13f19ecb6c486a149aa53b2acd8e356e5221e2842e2e4d2af628240546d4628073807aaf94cbee286a198d340c89e740ca289a1eb6c2c43a3d561fc3a4458bba7e29684e2dd4512f7b737c7d0a4139c686a0d36a6178e11d378ee5b022938f3649f812ba14961e870015500d6a52c6530f7ac3ba56302c1d9f794579248c9af20b0289166a8c97e775af079fcf50266b056792fb36909ab3be8723acbd16f32f6d1a143a2ef23005cf9c862f94603a9a982a089c1ed8ac20f1459afa0727fe5eb1c1ad5a049055e14666fff14622f882c090379908eea1319d280d496e842bfd9ac923c4852be7f40bb74b0481f480d7aac71842a919b936036da26098a062eba3139afbfaee673efbf90134aad3fb573738047681b6ec5934fc1bf649adfa9c129145502762cf622ffd28244a5867d400413c236b99f472acb4cf640b0737b555490cf737ccd25ed026c38f59fc7550f5651b1b77a8a8834ecfeafc9f6d9d86cfcdffb9840e476d334864d969ca06ba7ec2885a9db4543e9d3aa616c0298869af87a3ed9cbc00fa39e1b29c1b4a54a5b14e8d302682542d0dffdc54b56b97730303baccf965035ac375d54c6905f6470694c11665c03690c6313da19976fdf4ab0bc7c28aebfee5ff3d57e93ffe866bd971d62405567a7659199ff1dcc1affef8b4eebd96d66ed87dba69dfd919b573fcacb41378f2b71421a16981bf788561138fd23f2722ab201436df6db3da0a2934dd48fc3c775e09b4c3ef895b5a62aab8a5f820b1b939d31ecf802de1aa7a7c28232fb0c09001ad0be29df21163107d68964a957f71a573269b9f8a42b1b53263dc7cba463a6431397dc6524f5cf7884293318864e1bd43288af9b88bd5dbefa8b2522ee7d2383e95584dabaecc4b7a3bf8721c268bddbe572a6fb29fa86a52914aa559b060f73e5159a456e2a604d3cf1a9dba0578b2cfa1897ce796ef321e14d66d1c45db823ae8a826f7dff83c3f40194ed5ad844836a6173ea7f45fca0d6e6ec61df3b7099d5e45b67b76d9f1926d638841b19d3df02560b96f42022db4658bb0244d30892c5fa16726f5cd49238d10e6e306a8f887b1a7d0fde1f9131d8c1b2cf017d4429c66af31e694b239bbeae2374d8c9259a56fb4b436ac54dc223bf03e000e52ebd6fc2b19efb10ca815454ce7b4dba8840c6556e71fe6913bba4581d8f3ae39a7a8e1c9fb382ba59d5846fdd876a9ae78602b3bb171254bb42fc1470ab33f503bf23f438043658672ee81ed037990b735683cbe7c980315a04bbb771bddb61afe8973268f7ab9d75dbf9c9e41dd2682bfc76515e8fe5357f7fa39eb351563aefb019f8b861c54337601eb148ff22a8d48b6824d8290c2e6b3ba02c874ec8a01c2e5714d2effd17cc97a94115b62d9f4b2437e11e2d1c5ca7fa3e1fb93afc406cb4bef02b56edbda7630b82057aa89508b4da234eed02bec1450b84f274ca33c39bfb8ee496a74deeebf2953deb7dc16b942d9bd9971e51b1d122dc1063ca40709b2be0fa690f85b52d5d729add5d77c2a6991650af308677fa5c1fa6060a793bda6adced7a6986bf34e4a17c100165959bcdfc137af1235ced1368efa15ee08b72d231bc50dcb87f56cd4b967bb6d78245ac1c07061ede0029a12b09ec30a9265404bd9b08dfc149209e2050c9b4e5b8e252512b1d22c6f0ac19c185988188bb4f9452c67375b4ae0398d6a7399f720f1238b984311f230231eb43e4277c463cbde0ed0f8305c0e60eeb275e59b7767c01910e0ffcea83bcf5bc43a6b0cc3d032049c2367c478ca9e4ebd7fb5982777d56cd46ce94b5e0df98b07263c9d850b8b73f6c82ccec9682c556a0625d4d0eb72e0d7f7963dca3eec5d2def70d16fe5b3188890380f4bd6ae8b76b603b7dae1f72f13777ee993250fb860874dfa0660a98a0af98c00c0528b0db5a7dd6608a01a6e4e7eccb9a0ab897f6a7708d9d558f6bf6c11a8cc614cf0b8b36ddc86a747ad27e2d7517162a7aa315c12ba750e584f2085dbaf226e96f547e6fa65796c8f9fcb9732f8971f37ced88bbbf9bad4f60470ee214bdc77c9c850be758f023690ebe035f79d8c830f7aa180981db2ea321231670cdba997641fa40cb7b7d32ff9cc089c8b69fc45fd5a1c66cd529bb575f13440a05bb9a506fa6bf90617928e829898198422bb1b6fc4d739f2941847237874f75a893e7fd40ee59f9718672acec20ec17858efb57d222f1ddff3afd693d1e32d05f767b994b8806f89524ac5212832296a62fedaca798f860965c7bda52ce731c8e659c30a56c7d8b831d74b91ad4cbff8cab8ecd5a3435cddf381a2415fd35d97e840988e6ab3d3482ee5ef8f9bd07d05838de77e5f1e7abaaa808db1fa6c36886849ccb57c815a09e891f238c1e18690cfb88aed3bb642465a0d0d29354c996fd89003138619f04cbc0f132eb3e43125d05e11459bfedfb88a7d0beebe0efbfa046813797b4e5ae7548a2b0e8dd4f2d86dc98999fe3155aa7bc266943a17e14d196510d8073d217269a1f7439a1747f1728729afc79783528e301d437bddc480bc7d06fca95141ac8c8b393946040d3b6c7b6ea3f2c323e20eddcbf6add0debaa8b5fe166cd4a4027a6a1697ade2c32dd49fa288ef7dbada95151af825c455912edbc878", 0x1000}], 0x5, 0x0, 0x0, 0x1}, {&(0x7f0000001a40)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000001c00)=[{&(0x7f0000001ac0)="e3d704a315ecc79320192a0e4a81b1c46d142136caf3d4b37e84eb98a3431a9dcaa2a82361b615ce63960ad5d47d71846285e00de4b471fc6fdc6ddd09a804eef19cc3cbda1390900b15faf15e1fad63ad289883ca6629783c8d93f090f82591680aee20f6d9f132aa02fe4f6bbb3f32c5b915a0e64c6b6710beaad861145d62e37a2f12b0a2fadb607ee1e52cba24e751055fd24adae5389ddfb092f81b2d3e98fcb3893892cee951f1ff860c1255c5c10823b0d5620d", 0xb7}, {&(0x7f0000001b80)="9d29ea5f5f77be4b6aae10e9e404e08d47fe7adbb63dd797fe4a5c48b6eeb35832d2a2f79e30e008cbed831ee679a59df3e883d26d2497b3913e49774d4a4b8c4f5129a355eab0b808095bde59941975a235f4067d7f85a5e5c61c6ddc7c10424848ed3d3088583ff84f3cc25b8d4737045a22f58ee0bff3d4d28ec4b4ef98dd", 0x80}], 0x2, &(0x7f0000001e80)=[@cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @rights={0x18, 0x1, 0x1, [r3]}], 0x58, 0x814}], 0x3, 0x8000) 06:13:46 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x20000, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) ppoll(&(0x7f0000000000)=[{r1}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000280), 0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f00000001c0)={{0x80}, "706f72ff070000000000000000000000000b000000000000000000001f0000ffffff03000000ef000003ff02000000000012000000000000004000000600", 0xc7, 0x80003}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x2000000080003, 0x0) bind$netlink(r0, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc) close(r1) openat(r0, &(0x7f0000000080)='./file0\x00', 0x400040, 0x0) close(r2) 06:13:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r1, &(0x7f00000001c0)={r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) mlock(&(0x7f0000016000/0x3000)=nil, 0x3000) syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x1) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:47 executing program 2: r0 = socket$kcm(0xa, 0x122000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000003840)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000340)=[{&(0x7f00000037c0)="d90d0000768606681d012f629c75adfa4208d5febf524a024aface6a6ac7d846ed2fa163e15ffb5033e9ad60d7a8a295b90bf9cc8578ec03a10c48d401050b0a2f858ad2c4aa592d", 0x48}], 0x1}, 0x0) r1 = memfd_create(&(0x7f0000000040)='^@keyringppp0self#-em0\x00', 0x1) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r1, 0x4) 06:13:47 executing program 0: getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000140)=@assoc_value, &(0x7f0000000040)=0x8) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x1, 0xfffffffffffffffc}, 0x4) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg(r1, &(0x7f00000092c0), 0x4f, 0x0) clock_gettime(0x6, &(0x7f0000000080)) [ 603.779737] not chained 50000 origins [ 603.781671] CPU: 0 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 603.781671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.781671] Call Trace: [ 603.781671] dump_stack+0x32d/0x480 [ 603.781671] kmsan_internal_chain_origin+0x222/0x240 [ 603.781671] ? gre_tap_xmit+0x4e3/0x910 [ 603.781671] ? ip6_finish_output+0xc13/0xca0 [ 603.781671] ? ip6_output+0x5e4/0x720 [ 603.781671] ? ip6_local_out+0x164/0x1d0 [ 603.781671] ? ip6_send_skb+0xf6/0x3b0 [ 603.781671] ? udp_v6_send_skb+0x113f/0x1df0 [ 603.832170] ? udpv6_sendmsg+0x43e5/0x4960 [ 603.832170] ? inet_sendmsg+0x4e9/0x800 [ 603.832170] ? ___sys_sendmsg+0xe68/0x1250 [ 603.832170] ? __sys_sendmmsg+0x56b/0xa90 [ 603.832170] ? __se_sys_sendmmsg+0xbd/0xe0 [ 603.832170] ? __x64_sys_sendmmsg+0x56/0x70 [ 603.832170] ? do_syscall_64+0xcf/0x110 [ 603.832170] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.832170] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 603.876153] ? __module_address+0x6a/0x610 [ 603.876153] ? is_bpf_text_address+0x3e5/0x4d0 [ 603.876153] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 603.876153] ? is_bpf_text_address+0x49e/0x4d0 [ 603.876153] ? kmsan_internal_chain_origin+0x90/0x240 [ 603.876153] ? get_stack_info+0x863/0x9d0 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] ? inet_sendmsg+0x4e9/0x800 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] ? inet_sendmsg+0x4e9/0x800 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] ? inet_sendmsg+0x4e9/0x800 [ 603.876153] ? kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] ? __msan_memcpy+0x6f/0x80 [ 603.876153] ? pskb_expand_head+0x43b/0x1d20 [ 603.876153] ? gre_tap_xmit+0x4e3/0x910 [ 603.876153] ? dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] ? sch_direct_xmit+0x59b/0x890 [ 603.876153] ? __qdisc_run+0x1bac/0x3600 [ 603.876153] ? __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] ? dev_queue_xmit+0x4b/0x60 [ 603.876153] ? ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ? ip6_finish_output+0xc13/0xca0 [ 603.876153] ? ip6_output+0x5e4/0x720 [ 603.876153] ? ip6_local_out+0x164/0x1d0 [ 603.876153] ? ip6_send_skb+0xf6/0x3b0 [ 603.876153] ? udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] ? udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] ? inet_sendmsg+0x4e9/0x800 [ 603.876153] ? ___sys_sendmsg+0xe68/0x1250 [ 603.876153] ? __sys_sendmmsg+0x56b/0xa90 [ 603.876153] ? __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] ? __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] ? do_syscall_64+0xcf/0x110 [ 603.876153] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 603.876153] ? memcg_kmem_put_cache+0x8e/0x460 [ 603.876153] ? __msan_get_context_state+0x9/0x30 [ 603.876153] ? INIT_INT+0xc/0x30 [ 603.876153] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] ? gre_tap_init+0x650/0x650 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] ? __msan_get_context_state+0x9/0x30 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ? validate_xmit_skb+0x1780/0x1780 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ? ip6_output+0x720/0x720 [ 603.876153] ? ac6_seq_show+0x200/0x200 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] ? ip_copy_metadata+0x1710/0x1710 [ 603.876153] ? __msan_poison_alloca+0x1e0/0x2b0 [ 603.876153] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 603.876153] ? security_socket_sendmsg+0x1bd/0x200 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] ? inet_getname+0x490/0x490 [ 603.876153] ? __msan_poison_alloca+0x1e0/0x2b0 [ 603.876153] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 603.876153] ? rcu_all_qs+0x3b/0x310 [ 603.876153] ? _cond_resched+0x59/0x120 [ 603.876153] ? rcu_all_qs+0x53/0x310 [ 603.876153] ? _cond_resched+0x37/0x120 [ 603.876153] ? __sys_sendmmsg+0x7c9/0xa90 [ 603.876153] ? _cond_resched+0x59/0x120 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] ? syscall_return_slowpath+0x123/0x8c0 [ 603.876153] ? put_timespec64+0x162/0x220 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] RIP: 0033:0x457569 [ 603.876153] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 603.876153] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 603.876153] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 603.876153] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 603.876153] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 603.876153] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 603.876153] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Uninit was stored to memory at: [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] __msan_chain_origin+0x6d/0xd0 [ 603.876153] __save_stack_trace+0x8be/0xc60 [ 603.876153] save_stack_trace+0xc6/0x110 [ 603.876153] kmsan_internal_chain_origin+0x136/0x240 [ 603.876153] kmsan_memcpy_origins+0x13d/0x1b0 [ 603.876153] __msan_memcpy+0x6f/0x80 [ 603.876153] pskb_expand_head+0x43b/0x1d20 [ 603.876153] gre_tap_xmit+0x4e3/0x910 [ 603.876153] dev_hard_start_xmit+0x6dc/0xe00 [ 603.876153] sch_direct_xmit+0x59b/0x890 [ 603.876153] __qdisc_run+0x1bac/0x3600 [ 603.876153] __dev_queue_xmit+0x2131/0x3e00 [ 603.876153] dev_queue_xmit+0x4b/0x60 [ 603.876153] ip6_finish_output2+0x1a5b/0x22d0 [ 603.876153] ip6_finish_output+0xc13/0xca0 [ 603.876153] ip6_output+0x5e4/0x720 [ 603.876153] ip6_local_out+0x164/0x1d0 [ 603.876153] ip6_send_skb+0xf6/0x3b0 [ 603.876153] udp_v6_send_skb+0x113f/0x1df0 [ 603.876153] udpv6_sendmsg+0x43e5/0x4960 [ 603.876153] inet_sendmsg+0x4e9/0x800 [ 603.876153] ___sys_sendmsg+0xe68/0x1250 [ 603.876153] __sys_sendmmsg+0x56b/0xa90 [ 603.876153] __se_sys_sendmmsg+0xbd/0xe0 [ 603.876153] __x64_sys_sendmmsg+0x56/0x70 [ 603.876153] do_syscall_64+0xcf/0x110 [ 603.876153] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 603.876153] [ 603.876153] Local variable description: ----_type.i@icmp6_send [ 603.876153] Variable was created at: [ 603.876153] icmp6_send+0x171/0x3ca0 [ 603.876153] icmpv6_send+0xe5/0x110 [ 605.243187] not chained 60000 origins [ 605.247112] CPU: 0 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 605.251689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.251689] Call Trace: [ 605.251689] dump_stack+0x32d/0x480 [ 605.251689] kmsan_internal_chain_origin+0x222/0x240 [ 605.251689] ? gre_tap_xmit+0x4e3/0x910 [ 605.251689] ? ip6_finish_output+0xc13/0xca0 [ 605.251689] ? ip6_output+0x5e4/0x720 [ 605.251689] ? ip6_local_out+0x164/0x1d0 [ 605.251689] ? ip6_send_skb+0xf6/0x3b0 [ 605.251689] ? udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] ? udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] ? inet_sendmsg+0x4e9/0x800 [ 605.251689] ? ___sys_sendmsg+0xe68/0x1250 [ 605.251689] ? __sys_sendmmsg+0x56b/0xa90 [ 605.251689] ? __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] ? __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] ? do_syscall_64+0xcf/0x110 [ 605.251689] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 605.251689] ? __module_address+0x6a/0x610 [ 605.251689] ? is_bpf_text_address+0x3e5/0x4d0 [ 605.251689] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 605.251689] ? is_bpf_text_address+0x49e/0x4d0 [ 605.251689] ? kmsan_internal_chain_origin+0x90/0x240 [ 605.251689] ? get_stack_info+0x863/0x9d0 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] ? kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] ? kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] ? inet_sendmsg+0x4e9/0x800 [ 605.251689] ? kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] ? __msan_memcpy+0x6f/0x80 [ 605.251689] ? pskb_expand_head+0x43b/0x1d20 [ 605.251689] ? gre_tap_xmit+0x4e3/0x910 [ 605.251689] ? dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] ? sch_direct_xmit+0x59b/0x890 [ 605.251689] ? __qdisc_run+0x1bac/0x3600 [ 605.251689] ? __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] ? dev_queue_xmit+0x4b/0x60 [ 605.251689] ? ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ? ip6_finish_output+0xc13/0xca0 [ 605.251689] ? ip6_output+0x5e4/0x720 [ 605.251689] ? ip6_local_out+0x164/0x1d0 [ 605.251689] ? ip6_send_skb+0xf6/0x3b0 [ 605.251689] ? udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] ? udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] ? inet_sendmsg+0x4e9/0x800 [ 605.251689] ? ___sys_sendmsg+0xe68/0x1250 [ 605.251689] ? __sys_sendmmsg+0x56b/0xa90 [ 605.251689] ? __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] ? __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] ? do_syscall_64+0xcf/0x110 [ 605.251689] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 605.251689] ? memcg_kmem_put_cache+0x8e/0x460 [ 605.251689] ? __msan_get_context_state+0x9/0x30 [ 605.251689] ? INIT_INT+0xc/0x30 [ 605.251689] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] ? gre_tap_init+0x650/0x650 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] ? __msan_get_context_state+0x9/0x30 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ? validate_xmit_skb+0x1780/0x1780 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ? ip6_output+0x720/0x720 [ 605.251689] ? ac6_seq_show+0x200/0x200 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] ? ip_copy_metadata+0x1710/0x1710 [ 605.251689] ? __msan_poison_alloca+0x1e0/0x2b0 [ 605.251689] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 605.251689] ? security_socket_sendmsg+0x1bd/0x200 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] ? kmsan_set_origin+0x83/0x130 [ 605.251689] ? inet_getname+0x490/0x490 [ 605.251689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 605.251689] ? kmsan_set_origin+0x83/0x130 [ 605.251689] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 605.251689] ? _cond_resched+0xc7/0x120 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] ? syscall_return_slowpath+0x123/0x8c0 [ 605.251689] ? put_timespec64+0x162/0x220 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] RIP: 0033:0x457569 [ 605.251689] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 605.251689] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 605.251689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 605.251689] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 605.251689] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 605.251689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 605.251689] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Uninit was stored to memory at: [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] __msan_chain_origin+0x6d/0xd0 [ 605.251689] __save_stack_trace+0x8be/0xc60 [ 605.251689] save_stack_trace+0xc6/0x110 [ 605.251689] kmsan_internal_chain_origin+0x136/0x240 [ 605.251689] kmsan_memcpy_origins+0x13d/0x1b0 [ 605.251689] __msan_memcpy+0x6f/0x80 [ 605.251689] pskb_expand_head+0x43b/0x1d20 [ 605.251689] gre_tap_xmit+0x4e3/0x910 [ 605.251689] dev_hard_start_xmit+0x6dc/0xe00 [ 605.251689] sch_direct_xmit+0x59b/0x890 [ 605.251689] __qdisc_run+0x1bac/0x3600 [ 605.251689] __dev_queue_xmit+0x2131/0x3e00 [ 605.251689] dev_queue_xmit+0x4b/0x60 [ 605.251689] ip6_finish_output2+0x1a5b/0x22d0 [ 605.251689] ip6_finish_output+0xc13/0xca0 [ 605.251689] ip6_output+0x5e4/0x720 [ 605.251689] ip6_local_out+0x164/0x1d0 [ 605.251689] ip6_send_skb+0xf6/0x3b0 [ 605.251689] udp_v6_send_skb+0x113f/0x1df0 [ 605.251689] udpv6_sendmsg+0x43e5/0x4960 [ 605.251689] inet_sendmsg+0x4e9/0x800 [ 605.251689] ___sys_sendmsg+0xe68/0x1250 [ 605.251689] __sys_sendmmsg+0x56b/0xa90 [ 605.251689] __se_sys_sendmmsg+0xbd/0xe0 [ 605.251689] __x64_sys_sendmmsg+0x56/0x70 [ 605.251689] do_syscall_64+0xcf/0x110 [ 605.251689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 605.251689] [ 605.251689] Local variable description: ----_type.i@icmp6_send [ 605.251689] Variable was created at: [ 605.251689] icmp6_send+0x171/0x3ca0 [ 605.251689] icmpv6_send+0xe5/0x110 [ 606.677159] not chained 70000 origins [ 606.681065] CPU: 0 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 606.681633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.681633] Call Trace: [ 606.681633] dump_stack+0x32d/0x480 [ 606.701682] kmsan_internal_chain_origin+0x222/0x240 [ 606.701682] ? gre_tap_xmit+0x4e3/0x910 [ 606.701682] ? ip6_finish_output+0xc13/0xca0 [ 606.701682] ? ip6_output+0x5e4/0x720 [ 606.701682] ? ip6_local_out+0x164/0x1d0 [ 606.701682] ? ip6_send_skb+0xf6/0x3b0 [ 606.701682] ? udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] ? udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] ? inet_sendmsg+0x4e9/0x800 [ 606.701682] ? ___sys_sendmsg+0xe68/0x1250 [ 606.701682] ? __sys_sendmmsg+0x56b/0xa90 [ 606.701682] ? __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] ? __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] ? do_syscall_64+0xcf/0x110 [ 606.701682] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 606.701682] ? __module_address+0x6a/0x610 [ 606.701682] ? is_bpf_text_address+0x3e5/0x4d0 [ 606.701682] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 606.701682] ? is_bpf_text_address+0x49e/0x4d0 [ 606.701682] ? kmsan_internal_chain_origin+0x90/0x240 [ 606.701682] ? get_stack_info+0x863/0x9d0 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] ? ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] ? ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] ? inet_sendmsg+0x4e9/0x800 [ 606.701682] ? kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] ? __msan_memcpy+0x6f/0x80 [ 606.701682] ? pskb_expand_head+0x43b/0x1d20 [ 606.701682] ? gre_tap_xmit+0x4e3/0x910 [ 606.701682] ? dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] ? sch_direct_xmit+0x59b/0x890 [ 606.701682] ? __qdisc_run+0x1bac/0x3600 [ 606.701682] ? __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] ? dev_queue_xmit+0x4b/0x60 [ 606.701682] ? ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ? ip6_finish_output+0xc13/0xca0 [ 606.701682] ? ip6_output+0x5e4/0x720 [ 606.701682] ? ip6_local_out+0x164/0x1d0 [ 606.701682] ? ip6_send_skb+0xf6/0x3b0 [ 606.701682] ? udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] ? udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] ? inet_sendmsg+0x4e9/0x800 [ 606.701682] ? ___sys_sendmsg+0xe68/0x1250 [ 606.701682] ? __sys_sendmmsg+0x56b/0xa90 [ 606.701682] ? __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] ? __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] ? do_syscall_64+0xcf/0x110 [ 606.701682] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 606.701682] ? memcg_kmem_put_cache+0x8e/0x460 [ 606.701682] ? __msan_get_context_state+0x9/0x30 [ 606.701682] ? INIT_INT+0xc/0x30 [ 606.701682] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] ? gre_tap_init+0x650/0x650 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] ? __msan_get_context_state+0x9/0x30 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ? validate_xmit_skb+0x1780/0x1780 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ? ip6_output+0x720/0x720 [ 606.701682] ? ac6_seq_show+0x200/0x200 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] ? ip_copy_metadata+0x1710/0x1710 [ 606.701682] ? __msan_poison_alloca+0x1e0/0x2b0 [ 606.701682] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 606.701682] ? security_socket_sendmsg+0x1bd/0x200 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] ? kmsan_set_origin+0x83/0x130 [ 606.701682] ? inet_getname+0x490/0x490 [ 606.701682] ? __msan_poison_alloca+0x1e0/0x2b0 [ 606.701682] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 606.701682] ? rcu_all_qs+0x3b/0x310 [ 606.701682] ? _cond_resched+0x59/0x120 [ 606.701682] ? rcu_all_qs+0x53/0x310 [ 606.701682] ? _cond_resched+0x37/0x120 [ 606.701682] ? __sys_sendmmsg+0x7c9/0xa90 [ 606.701682] ? _cond_resched+0x59/0x120 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] ? syscall_return_slowpath+0x123/0x8c0 [ 606.701682] ? put_timespec64+0x162/0x220 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] RIP: 0033:0x457569 [ 606.701682] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 606.701682] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 606.701682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 606.701682] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 606.701682] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 606.701682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 606.701682] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Uninit was stored to memory at: [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] __msan_chain_origin+0x6d/0xd0 [ 606.701682] __save_stack_trace+0x8be/0xc60 [ 606.701682] save_stack_trace+0xc6/0x110 [ 606.701682] kmsan_internal_chain_origin+0x136/0x240 [ 606.701682] kmsan_memcpy_origins+0x13d/0x1b0 [ 606.701682] __msan_memcpy+0x6f/0x80 [ 606.701682] pskb_expand_head+0x43b/0x1d20 [ 606.701682] gre_tap_xmit+0x4e3/0x910 [ 606.701682] dev_hard_start_xmit+0x6dc/0xe00 [ 606.701682] sch_direct_xmit+0x59b/0x890 [ 606.701682] __qdisc_run+0x1bac/0x3600 [ 606.701682] __dev_queue_xmit+0x2131/0x3e00 [ 606.701682] dev_queue_xmit+0x4b/0x60 [ 606.701682] ip6_finish_output2+0x1a5b/0x22d0 [ 606.701682] ip6_finish_output+0xc13/0xca0 [ 606.701682] ip6_output+0x5e4/0x720 [ 606.701682] ip6_local_out+0x164/0x1d0 [ 606.701682] ip6_send_skb+0xf6/0x3b0 [ 606.701682] udp_v6_send_skb+0x113f/0x1df0 [ 606.701682] udpv6_sendmsg+0x43e5/0x4960 [ 606.701682] inet_sendmsg+0x4e9/0x800 [ 606.701682] ___sys_sendmsg+0xe68/0x1250 [ 606.701682] __sys_sendmmsg+0x56b/0xa90 [ 606.701682] __se_sys_sendmmsg+0xbd/0xe0 [ 606.701682] __x64_sys_sendmmsg+0x56/0x70 [ 606.701682] do_syscall_64+0xcf/0x110 [ 606.701682] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 606.701682] [ 606.701682] Local variable description: ----_type.i@icmp6_send [ 606.701682] Variable was created at: [ 606.701682] icmp6_send+0x171/0x3ca0 [ 606.701682] icmpv6_send+0xe5/0x110 [ 608.126553] not chained 80000 origins [ 608.130366] CPU: 1 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 608.131625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 608.131625] Call Trace: [ 608.131625] dump_stack+0x32d/0x480 [ 608.131625] kmsan_internal_chain_origin+0x222/0x240 [ 608.131625] ? gre_tap_xmit+0x4e3/0x910 [ 608.131625] ? ip6_finish_output+0xc13/0xca0 [ 608.131625] ? ip6_output+0x5e4/0x720 [ 608.131625] ? ip6_local_out+0x164/0x1d0 [ 608.131625] ? ip6_send_skb+0xf6/0x3b0 [ 608.131625] ? udp_v6_send_skb+0x113f/0x1df0 [ 608.131625] ? udpv6_sendmsg+0x43e5/0x4960 [ 608.131625] ? inet_sendmsg+0x4e9/0x800 [ 608.131625] ? ___sys_sendmsg+0xe68/0x1250 [ 608.131625] ? __sys_sendmmsg+0x56b/0xa90 [ 608.131625] ? __se_sys_sendmmsg+0xbd/0xe0 [ 608.131625] ? __x64_sys_sendmmsg+0x56/0x70 [ 608.131625] ? do_syscall_64+0xcf/0x110 [ 608.131625] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.131625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 608.131625] ? __module_address+0x6a/0x610 [ 608.131625] ? is_bpf_text_address+0x3e5/0x4d0 [ 608.131625] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 608.131625] ? is_bpf_text_address+0x49e/0x4d0 [ 608.131625] ? kmsan_internal_chain_origin+0x90/0x240 [ 608.131625] ? get_stack_info+0x863/0x9d0 [ 608.131625] __msan_chain_origin+0x6d/0xd0 [ 608.131625] ? __se_sys_sendmmsg+0xbd/0xe0 [ 608.131625] __save_stack_trace+0x8be/0xc60 [ 608.131625] ? __se_sys_sendmmsg+0xbd/0xe0 [ 608.131625] save_stack_trace+0xc6/0x110 [ 608.131625] kmsan_internal_chain_origin+0x136/0x240 [ 608.131625] ? inet_sendmsg+0x4e9/0x800 [ 608.131625] ? kmsan_internal_chain_origin+0x136/0x240 [ 608.131625] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 608.131625] ? __msan_memcpy+0x6f/0x80 [ 608.131625] ? pskb_expand_head+0x43b/0x1d20 [ 608.131625] ? gre_tap_xmit+0x4e3/0x910 [ 608.131625] ? dev_hard_start_xmit+0x6dc/0xe00 [ 608.131625] ? sch_direct_xmit+0x59b/0x890 [ 608.131625] ? __qdisc_run+0x1bac/0x3600 [ 608.131625] ? __dev_queue_xmit+0x2131/0x3e00 [ 608.131625] ? dev_queue_xmit+0x4b/0x60 [ 608.131625] ? ip6_finish_output2+0x1a5b/0x22d0 [ 608.131625] ? ip6_finish_output+0xc13/0xca0 [ 608.131625] ? ip6_output+0x5e4/0x720 [ 608.131625] ? ip6_local_out+0x164/0x1d0 [ 608.131625] ? ip6_send_skb+0xf6/0x3b0 [ 608.131625] ? udp_v6_send_skb+0x113f/0x1df0 [ 608.131625] ? udpv6_sendmsg+0x43e5/0x4960 [ 608.131625] ? inet_sendmsg+0x4e9/0x800 [ 608.131625] ? ___sys_sendmsg+0xe68/0x1250 [ 608.131625] ? __sys_sendmmsg+0x56b/0xa90 [ 608.131625] ? __se_sys_sendmmsg+0xbd/0xe0 [ 608.131625] ? __x64_sys_sendmmsg+0x56/0x70 [ 608.131625] ? do_syscall_64+0xcf/0x110 [ 608.131625] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.131625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 608.131625] ? memcg_kmem_put_cache+0x8e/0x460 [ 608.131625] ? __msan_get_context_state+0x9/0x30 [ 608.131625] ? INIT_INT+0xc/0x30 [ 608.131625] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 608.131625] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.131625] __msan_memcpy+0x6f/0x80 [ 608.131625] pskb_expand_head+0x43b/0x1d20 [ 608.131625] gre_tap_xmit+0x4e3/0x910 [ 608.131625] ? gre_tap_init+0x650/0x650 [ 608.131625] dev_hard_start_xmit+0x6dc/0xe00 [ 608.131625] sch_direct_xmit+0x59b/0x890 [ 608.131625] __qdisc_run+0x1bac/0x3600 [ 608.131625] ? __msan_get_context_state+0x9/0x30 [ 608.131625] __dev_queue_xmit+0x2131/0x3e00 [ 608.131625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 608.131625] dev_queue_xmit+0x4b/0x60 [ 608.131625] ip6_finish_output2+0x1a5b/0x22d0 [ 608.131625] ? validate_xmit_skb+0x1780/0x1780 [ 608.131625] ip6_finish_output+0xc13/0xca0 [ 608.131625] ip6_output+0x5e4/0x720 [ 608.131625] ? ip6_output+0x720/0x720 [ 608.131625] ? ac6_seq_show+0x200/0x200 [ 608.131625] ip6_local_out+0x164/0x1d0 [ 608.131625] ip6_send_skb+0xf6/0x3b0 [ 608.131625] udp_v6_send_skb+0x113f/0x1df0 [ 608.131625] udpv6_sendmsg+0x43e5/0x4960 [ 608.131625] ? ip_copy_metadata+0x1710/0x1710 [ 608.131625] ? __msan_poison_alloca+0x1e0/0x2b0 [ 608.131625] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 608.131625] inet_sendmsg+0x4e9/0x800 [ 608.131625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 608.131625] ? security_socket_sendmsg+0x1bd/0x200 [ 608.131625] ___sys_sendmsg+0xe68/0x1250 [ 608.131625] ? kmsan_set_origin+0x83/0x130 [ 608.131625] ? inet_getname+0x490/0x490 [ 608.131625] ? __msan_poison_alloca+0x1e0/0x2b0 [ 608.131625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 608.131625] ? rcu_all_qs+0x3b/0x310 [ 608.131625] ? _cond_resched+0x59/0x120 [ 608.131625] ? rcu_all_qs+0x53/0x310 [ 608.131625] ? _cond_resched+0x37/0x120 [ 608.131625] ? __sys_sendmmsg+0x7c9/0xa90 [ 608.131625] ? _cond_resched+0x59/0x120 [ 608.131625] __sys_sendmmsg+0x56b/0xa90 [ 608.131625] ? syscall_return_slowpath+0x123/0x8c0 [ 608.131625] ? put_timespec64+0x162/0x220 [ 608.131625] __se_sys_sendmmsg+0xbd/0xe0 [ 608.131625] __x64_sys_sendmmsg+0x56/0x70 [ 608.131625] do_syscall_64+0xcf/0x110 [ 608.131625] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.131625] RIP: 0033:0x457569 [ 608.131625] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 608.131625] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 608.131625] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 608.131625] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 608.131625] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 608.131625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 608.131625] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 608.131625] Uninit was stored to memory at: [ 608.131625] kmsan_internal_chain_origin+0x136/0x240 [ 608.131625] __msan_chain_origin+0x6d/0xd0 [ 608.131625] __save_stack_trace+0x8be/0xc60 [ 608.131625] save_stack_trace+0xc6/0x110 [ 608.131625] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Uninit was stored to memory at: [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] __msan_chain_origin+0x6d/0xd0 [ 608.696660] __save_stack_trace+0x8be/0xc60 [ 608.696660] save_stack_trace+0xc6/0x110 [ 608.696660] kmsan_internal_chain_origin+0x136/0x240 [ 608.696660] kmsan_memcpy_origins+0x13d/0x1b0 [ 608.696660] __msan_memcpy+0x6f/0x80 [ 608.696660] pskb_expand_head+0x43b/0x1d20 [ 608.696660] gre_tap_xmit+0x4e3/0x910 [ 608.696660] dev_hard_start_xmit+0x6dc/0xe00 [ 608.696660] sch_direct_xmit+0x59b/0x890 [ 608.696660] __qdisc_run+0x1bac/0x3600 [ 608.696660] __dev_queue_xmit+0x2131/0x3e00 [ 608.696660] dev_queue_xmit+0x4b/0x60 [ 608.696660] ip6_finish_output2+0x1a5b/0x22d0 [ 608.696660] ip6_finish_output+0xc13/0xca0 [ 608.696660] ip6_output+0x5e4/0x720 [ 608.696660] ip6_local_out+0x164/0x1d0 [ 608.696660] ip6_send_skb+0xf6/0x3b0 [ 608.696660] udp_v6_send_skb+0x113f/0x1df0 [ 608.696660] udpv6_sendmsg+0x43e5/0x4960 [ 608.696660] inet_sendmsg+0x4e9/0x800 [ 608.696660] ___sys_sendmsg+0xe68/0x1250 [ 608.696660] __sys_sendmmsg+0x56b/0xa90 [ 608.696660] __se_sys_sendmmsg+0xbd/0xe0 [ 608.696660] __x64_sys_sendmmsg+0x56/0x70 [ 608.696660] do_syscall_64+0xcf/0x110 [ 608.696660] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 608.696660] [ 608.696660] Local variable description: ----_type.i@icmp6_send 06:13:53 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000240)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xfffffffffffffec9, 0x0) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f0000000200)=[0x0]) r3 = dup2(r0, r0) connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e) fchown(r0, r1, r2) r4 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r4, &(0x7f00000000c0)=ANY=[], 0xffffffe8) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000600)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f0000000700)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000740)={{{@in6=@mcast2, @in6=@loopback, 0x4e20, 0x6, 0x4e20, 0x5, 0x2, 0xa0, 0xa0, 0x3f, r5, r1}, {0xd1, 0xf1bb, 0xfffffffffffffffa, 0x76f, 0x5, 0x0, 0x9}, {0x0, 0x2, 0x855, 0x2}, 0x7f, 0x6e6bb1, 0x3, 0x1, 0x2, 0x3}, {{@in=@multicast1, 0x4d5, 0x2b}, 0xa, @in=@multicast1, 0x3504, 0x3, 0x0, 0x5, 0x81, 0xd, 0x4}}, 0xe8) r6 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x9, 0x80) ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f00000002c0)={0x80000000, {0x2, 0x4e22, @multicast2}, {0x2, 0x4e22, @loopback}, {0x2, 0x4e22, @multicast1}, 0x10, 0x4, 0x9, 0x2, 0x8, &(0x7f0000000100)='bridge_slave_0\x00', 0x8, 0x9, 0x1}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:13:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fd/3\x00') getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205649, &(0x7f0000000280)={0x990000, 0x100000001, 0x1800000000000000, [], &(0x7f0000000240)={0x9d097c, 0x100, [], @p_u16=&(0x7f0000000200)=0x835}}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:13:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:13:53 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x890e, &(0x7f0000000080)="b7410300ffec01000076605ded96c390c1958f") r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400, 0x4) ioctl$VIDIOC_G_PRIORITY(r1, 0x80045643, 0x2) r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r2, &(0x7f00000001c0)="f72315cc2fad78cc1948fd11435a90bb5f9799ae656f75fd334898b28f820a08000010e4af147df29b1a0ed8d487e5fab0f1d88a9d", 0x35) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f00000000c0)={0x3, 0x7f, 0x9}) accept(r0, &(0x7f0000000200)=@pppol2tpv3in6, &(0x7f0000000100)=0x80) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000340)={@dev, 0x92, 0x1, 0x7fffffffe, 0x200000000000006, 0x0, 0x6, 0xfffffffffffffffe}, 0x20) [ 608.696660] Variable was created at: [ 608.696660] icmp6_send+0x171/0x3ca0 [ 608.696660] icmpv6_send+0xe5/0x110 06:13:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={r3, 0x2}, &(0x7f00000001c0)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) syz_open_dev$midi(&(0x7f0000000300)='/dev/midi#\x00', 0x10001, 0x24002) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r4 = syz_open_dev$audion(&(0x7f0000000200)='/dev/audio#\x00', 0x0, 0x200002) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r4, 0x84, 0x5, &(0x7f0000000240)={r3, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}}}, 0x84) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 609.607061] not chained 90000 origins [ 609.610886] CPU: 0 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 609.611643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.611643] Call Trace: [ 609.627820] dump_stack+0x32d/0x480 [ 609.627820] kmsan_internal_chain_origin+0x222/0x240 [ 609.627820] ? gre_tap_xmit+0x4e3/0x910 [ 609.627820] ? ip6_finish_output+0xc13/0xca0 [ 609.627820] ? ip6_output+0x5e4/0x720 [ 609.627820] ? ip6_local_out+0x164/0x1d0 [ 609.627820] ? ip6_send_skb+0xf6/0x3b0 [ 609.627820] ? udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] ? udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] ? inet_sendmsg+0x4e9/0x800 [ 609.659069] ? ___sys_sendmsg+0xe68/0x1250 [ 609.659069] ? __sys_sendmmsg+0x56b/0xa90 [ 609.659069] ? __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] ? __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] ? do_syscall_64+0xcf/0x110 [ 609.659069] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 609.659069] ? __module_address+0x6a/0x610 [ 609.659069] ? is_bpf_text_address+0x3e5/0x4d0 [ 609.659069] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 609.659069] ? is_bpf_text_address+0x49e/0x4d0 [ 609.659069] ? kmsan_internal_chain_origin+0x90/0x240 [ 609.659069] ? get_stack_info+0x863/0x9d0 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] ? pskb_expand_head+0x43b/0x1d20 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] ? pskb_expand_head+0x43b/0x1d20 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] ? inet_sendmsg+0x4e9/0x800 [ 609.659069] ? kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] ? __msan_memcpy+0x6f/0x80 [ 609.659069] ? pskb_expand_head+0x43b/0x1d20 [ 609.659069] ? gre_tap_xmit+0x4e3/0x910 [ 609.659069] ? dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] ? sch_direct_xmit+0x59b/0x890 [ 609.659069] ? __qdisc_run+0x1bac/0x3600 [ 609.659069] ? __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] ? dev_queue_xmit+0x4b/0x60 [ 609.659069] ? ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ? ip6_finish_output+0xc13/0xca0 [ 609.659069] ? ip6_output+0x5e4/0x720 [ 609.659069] ? ip6_local_out+0x164/0x1d0 [ 609.659069] ? ip6_send_skb+0xf6/0x3b0 [ 609.659069] ? udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] ? udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] ? inet_sendmsg+0x4e9/0x800 [ 609.659069] ? ___sys_sendmsg+0xe68/0x1250 [ 609.659069] ? __sys_sendmmsg+0x56b/0xa90 [ 609.659069] ? __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] ? __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] ? do_syscall_64+0xcf/0x110 [ 609.659069] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 609.659069] ? memcg_kmem_put_cache+0x8e/0x460 [ 609.659069] ? __msan_get_context_state+0x9/0x30 [ 609.659069] ? INIT_INT+0xc/0x30 [ 609.659069] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] ? gre_tap_init+0x650/0x650 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] ? __msan_get_context_state+0x9/0x30 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ? validate_xmit_skb+0x1780/0x1780 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ? ip6_output+0x720/0x720 [ 609.659069] ? ac6_seq_show+0x200/0x200 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] ? ip_copy_metadata+0x1710/0x1710 [ 609.659069] ? __msan_poison_alloca+0x1e0/0x2b0 [ 609.659069] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 609.659069] ? security_socket_sendmsg+0x1bd/0x200 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] ? kmsan_set_origin+0x83/0x130 [ 609.659069] ? inet_getname+0x490/0x490 [ 609.659069] ? __msan_poison_alloca+0x1e0/0x2b0 [ 609.659069] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 609.659069] ? rcu_all_qs+0x3b/0x310 [ 609.659069] ? _cond_resched+0x59/0x120 [ 609.659069] ? rcu_all_qs+0x53/0x310 [ 609.659069] ? _cond_resched+0x37/0x120 [ 609.659069] ? __sys_sendmmsg+0x7c9/0xa90 [ 609.659069] ? _cond_resched+0x59/0x120 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] ? syscall_return_slowpath+0x123/0x8c0 [ 609.659069] ? put_timespec64+0x162/0x220 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] RIP: 0033:0x457569 [ 609.659069] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 609.659069] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 609.659069] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 609.659069] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 609.659069] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 609.659069] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 609.659069] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Uninit was stored to memory at: [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] __msan_chain_origin+0x6d/0xd0 [ 609.659069] __save_stack_trace+0x8be/0xc60 [ 609.659069] save_stack_trace+0xc6/0x110 [ 609.659069] kmsan_internal_chain_origin+0x136/0x240 [ 609.659069] kmsan_memcpy_origins+0x13d/0x1b0 [ 609.659069] __msan_memcpy+0x6f/0x80 [ 609.659069] pskb_expand_head+0x43b/0x1d20 [ 609.659069] gre_tap_xmit+0x4e3/0x910 [ 609.659069] dev_hard_start_xmit+0x6dc/0xe00 [ 609.659069] sch_direct_xmit+0x59b/0x890 [ 609.659069] __qdisc_run+0x1bac/0x3600 [ 609.659069] __dev_queue_xmit+0x2131/0x3e00 [ 609.659069] dev_queue_xmit+0x4b/0x60 [ 609.659069] ip6_finish_output2+0x1a5b/0x22d0 [ 609.659069] ip6_finish_output+0xc13/0xca0 [ 609.659069] ip6_output+0x5e4/0x720 [ 609.659069] ip6_local_out+0x164/0x1d0 [ 609.659069] ip6_send_skb+0xf6/0x3b0 [ 609.659069] udp_v6_send_skb+0x113f/0x1df0 [ 609.659069] udpv6_sendmsg+0x43e5/0x4960 [ 609.659069] inet_sendmsg+0x4e9/0x800 [ 609.659069] ___sys_sendmsg+0xe68/0x1250 [ 609.659069] __sys_sendmmsg+0x56b/0xa90 [ 609.659069] __se_sys_sendmmsg+0xbd/0xe0 [ 609.659069] __x64_sys_sendmmsg+0x56/0x70 [ 609.659069] do_syscall_64+0xcf/0x110 [ 609.659069] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 609.659069] [ 609.659069] Local variable description: ----_type.i@icmp6_send [ 609.659069] Variable was created at: [ 609.659069] icmp6_send+0x171/0x3ca0 [ 609.659069] icmpv6_send+0xe5/0x110 [ 611.203948] *** Guest State *** [ 611.207402] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 611.216540] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 611.225653] CR3 = 0x0000000000000000 [ 611.229400] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 611.235640] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 611.241782] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 611.248537] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 611.256710] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 611.264842] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 611.273017] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 611.281044] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 611.289253] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 611.297444] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 611.305722] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 611.313902] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 611.322050] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 611.330060] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 611.336688] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 611.344296] Interruptibility = 00000001 ActivityState = 00000000 [ 611.350552] *** Host State *** [ 611.353955] RIP = 0xffffffff812c8203 RSP = 0xffff88010908f3c8 [ 611.360001] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 611.366624] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 611.374571] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 611.380486] CR0=0000000080050033 CR3=000000013356b000 CR4=00000000001426e0 [ 611.387711] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 611.394541] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 611.400634] *** Control State *** [ 611.404278] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 611.411002] EntryControls=0000d1ff ExitControls=002fefff [ 611.416645] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 611.423732] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 611.430459] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 611.437325] reason=80000021 qualification=0000000000000003 [ 611.443799] IDTVectoring: info=00000000 errcode=00000000 [ 611.449287] TSC Offset = 0xfffffeb3c94ed15b 06:13:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f0000000100)=0xff0e) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x2, 0x200040) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 611.453815] EPT pointer = 0x0000000109a8301e 06:13:55 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) ioctl$KDGKBENT(r3, 0x4b46, &(0x7f0000000100)={0x80, 0x1000, 0x1000}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000000040)={0xb6ec, 0x4, 0x1, 0xffffffffffffff9c}) ioctl$FICLONERANGE(r4, 0x4020940d, &(0x7f0000000080)={r0, 0x0, 0xffff, 0x0, 0x800}) setsockopt$sock_cred(r1, 0x1, 0x11, 0xfffffffffffffffe, 0x246) 06:13:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) recvmmsg(0xffffffffffffff9c, &(0x7f0000004400)=[{{&(0x7f0000001400)=@llc, 0x80, &(0x7f0000002800)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, &(0x7f0000002880)=""/12, 0xc}}], 0x1, 0x123, &(0x7f00000045c0)) r1 = socket$inet6(0xa, 0x80003, 0x3c) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0xe8, &(0x7f0000000040)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x17}}, @in6={0xa, 0x4e22, 0x2, @loopback, 0x5}, @in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e20, 0x5, @ipv4={[], [], @multicast2}, 0x3}, @in6={0xa, 0x4e24, 0x7ff, @local, 0xffffffff80000000}, @in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x4e20, 0x9, @local, 0x1d}, @in6={0xa, 0x4e20, 0x7f, @mcast1, 0x16c}, @in6={0xa, 0x4e24, 0x9, @loopback, 0x20}, @in={0x2, 0x4e24, @multicast2}]}, &(0x7f00000011c0)=0x10) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000001200)={r2, 0x9}, &(0x7f0000001240)=0x8) sendmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000001180), 0x0, &(0x7f00000011c0)}}], 0x1, 0x0) [ 611.757364] not chained 100000 origins [ 611.761284] CPU: 0 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 611.761688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 611.761688] Call Trace: [ 611.761688] dump_stack+0x32d/0x480 [ 611.761688] kmsan_internal_chain_origin+0x222/0x240 [ 611.761688] ? gre_tap_xmit+0x4e3/0x910 [ 611.790960] ? ip6_finish_output+0xc13/0xca0 [ 611.790960] ? ip6_output+0x5e4/0x720 [ 611.790960] ? ip6_local_out+0x164/0x1d0 [ 611.790960] ? ip6_send_skb+0xf6/0x3b0 [ 611.790960] ? udp_v6_send_skb+0x113f/0x1df0 [ 611.812010] ? udpv6_sendmsg+0x43e5/0x4960 [ 611.812010] ? inet_sendmsg+0x4e9/0x800 [ 611.812010] ? ___sys_sendmsg+0xe68/0x1250 [ 611.812010] ? __sys_sendmmsg+0x56b/0xa90 [ 611.812010] ? __se_sys_sendmmsg+0xbd/0xe0 [ 611.812010] ? __x64_sys_sendmmsg+0x56/0x70 [ 611.812010] ? do_syscall_64+0xcf/0x110 [ 611.812010] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 611.812010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 611.812010] ? __module_address+0x6a/0x610 [ 611.812010] ? is_bpf_text_address+0x3e5/0x4d0 [ 611.812010] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 611.812010] ? is_bpf_text_address+0x49e/0x4d0 [ 611.812010] ? kmsan_internal_chain_origin+0x90/0x240 [ 611.812010] ? get_stack_info+0x863/0x9d0 [ 611.812010] __msan_chain_origin+0x6d/0xd0 [ 611.812010] ? ip6_local_out+0x164/0x1d0 [ 611.812010] __save_stack_trace+0x8be/0xc60 [ 611.812010] ? ip6_local_out+0x164/0x1d0 [ 611.812010] save_stack_trace+0xc6/0x110 [ 611.812010] kmsan_internal_chain_origin+0x136/0x240 [ 611.812010] ? inet_sendmsg+0x4e9/0x800 [ 611.812010] ? kmsan_internal_chain_origin+0x136/0x240 [ 611.812010] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 611.812010] ? __msan_memcpy+0x6f/0x80 [ 611.812010] ? pskb_expand_head+0x43b/0x1d20 [ 611.812010] ? gre_tap_xmit+0x4e3/0x910 [ 611.812010] ? dev_hard_start_xmit+0x6dc/0xe00 [ 611.812010] ? sch_direct_xmit+0x59b/0x890 [ 611.812010] ? __qdisc_run+0x1bac/0x3600 [ 611.812010] ? __dev_queue_xmit+0x2131/0x3e00 [ 611.812010] ? dev_queue_xmit+0x4b/0x60 06:13:56 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) pwrite64(r0, &(0x7f00000000c0)="a20396358c6a84f57a8e0ff2c4cc53b47335fa2b83bd6c71f793e92fcaeefd7d4c959136fb3cff6ce03ec0c1568d32c4c33e58c673b13710142b6b598067ddfd4c3a6f7b9326a40bc1f5eb23ab07d75eced8a7df6225fd952cab7b101fc211bcaaa985a0a89cb88c249cdfc6c0610e41", 0x70, 0x0) ioctl(r0, 0x817e, &(0x7f0000000080)="0ad0007e0000000c01c070700412805cd01c95fb5472b1fe7eb8ec") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000180)='cpuset.mems\x00', 0x2, 0x0) pwrite64(r2, &(0x7f00000001c0)='/', 0x1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xc, &(0x7f0000000040)='keyringGPL(\x00'}, 0x30) ioprio_get$pid(0x0, r3) [ 611.812010] ? ip6_finish_output2+0x1a5b/0x22d0 [ 611.812010] ? ip6_finish_output+0xc13/0xca0 [ 611.812010] ? ip6_output+0x5e4/0x720 [ 611.812010] ? ip6_local_out+0x164/0x1d0 [ 611.812010] ? ip6_send_skb+0xf6/0x3b0 [ 611.812010] ? udp_v6_send_skb+0x113f/0x1df0 [ 611.812010] ? udpv6_sendmsg+0x43e5/0x4960 [ 611.812010] ? inet_sendmsg+0x4e9/0x800 [ 611.812010] ? ___sys_sendmsg+0xe68/0x1250 [ 611.812010] ? __sys_sendmmsg+0x56b/0xa90 [ 611.812010] ? __se_sys_sendmmsg+0xbd/0xe0 [ 611.812010] ? __x64_sys_sendmmsg+0x56/0x70 [ 611.812010] ? do_syscall_64+0xcf/0x110 [ 611.812010] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 611.812010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 611.812010] ? memcg_kmem_put_cache+0x8e/0x460 [ 611.812010] ? __msan_get_context_state+0x9/0x30 [ 611.812010] ? INIT_INT+0xc/0x30 [ 611.812010] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 611.812010] kmsan_memcpy_origins+0x13d/0x1b0 [ 611.812010] __msan_memcpy+0x6f/0x80 [ 611.812010] pskb_expand_head+0x43b/0x1d20 [ 611.812010] gre_tap_xmit+0x4e3/0x910 [ 611.812010] ? gre_tap_init+0x650/0x650 [ 611.812010] dev_hard_start_xmit+0x6dc/0xe00 [ 611.812010] sch_direct_xmit+0x59b/0x890 [ 611.812010] __qdisc_run+0x1bac/0x3600 [ 611.812010] ? __msan_get_context_state+0x9/0x30 [ 611.812010] __dev_queue_xmit+0x2131/0x3e00 [ 611.812010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 611.812010] dev_queue_xmit+0x4b/0x60 [ 611.812010] ip6_finish_output2+0x1a5b/0x22d0 [ 611.812010] ? validate_xmit_skb+0x1780/0x1780 [ 611.812010] ip6_finish_output+0xc13/0xca0 [ 611.812010] ip6_output+0x5e4/0x720 06:13:56 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f00000002c0)='X', 0x1, 0xfffffffffffffffe) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) socketpair$nbd(0x2, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff}) r3 = accept(0xffffffffffffffff, &(0x7f0000000640)=@hci, &(0x7f00000006c0)=0x80) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000700)='cpuacct.stat\x00', 0x0, 0x0) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000740)='/dev/sequencer\x00', 0x381800, 0x0) r6 = creat(&(0x7f0000000780)='./file0\x00', 0x80) r7 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000007c0)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000800)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000840)={{{@in6=@mcast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast2}}, &(0x7f0000000940)=0xe8) getresgid(&(0x7f0000000980)=0x0, &(0x7f0000000ac0), &(0x7f0000000b00)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000b40)=0x0) getresuid(&(0x7f0000000b80)=0x0, &(0x7f0000000bc0), &(0x7f0000000c00)) r13 = getegid() r14 = getpgid(0xffffffffffffffff) r15 = getuid() r16 = getgid() r17 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r18 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000c40)='/proc/self/attr/keycreate\x00', 0x2, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000c80)=0x0) fstat(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x6, &(0x7f0000000d40)=[0xffffffffffffffff, 0xee01, 0xffffffffffffffff, 0x0, 0xee00, 0x0]) socketpair$inet6(0xa, 0x6, 0xffff, &(0x7f0000000d80)={0xffffffffffffffff, 0xffffffffffffffff}) r23 = socket$inet6_sctp(0xa, 0x1, 0x84) r24 = syz_open_dev$ndb(&(0x7f0000000dc0)='/dev/nbd#\x00', 0x0, 0x80000) r25 = syz_open_dev$usb(&(0x7f0000000e00)='/dev/bus/usb/00#/00#\x00', 0xb18a, 0x98340) r26 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000e80)={&(0x7f0000000e40)='./file0\x00', 0x0, 0x8}, 0x10) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000ec0)={0xffffffffffffffff, 0xffffffffffffffff}) r28 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000f00)='/dev/uinput\x00', 0x2, 0x0) r29 = getpgid(0xffffffffffffffff) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000f40)={{{@in6=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000001040)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001080)={0x0, 0x0, 0x0}, &(0x7f00000010c0)=0xc) r32 = mq_open(&(0x7f00000018c0)='/dev/autofs\x00', 0x842, 0xa, &(0x7f0000001900)={0x7fffffff, 0xffff, 0xd, 0x80000000, 0x3, 0x9, 0x5, 0x81}) r33 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001940)='/proc/thread-self/attr/current\x00', 0x2, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000001980)=0x0) lstat(&(0x7f00000019c0)='./file0\x00', &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000001b40)={0x0, 0x0}) getresuid(&(0x7f0000001b80), &(0x7f0000001bc0), &(0x7f0000001c00)=0x0) getresgid(&(0x7f0000001c40)=0x0, &(0x7f0000001c80), &(0x7f0000001cc0)) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000001d00)={0x0}, &(0x7f0000001d40)=0xc) r41 = geteuid() getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000001d80)={0x0, 0x0, 0x0}, &(0x7f0000001dc0)=0xc) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000001e00)=0x0) r44 = geteuid() getgroups(0x4, &(0x7f0000001e40)=[0xffffffffffffffff, 0x0, 0xee00, 0x0]) r46 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000002300)={0x0, 0x80000, 0xffffffffffffffff}) r48 = openat$nullb(0xffffffffffffff9c, &(0x7f0000002340)='/dev/nullb0\x00', 0x0, 0x0) r49 = fanotify_init(0x0, 0x0) r50 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000002380)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) socketpair$inet6_sctp(0xa, 0x0, 0x84, &(0x7f00000023c0)={0xffffffffffffffff}) r52 = getpgid(0xffffffffffffffff) r53 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002400)={0x0, 0x0, 0x0}, &(0x7f0000002440)=0xc) r55 = dup(0xffffffffffffffff) r56 = syz_open_dev$sndmidi(&(0x7f0000003dc0)='/dev/snd/midiC#D#\x00', 0x10001, 0x181000) r57 = perf_event_open$cgroup(&(0x7f0000003e40)={0x4, 0x70, 0x20, 0x1, 0x1, 0x3f, 0x0, 0x7fff, 0x8230, 0x1, 0x2, 0x3, 0x40, 0x1, 0x2, 0xa59, 0x1, 0x7, 0x7, 0x10000, 0x1ff, 0xfff, 0x1, 0x49, 0xfffffffffffffff7, 0x47, 0x9, 0x40, 0xda5, 0x7f, 0x800, 0x100000001, 0x401, 0x1000000000000000, 0x6, 0x7a508371, 0x1, 0x5, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000003e00), 0x1}, 0x31000, 0x60, 0x81, 0xf, 0x80000001, 0x68d, 0x9}, 0xffffffffffffffff, 0xe, 0xffffffffffffff9c, 0x8) pipe2(&(0x7f0000003ec0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) r59 = socket$pptp(0x18, 0x1, 0x2) r60 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000003f00)='/dev/rfkill\x00', 0x84000, 0x0) r61 = syz_open_dev$amidi(&(0x7f0000003f40)='/dev/amidi#\x00', 0x3, 0x10000) r62 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000003f80)='./cgroup.net/syz0\x00', 0x200002, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000003fc0)={0xffffffffffffffff, 0xffffffffffffffff}) r64 = openat$full(0xffffffffffffff9c, &(0x7f0000004000)='/dev/full\x00', 0x0, 0x0) r65 = openat$vcs(0xffffffffffffff9c, &(0x7f0000004040)='/dev/vcs\x00', 0x2200, 0x0) r66 = openat$vsock(0xffffffffffffff9c, &(0x7f0000004280)='/dev/vsock\x00', 0x10000, 0x0) r67 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000042c0)='/dev/ashmem\x00', 0x42, 0x0) r68 = socket$bt_rfcomm(0x1f, 0x3, 0x3) r69 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000004100)=0x0) fstat(0xffffffffffffff9c, &(0x7f0000004140)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000041c0)='./file0\x00', &(0x7f0000004200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r73 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000045c0), 0x4) r74 = socket$nl_xfrm(0x10, 0x3, 0x6) r75 = openat$dsp(0xffffffffffffff9c, &(0x7f0000004600)='/dev/dsp\x00', 0x200, 0x0) r76 = socket$inet6_udplite(0xa, 0x2, 0x88) r77 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000004640)='cpuacct.stat\x00', 0x0, 0x0) r78 = inotify_init() r79 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000004680)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f00000046c0)={0xffffffffffffffff, 0xffffffffffffffff}) r82 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000004700)='/proc/thread-self/attr/current\x00', 0x2, 0x0) r83 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000004780)={&(0x7f0000004740)='./file0\x00', 0x0, 0x10}, 0x10) sendmmsg$unix(r1, &(0x7f00000048c0)=[{&(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000240)="e1c6186de17f700e87a454c66832b76bc69863daec15e8784d43c6bfb0afbf27ede7413561dea799cc72c44e3726df7ede03c8195554759b86bdd608c6e0f28c2199eb2089b878e9ec575a2e2b6f03b21ac50e08d35e6ee91151010c615db62e244bedcaae5e9ba9b696cd9daefc65c16edd908e88bd012c", 0x78}, {&(0x7f0000000440)="55b21bfedf921243ac16d331348d70ac4c05bb87e1af0a84aaed81ce87c8f3d049b4a1ab5763c06af6fcf55604919d11122455ed84b230f0ce8a287dd031575254be38944c5493045f85d4b0008f", 0x4e}, {&(0x7f00000004c0)="c5a7cdb7e24eb23d6d7fd1074d778600bf9f249463e0d5dc5b7ea651a24aa5d56dda37284b2641cee4e0991bda5f6527effce6a4087207dfb587c4152832a037ef361288127c1b41a8ffbf8c6abef510162645998455182be8f80deea48d73a064e0e03a9595f35d751fdd23736e280fcda1feac323582fa645c3fb0a51893ba73e2848f740d6b586d2fc07a909e1d5d9fb29f4062b3d5da63ee86c9d43d16d9e0d50229edc8563d6b6cbda0bc36f29eb943f7b93420db0e460c4c032db240108f5000b736f0911d8021e20ed5fe13afe33b47f266a58412b9e0459bda7d670544e02469c3d4b7fee02bc0", 0xeb}], 0x3, &(0x7f0000001100)=[@rights={0x18, 0x1, 0x1, [r2]}, @rights={0x28, 0x1, 0x1, [r3, r4, r5, r6, r7]}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @cred={0x20, 0x1, 0x2, r11, r12, r13}, @cred={0x20, 0x1, 0x2, r14, r15, r16}, @rights={0x18, 0x1, 0x1, [r17, r18]}, @cred={0x20, 0x1, 0x2, r19, r20, r21}, @rights={0x28, 0x1, 0x1, [r22, r23, r24, r25, r26, r27]}, @rights={0x18, 0x1, 0x1, [r28]}, @cred={0x20, 0x1, 0x2, r29, r30, r31}], 0x138, 0x4000}, {&(0x7f0000001240)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001800)=[{&(0x7f00000012c0)="cd16713b773c59804ef0c4bb25c2bf36f661c3fcf2944786673b3e4378521f2da108b7b7bcf1d72c77918bf01299b7a4964df13d33cd93250b5f3dcecd3496c751426de172cd224c976aa80614f57cadd6f0a1bbf2f176bafc390b61803b62a868da9286048b74d7f93679f73b9052ccc245f40b40f69e8ea36c4dea54be2ee97511512fbc7a7e4a95739a6d838ecbf1bf2750158c4f1147f7f19e9503b66a9d6624fc120bee", 0xa6}, {&(0x7f0000001380)="1b90adcd6e65dc99c351e1e324f4a63795a66d0c62da1dac63", 0x19}, {&(0x7f00000013c0)="e592dee50ae9e09c39bc9a89d4898f82f251dd6f93f27133b63bdb25bbba3ac1fbcf3337f3733df21a1473f671175415ff362185367ec96d0e1ea58615dd201cea460f86f8b60f813bfcace1c0725f4a1f66eaac27cf710184695e383ff3bc0873ecb324d19e9d37c7ad2db076e98f039aa082ce72bba752b5d5c50b78030de790fd6c1827c8f474cc35f4563f076cce734a0ac2db096a06abc7480df20e59a7fab36056f50c8814d2a54214fa55b5795069ea888ae2ecc0e340fcb58d70e3e9de3de9a340994b92e4fde844db67dda909525b88dd927fd30a1f220e250116a34e3e5dafcbfe3993cb", 0xe9}, {&(0x7f00000014c0)="56362b10c40a1ed8a32e1132f833fd9e6f804d1b1488b04e0956aa2713535bf9ceb4bd4004ba8be9b4701a0ddb59a388eb8bfe3ddb6479a7c780cefbfb1936ea6e706cd927584b08aece43e98bbd1e8fb6782c02afeac79a4002d0143abaca0ac56ca532daee4322688140e8e07dded0ccbe52f648495e029ff47f67fc85bc559d49f1ac11ea9a2454d8130e4f6cf5c0e67bba35d8a0ccfda1c437", 0x9b}, {&(0x7f0000001580)="a41ec7edbc8916c1dd459a4f7d96df73020bc87a7fa928f499fa87962e2dc6e2bdaad0ef01eeee801b9b953884db33ff474acbb211a7517de07b137bf5857787d64aa6caa4b07d044948e00f677f28ac4e2ab1bdd9abcb55e9c630e4a7744fb7f613b0e0f30719093b96ba2d7f74f674a7e52ddd3ab7859b0354529b69a185c4f643937ac044baa32c1c9cf4ab6855fc", 0x90}, {&(0x7f0000001640)="fd7137be4e50ff8321f3a8d9cc18cbd800184d4e225b6a455c848565997f5be6807c5ae5fa7267995c9cb24e6757e1e0985b51f655225d40ad0f32ef57672da6f4568ac5b9d34e0c491d", 0x4a}, {&(0x7f00000016c0)="07b2595b41454825b8f1f4112835a3d7ab7810d70bec7c44218e9792cb2e23c26266d83b91b96cfa25037c6a3146351817bafce80aa7d02548d6fca9d1b9928b55c37d27c59e0f12a0c0caf897b396241bfd9e8df775daa2a5ec3a32704b8861b0bd335ab5ab47d34b5236bbcdaa5b3c924f4db4b234ade91c7111", 0x7b}, {&(0x7f0000001740)="b41d028d321d8b4df6d618c4cf9bea533c98c4e8220a88edba796030a34341521a3888a23be2568a206f248e373e5b4ce1817983", 0x34}, {&(0x7f0000001780)="9f82a3466cb6e78690653d40a4d428a77a8919d62e9203f5fdc8fbda3eccefa3678cabd127697ef050c36f34d6911191406503d31595ab8e94e54c06c6612eb370d9a6a42bb3ead522864b5135e263345a4551a288be2656f8d44803f33e57981ca9c1cd", 0x64}], 0x9, &(0x7f0000001e80)=[@rights={0x18, 0x1, 0x1, [r32, r33]}, @cred={0x20, 0x1, 0x2, r34, r35, r36}, @cred={0x20, 0x1, 0x2, r37, r38, r39}, @cred={0x20, 0x1, 0x2, r40, r41, r42}, @cred={0x20, 0x1, 0x2, r43, r44, r45}], 0x98}, {&(0x7f0000001f40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000022c0)=[{&(0x7f0000001fc0)="bd71c7428c55e9f3e6c46b5562b3ccc917db685825b0fe4d1458db8f994122726d1405c240205f532b1f4fb89c33539af2a9955126aab2cf2fc5ed14dcf357a5e73f052c12dcf54871bece35a89b65d6972db62ee72bf98cc9be422233b13b553396c691d413157f6ec3672dc9d17d2ce19e686155f975b7372c3e24b57dc2156633a05e0951dd80036ce5cb8a90517bb54d80025d8c907b64831ae3fad2caa8fd8872174e5649b4085852ba574247b10eee3e612b609147fdeefd7aa6f1ce50d6c7e2509c97f3b25fd651f6e022d098d21914c24e29da73a6d7021eb7ae09f8d17c535321f3d7d71f0f660819d4008dd4cac03dfdfbfe", 0xf7}, {&(0x7f00000020c0)="3e429b10ecfcca49e838afa2fd8db4dc79a73194a7adb237d1f8e6d0973b0d1f4c0d90440a57e986fff78f630b4b2e96d25f440fa5c1f5105b727927a6efb96960f38dc5dacd240c80c4e32a9fb0982b9f2be0cb97be3193102d9691cc450ce1f3a4c6ba2da53b9a00ccc492ba8e7216c409846165ac2fda3af245bfe93805ba149d0f2c06d8713240f1207c506e8c803031620d16dfbf27001fcfcc5d01cfdd2e00b4064284c07d9b505f3807e667a5d533c3ff100b4d311cd81e9ad6b4b4087b2fe1f95d2c462137efb968f2", 0xcd}, {&(0x7f00000021c0)="4a1ffc7610db3843dc2205e6f787ecb2500a3d705cd9f746df0e879c6a9a2a24fa9957a53e9845e64d406a8fc517131e6bc0452313c98360f976fd8b6661fad3f5094b4cd7a13d5a1b8893ae6baec3ad1f0f7f558d1e1c884cc7620def0c8d6fa2a062ddceb25fe9713800bc27de", 0x6e}, {&(0x7f0000002240)="f2ae9c368765c1fc82ed968e562b6ed152543b994d9e97ed87d61da2e365563a2a4ba0c3552ff9d69d827f85b3097737555893834481a4f2267cc3dfcfe74ea55e4ba7d4d2c0349d7a13a41214575573b1d062c7f9810783679bd34b7f3379940c25", 0x62}], 0x4, &(0x7f0000002480)=[@rights={0x28, 0x1, 0x1, [r46, r47, r48, r49, r50, r51]}, @cred={0x20, 0x1, 0x2, r52, r53, r54}], 0x48, 0x4094}, {&(0x7f0000002500)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000002880)=[{&(0x7f0000002580)="fa199dad681faab71f8661ca8514a4ff324fed5f37304a9bf13c8096e38f8d594e6cd6a02eb33d922bd89346ee85ef7bc7af290b5225fef97dece8aa2369b16c624138649786d09d2ad4ab57c0dffe6cbff24e758c01f1bc6d19ba92d25685c79a62ea6dcb819b828a880e0e65b9ade96ef169c9e31ba616a2ba93cc7db7480076ab30ec0602cc67913a83e3abd3a575d8bd78e4912ff2eaa4c90b21", 0x9c}, {&(0x7f0000002640)="d991c8be1974b243701537e837e769b34d6a4aaa841edc0608b0d56c20ff8dba4472073798710ba0a408399eabaaa1eff60db29e4c9e0ff872b2d1e336d822d231e2", 0x42}, {&(0x7f00000026c0)="8fc2c9a976a2fe7f74f278cbf47c2e9a6d3d8f1c366d68f8d6eb95babd60b91b43efb17b8cc8d352d29a1649120af5d5f04442af9e170e4d7cd61fe16f8e28e5a6173fd2375bd6abbade29e5ff8d041b867cf3a721f1f0a6655a45359fda78ad6b4c9cfb85e34ee27e1972fcb939e375beb20f634b95836e05dfee7dc14c116afdd8c953ca5c26480275f6e7a568144a563cb99c3eb1672ef6c7ab5c86a578ce8adf9e94ac3110bf3a4f0a9d", 0xac}, {&(0x7f0000002780)="ce83f389a384341ee93ae6fef0159b13a8de68cc7569297c1599e7079b6c150d40be66d9c034f406cf858dc7fef43e1c6bb9bb5719adc3eac475723e8aa73a00b9a0f5733c7754b9d2253eae15b0c0b0bc11f222f537c8a0a2d3ebf96d4bbfb7c5233c4546033b73a3293dfb5dca49c0d0ae302e7c5050b2e0150b319618e39f84cac67c9aabacf24410659ab3089f8104ae922ab59105130220fab1ba705ba1505eef55daea4f2af3f0c2d295084cc824d384188b5b65bf5f0c3e1d48c274fb306f2d71738b59479ed9ccb56d1656e64b95686a2eeaad5f0883a9df20cdafab489b4773ba904bf20ad88fce45537b0843fd94cee475d2f8", 0xf8}], 0x4, 0x0, 0x0, 0x4005}, {&(0x7f00000028c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002a00)=[{&(0x7f0000002940)="b4772f8bdfc83852bde263109faad0243a8f24bc4f6b1eafa1fd5682d8c15ae8634843036b89337736ef5e07ff8760d2fad3408f677cbe73b536d72606bb6c5c0577fa3864a5cab386d329a542eb04dcc6be42e9515416c48a3609d92b7866ad5a7deb735b0ddc8a65a875cedeadb539df51bd70b26ecf50a39e4f7c10906a6a85d34a589ce5005ba765a6eb1f14a704", 0x90}], 0x1, 0x0, 0x0, 0x40080}, {&(0x7f0000002a40)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000003d40)=[{&(0x7f0000002ac0)="688dc61136e7366263a14ff8c35e954ba2f8daa87b8f3e2020a9fe3b5fac1938f016c8780c2cd790d7170946f9fadcdea38a4faff6945260da19ab1566f6ade80175cdd257978fc0f13bf0d565785eb0f91ae24d845d1c1690845fffcf775a4c9ce776a6c2ea324264b7db49fa9e90beb7b6140af4ce0e787324ee97b56cbec46206540a12a0d9147af62715b071f933358ffddb682d92df25f57f2be400c9b7865cafc52ea6a9f9450fe03995e3724aa3bac922e6d183aab87a46ef3a5883395cb130a0444997925127e14f84bbf9e8d5db7fa4c4e0879a05cfe6a23b81e624ad5af7dd9f081c0504a6e1da8d1c7ddb93160b681663fd12369c3ca527160fd71d6077534e482b6d586e9c07f08cf7dbe1c65810d106966690dff1a0aba473a17c3911be470059059dbb54aa2ea3bd7fd3a41e67f911da6aba8da90e59fb1bd6905dfaaa5046f242b5b403fa4059e66fba967d1a9b7c6b14d87c975695c5859dce41dd5649b4cd4988030fb9476d51260109fecc8d0e7f9bad93a288a90322399dd783c3b63c6a55ec2db4398abf454e93a75ad013559e6de35f6cf90d0725de76a89bae8c32211ab9417614071729b474f33b233abefcfd8af98610c474acab9d619d2d33867b53cef2096bab89c3a1e8fdaf87221c0bf17bb4702552f0442c600bcbddabc468e86cffa32732a3fea4976290cf03a5c48861091ddc12f1c2488e1aea340d584f02effc5a7f8e786b259ba897812c7ac1921ab2ec887a4c9ad466476ecddeb0b44c9f7031af105d1342f120d7613a5891c46f228e9e03ca89beda7a09c5531925826e97141d4945200d0223f47eb381591adb8131ecc9de404ffd81a8b402d1dfceb528755ab42b102896a9ea59e587d5edf2863f6e6561a6423cca820af8649e57b3b6da9b8385e2c5c4ec877958089d446f97431a3037a746c36079b267a2168fa9d435d1726cb81ef959f51f0ba849b19f1841468b6164c59cea9afe0e6c0160b5654381af55336361b16b91fb41ffef78bd8abed86a4e26a83d08c128fb3185e8a2ca20964b2379bc5ee7330a3ea48dddec2a8727fb5b84004728bf75ad9f09984242b3bf843b6603583cd0069002077c35ec95d711b2c7d7cc49dbcbc40c12bafc01704373356fb0e5eb33ad664bb91b86126c30f782c09ce9fe766a565e956b51fc1cba80a51dd4e6e22029512b5b1eab3c3c34581d3e6d797743c7dfeeb18878882279c1ba2215559279ba99386faea7c820ff28cc8d61a76832593f8d72a847306d1223e079e65b317c1bd3ce58e45cc433979f5b7223bf97d7c04a4a53f97392837417a662dd417b152ed2b7ef0b402aca96f8098660d6af3ed4d8f1d2b5afd188b4dd8766cf9ab7270d8d08aef458eeec85d28fd03be47521ce6697eb1d2cf7147e1db8e1cd020d1b17c76914e5549bd828bb2a9a21580c73662b595ecf5400329f50b0cf783c6b627d71ab29021f5307286b30d9c7a0856f5782e4d0fa85a0981f9ab39ac586546bf8d6b688c72a21546087a0957b7bc297f7154eb8b8bead44102f9b1a232cb8011c2edfbf9e882d0f0d7dc93437be1bef7878531a58792acbb5a07eb8e705faa3be887209647400036e139621698322712a6fe5d8dfdf57d87d126bbeae3909a28bea03fc9537e534389be1bbf4f021849540553df0f97a0e79b7ac5d96173d4a59196525d42b605c62b466a4e485f57ee60da16d17809bdff5a7209f2f4b3095c6aac6e458f41d37ea5a1fc43051a5af8babe5bb64cef47272679853bdc25ecd296cab07836046284b26637c4147b474be2d5612e81a260d44e0da24f31777181bb0ddf876109a8b9303164db9123b79cf7fd2618f46a1025d5bce918a333281b156715c8e844378026dc05cd8cd477d67295c9e2a914bb89f84015df362afcdd59ca32ca4e345d5406bb39c614beb2eafbc377702e13cec9449e3cc8c748f22807a7fcf50450e01dc6767558530e0c568cb9b2c0666e54377a382460654b7d0d77528005ef24c88d000d307a8acaf73f9e9806e4e9253a0b4ddb8b5a2d7104ad6c19c74e82c35ae6797f51ad70d5b042a48cbed9d5d4dda1d1dd77cf977ffb0171f7d4f15dfa19a07c2358147977e89d4531c6f2b8962305acad4051f62cec0835a04c91729028b11cedabb12559a1f1773bfa47b15e4bb3ff28840bdbd5ce347761c625313e5bc054e663bfba2554cf00c8292a748994f681b69e6e870394807d72dc6b97e3226d5ec2c0976ff5501e748428f898698c296bb4e8e5ee5e95f44d13e41f3c66a7373ca1e22b5ffd515f92ffa7281a415e426f13a2cd9cdae699f5ae53a9755e96458c422ab6d11e4e7a5654b7955f1de2d9c90022ddcd99bd89b1e53635627ba46cb1738fdc2c9ecafe6262ee1be0c375cb76b1af63460adcba1d9a81ef77ba1611e7e12ef74bdc788c229dcf5ed13f7ea4ee550dc1fd1b1198c9c522f629e60bbedb33e40001be8291ffdf75d2f6cb81fad7281e3ba503a0974d850b2a710bd9acb3b86c8f540e76301d898f5c391387c43be2c70d350a0f3387d9993d0db714770a5966dc6b23c43f1e8e334e3eef2db6426ed96862b381cf6b7f0da87c58083aa88df9a388d20c5f4ec929295adf1a58e6d40e9ccd4cd7e6e924fc5f0d0aee4e8f93790d6135aa88c9be3265c19d4ae534eee11392d17f0c5d62771831c30a9e83c3ef43f15467de971bb7580385846c02755addf9f93953d17c2dafe996ae19b5decdafb24570301f8bc7ef4a1df5acacc752b607196c14b8a53d2c504e178c86b087c42208e5c87d951ab00336835aa014a9f6404e0480342f92c3bfc15d452b63bd50d009719e528c8589647e1d85e70fa4595b7ecc09f48fd56507bf4881f807a29906ac334f2f4469e44fab1727884f128a0068abd259d4c8122f9409f1338d8037d2f54ca3c046a37f11db58f6547228fe5c56253636f38f8138588fa9d99a8352e04b50d7013261b63e9f5da4e7e8dfefc064da320f9b6aabc973903736829533f66f4e5f22d37cadbd58bedd6713af44e32f6a11ea9fd363a41d5dafcb989eab48f7908fd4869cfba1d6b99c452222664785d4d54163875f4b35e2d33ec31cbad34a17add80a64b60965b009ce9ec4bbfe4839bd43f39b0455e145324e8ee2a2b35868ff046fdd477dbe907690397e149f08a2eb76d13e800e998c1f9cdadb7b148eb85ad4ebb4e1d1929b16554e318afa9d83337388b1e7f508dacef976ebc0e8166d2e7cd29bc6287d8abf43976af8a3e36650d9b133d19e65ccff08a7466e6678e4de601933a941ae48e856315f8d52f49e1668e34cdd551d9a343a38822abcdee82505bcd6765cba4356d1f7d6385680d29e5c0c5cd2c2083c116d447833ee36a4e7cb8ee793bf4137cc19fd9fca3df5a2d628cc107a64d1cfc936cde00a78a76e88a01dde1242d1c3a00ea501015ecac70bfee22f1943aa11521a3ec5bb4853e5239e7a9cd22e558ec9b73d6fda07ab30f0c2c45961b0e7a43fad379c25e198d1036b86695c9190d67a213fa285842264c6618b780f0a884d144a8f7d6f68f6d73a072e39320593058e84f7b8c5744dd299c7028b9e788fac50f512fdf3c06acda2bf4b680c05fab587865c3ce2ea543b15c3aa0eec144ffa116fcb5b9cf199abe3e5e461371821b06d13a29d86ac6af928fdf2dce36a9ee3645c13923f86c482e0a2fe6ca14b72938133de81dd9978e8eca4eb11de35954c3b6e8490dcd499c001d2c5e0ac8de92fc4508fde78ac9a08fecc93910727c9427b59aa2572bf8a99631ccc4b2255cdc8243b5fcc3c50aded957c2faf166ad28bad4a91f7e14caf91c83e60a86da8a14f094afa2e96102295e4bef9166645be8cc55c4c71563945fa53d43f7216ba7fb51b434c8c7f455bbabb934efa1d69ff40a212bfdaeb8d24b2394d0e8719e5b41492367ce5c4f54dcc28ad9e8d7467e876445191a28c0f9bebaa942bb8850438896aefb9cefc4bfa2811a65a4fcdfd4b2d0416790ee03b53534f7590e17caaa4c69a4adddfea95a47522c514647fd0a4315d47ef1db20554c5ce04a2e4be8605b538b29d9e8ccd19f8066954e661ba26319cf81faf79e3f6a755bf30b14a5bc0448fc2d97d34b03aeaa9b316978f024ad8386b96ee34f191687908003ce2a570a198acb93788674da1024659a9904feff2025cbd7a791b48c2e35242a5fbd0ae396d9510ca5e722f3dfdd49b336a75e4c2bc4dc33e1cccb50a5173a69cd5b78d7aa6b2ec06af4bec1c132fe4b9d6e88a38fbd93356f516b3d45ad971514cef3d9f5f4713b139b65420a12b7c17cab3f7163ed10c283e18da716a934a60abd9f6b22d71b17bba27308cbe7efd9d797cb86826a27bdfa0951cfd83981fa6e15ec3c55e43b90e8312a019b4cafdaffbf4e7b90119b84d48e17cde8c50fe567a02e632b644f0b491ffe7ee8cd090416d4e3256aa5ba0815ef78accb751d150ec5c7fadc7f934f289ce1f1c6affbe2cc58a55d1b44b2e667ece6c1ed08e245dbfa0b2b7ebdb091d8aafeaba566be4f3a78198d50dac3ee8be4cea3e43f0b30ae502e36125e0ee9b13f1f42577de6420eb811cd997e225fd9ee8422110b3c537c143a5a9133c2c4bdaa6d5a3d6f514adc49ef9f8d450e85ec639e54f38ef6b170f94b0ae744b957fb792f459508a7887cc1f6adad9e14f050dd9581c5f11c3d9c07c02f06138ff924850aecf2063b9a0b66a66bc1e69e317b500219460fde10447f921c3bb732efb250c4fc890c2822d10d0af65e80e2ea49ba7c4d966b3421785b01979ef8e0f7d3286bd958c1ade72ce62792a8457e77cc42deb9272b899255595c79d36641a9ccd491f9c6301919f4e378973b440f8153ddd116e920be13ac76a40e01c922b08fc13439ed3e4f2942e63d2100fdaf8bb22ef65b8cf0950a379ad36d1979b4acba5d844f09798d714c50b4480694580687f1a9949e4a88fbe8cabd59cac715f6abdd9d2ebe4375b444a1c2bde14ba2a513d7c0f4ebbe7320753354092a58d8860c613dae79592890b56ef86c30b31c61e8af065e7aba33074587a58c87ffaab9d773d1745e0fa453e4fb53ebf4e34670c6efd6b0042d6f08f5843e51d7f0a709263911c44c445a7b7fcc2322d9cfeca1411e8d0aa920223df0c5e700ebcfbcf585aefd875f4e2db1ccb8cd6484afba63d861cf81838c68b7a5cb514a6ac45c3a1a404ba9a11705602920e0dfe4fb233cb31da46a33472a882fe120cd7c77d4f7b37ddf6d6399fabed2fbf135209d4df63fa78f1dfefd24b6ca714969854f08f8abb1addf2895f5abde1abf3e12d482c99c32094fc4278f9c37134b90c79ae381a269e270449a2d54538d28d99e7cad7de3919f8a37a08850af50cc407a92dd7b4f1282655ba90dad988ec1a4e3ed46636adb0422ed8489d7e0e4a50bca3e9dcea108f25ddc61fd41c056553f0ba95e84a85b95e37f9a6221681e56e51fb6a7041b334a141f56784b52e523cb96e576946cc48d055342f5ca75cbd70b669326e71b7063231251a99ffee772959effc00dd31a2fc3787c8bc9b98de7d37714a8dfe8e34ec288bf27731e4c37133109f6d88a1d5a91b87f2749e0bb3d1c9616ebd58c771a2d775c69fc9639d77e4e5e611db230cb76d997ba7319d393902d0094211faa81e7deabe5509cf203f2ae04c7d43b896ad50bb1274a053a9493a4547d4f9e2d2ccf7fde40837fafab87d4d61c375f747fcc9103addacbf89c29a2c02d3d3e17ca8dc986cacb36ed71cc3e2a1e90a9", 0x1000}, {&(0x7f0000003ac0)="56f0b345476cfcda1e989a00c1ef", 0xe}, {&(0x7f0000003b00)="7bf5d528952cac9f234424bf4a9d90a8645ce50b7db01f06209f0961468a5426f44fa6c22adc3730c15cbbdbdb2835d29276ed7fa6ee4d236e6b82f5aa72075e7cd3ab396d3807bf83f50f9721cfdedd4558ee26a474f99449b89780a58e8ed21dcf70c40d79dcb6be856ecebf9353f0f7c81df85c9d0e04d8121c119ce1a6d513fba71603de16eb83b82cf31a81c44d9a995ac17d39c34e0b53e7", 0x9b}, {&(0x7f0000003bc0)="2bc40649872be638183fe8646d83ef2c057347638a1cee3d6db60b3ee21586320bec1012506be619788fc891316d42986017aa6670659f7d27fea9cecfb53fe1e2658bc180d6bc2ebdc6f0b76ce4cd35c98aee3d953c8056f61c4623c941562595a34b9c916007ab0eaea1613732ca3eef352b172ce97326f34683a5e78ea2bbe12ad6b9b07333564e9cb49e829b00d0c1f4af44fef68f6b56ca0e3caccd5e4183dedf3f0e7c404bd23b69d2d65dfacc608be753b48fdf", 0xb7}, {&(0x7f0000003c80)="5c519618897fab3fdb8619457be37fa3f3cd61f316890d29353e378f1af398925ec3a0a219d3b3a968431a021b2733f37a6d7fe09fa135e9cbde7073ed0f44aa116bd39d57", 0x45}, {&(0x7f0000003d00)="f73998423412d8c20e192702fb7330a750d0031412", 0x15}], 0x6, &(0x7f00000047c0)=[@rights={0x28, 0x1, 0x1, [r55, r56, r57, r58, r59]}, @rights={0x38, 0x1, 0x1, [r60, r61, r62, r63, r64, r65, r66, r67, r68, r69]}, @cred={0x20, 0x1, 0x2, r70, r71, r72}, @rights={0x38, 0x1, 0x1, [r73, r74, r75, r76, r77, r78, r79, r80, r81]}, @rights={0x18, 0x1, 0x1, [r82, r83]}], 0xd0, 0x4000000}], 0x6, 0x800) keyctl$update(0x2, r0, &(0x7f0000000300)="bd2da453f568ada14adacb60ec721e0a9e7cc39eb1705c169cade5940a1a0dd0520eb190340fb75774cd31479cb5747b80bb6f82bd48a4fb2d87029d681d0811ae946d8183d05eb24436a886e3eeb46833f96ca9292f3ce3c3c2de375bcf606f780516c43dab12ae305922846fba6addcfb294d1bdf5f4491c8a853638b83bd2e62b63bd9005771ad8c6011c6ccc753810649590748603954ee414f8ac6486534bd776eb2883f49bc13a84e2d2e0d7787cab3092f657daf3a7df7680b28ff01f4b8a3001439ea4408b3a7b200d6efb5085852711bb7ce821fc5e1dba1d9cd40f96d3cbce4a2f1bced4e9151abdcec1e3c3ea792c27a69dca159a216f41926d27ee814502f1f9caccc8eefe4a704018f1820b3fed6d8ac16b93", 0x119) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) r84 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x9a, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r84, r0, r84}, &(0x7f00000009c0)=""/240, 0x4a3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r85, 0x8912, 0x400200) [ 611.812010] ? ip6_output+0x720/0x720 [ 611.812010] ? ac6_seq_show+0x200/0x200 [ 611.812010] ip6_local_out+0x164/0x1d0 [ 611.812010] ip6_send_skb+0xf6/0x3b0 [ 611.812010] udp_v6_send_skb+0x113f/0x1df0 [ 611.812010] udpv6_sendmsg+0x43e5/0x4960 [ 611.812010] ? ip_copy_metadata+0x1710/0x1710 [ 611.812010] ? __msan_poison_alloca+0x1e0/0x2b0 [ 611.812010] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 611.812010] inet_sendmsg+0x4e9/0x800 [ 611.812010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 611.812010] ? security_socket_sendmsg+0x1bd/0x200 [ 611.812010] ___sys_sendmsg+0xe68/0x1250 [ 611.812010] ? inet_getname+0x490/0x490 [ 611.812010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 611.812010] ? kmsan_set_origin+0x83/0x130 [ 611.812010] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 611.812010] ? _cond_resched+0xc7/0x120 [ 611.812010] __sys_sendmmsg+0x56b/0xa90 [ 611.812010] ? syscall_return_slowpath+0x123/0x8c0 [ 611.812010] ? put_timespec64+0x162/0x220 [ 611.812010] __se_sys_sendmmsg+0xbd/0xe0 [ 611.812010] __x64_sys_sendmmsg+0x56/0x70 [ 611.812010] do_syscall_64+0xcf/0x110 [ 611.812010] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 611.812010] RIP: 0033:0x457569 [ 611.812010] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 611.812010] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 611.812010] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 06:13:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000280)="0f019c0100dac4ea070073006766c74424000e0000006766c7442402c6e800006766c744240600000000670f011c240f01cb0f20e06635004000000f22e02ef30f7ecbdc272e0f01d10f18c1"}], 0xaaaaaaaaaaaadfe, 0x40, &(0x7f0000000040), 0x10000000000000a0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 611.812010] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 611.812010] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 611.812010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 611.812010] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 611.812010] Uninit was stored to memory at: [ 611.812010] kmsan_internal_chain_origin+0x136/0x240 [ 611.812010] __msan_chain_origin+0x6d/0xd0 [ 611.812010] __save_stack_trace+0x8be/0xc60 [ 611.812010] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 06:13:56 executing program 0: syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x800) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x200002) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000080)=""/13) accept4$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14, 0x80800) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000340)={@ipv4={[], [], @broadcast}, @mcast1, @empty, 0x9, 0x0, 0x96, 0x400, 0xfffffffffffffffa, 0x3820000, r2}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000400)={0x0}, &(0x7f00000003c0)=0x6) fcntl$setown(r0, 0x8, r3) readv(r0, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/10, 0x182}, {&(0x7f0000000200)=""/86, 0x56}, {&(0x7f0000000280)=""/96, 0x1f}], 0x3) mkdir(&(0x7f00000001c0)='./file0\x00', 0x200000c0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000100)=0x101, 0x4) [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Uninit was stored to memory at: [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] __msan_chain_origin+0x6d/0xd0 [ 612.304543] __save_stack_trace+0x8be/0xc60 [ 612.304543] save_stack_trace+0xc6/0x110 [ 612.304543] kmsan_internal_chain_origin+0x136/0x240 [ 612.304543] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.304543] __msan_memcpy+0x6f/0x80 [ 612.304543] pskb_expand_head+0x43b/0x1d20 [ 612.304543] gre_tap_xmit+0x4e3/0x910 [ 612.304543] dev_hard_start_xmit+0x6dc/0xe00 [ 612.304543] sch_direct_xmit+0x59b/0x890 [ 612.304543] __qdisc_run+0x1bac/0x3600 [ 612.304543] __dev_queue_xmit+0x2131/0x3e00 [ 612.304543] dev_queue_xmit+0x4b/0x60 [ 612.304543] ip6_finish_output2+0x1a5b/0x22d0 [ 612.304543] ip6_finish_output+0xc13/0xca0 [ 612.304543] ip6_output+0x5e4/0x720 [ 612.304543] ip6_local_out+0x164/0x1d0 [ 612.304543] ip6_send_skb+0xf6/0x3b0 [ 612.304543] udp_v6_send_skb+0x113f/0x1df0 [ 612.304543] udpv6_sendmsg+0x43e5/0x4960 [ 612.304543] inet_sendmsg+0x4e9/0x800 [ 612.304543] ___sys_sendmsg+0xe68/0x1250 [ 612.304543] __sys_sendmmsg+0x56b/0xa90 [ 612.304543] __se_sys_sendmmsg+0xbd/0xe0 [ 612.304543] __x64_sys_sendmmsg+0x56/0x70 [ 612.304543] do_syscall_64+0xcf/0x110 [ 612.304543] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.304543] [ 612.304543] Local variable description: ----_type.i@icmp6_send [ 612.304543] Variable was created at: [ 612.304543] icmp6_send+0x171/0x3ca0 [ 612.304543] icmpv6_send+0xe5/0x110 [ 612.367491] not chained 110000 origins [ 612.367509] CPU: 1 PID: 13709 Comm: syz-executor0 Not tainted 4.19.0+ #77 [ 612.367518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 612.367525] Call Trace: [ 612.367546] dump_stack+0x32d/0x480 [ 612.367575] kmsan_internal_chain_origin+0x222/0x240 [ 612.367589] ? gre_tap_xmit+0x4e3/0x910 [ 612.367610] ? ip6_finish_output+0xc13/0xca0 [ 612.367625] ? ip6_output+0x5e4/0x720 [ 612.367641] ? ip6_local_out+0x164/0x1d0 [ 612.367657] ? ip6_send_skb+0xf6/0x3b0 [ 612.367676] ? udp_v6_send_skb+0x113f/0x1df0 [ 612.367693] ? udpv6_sendmsg+0x43e5/0x4960 [ 612.367709] ? inet_sendmsg+0x4e9/0x800 [ 612.367725] ? ___sys_sendmsg+0xe68/0x1250 [ 612.367739] ? __sys_sendmmsg+0x56b/0xa90 [ 612.367753] ? __se_sys_sendmmsg+0xbd/0xe0 [ 612.367768] ? __x64_sys_sendmmsg+0x56/0x70 [ 612.367784] ? do_syscall_64+0xcf/0x110 [ 612.367800] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.367820] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.367839] ? __module_address+0x6a/0x610 [ 612.367856] ? is_bpf_text_address+0x3e5/0x4d0 [ 612.367877] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 612.367893] ? is_bpf_text_address+0x49e/0x4d0 [ 612.367911] ? kmsan_internal_chain_origin+0x90/0x240 [ 612.367941] ? get_stack_info+0x863/0x9d0 [ 612.367967] __msan_chain_origin+0x6d/0xd0 [ 612.367991] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.368008] __save_stack_trace+0x8be/0xc60 [ 612.368041] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.368061] save_stack_trace+0xc6/0x110 [ 612.368084] kmsan_internal_chain_origin+0x136/0x240 [ 612.368097] ? inet_sendmsg+0x4e9/0x800 [ 612.368121] ? kmsan_internal_chain_origin+0x136/0x240 [ 612.368135] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 612.368150] ? __msan_memcpy+0x6f/0x80 [ 612.368164] ? pskb_expand_head+0x43b/0x1d20 [ 612.368177] ? gre_tap_xmit+0x4e3/0x910 [ 612.368192] ? dev_hard_start_xmit+0x6dc/0xe00 [ 612.368206] ? sch_direct_xmit+0x59b/0x890 [ 612.368220] ? __qdisc_run+0x1bac/0x3600 [ 612.368233] ? __dev_queue_xmit+0x2131/0x3e00 [ 612.368246] ? dev_queue_xmit+0x4b/0x60 [ 612.368263] ? ip6_finish_output2+0x1a5b/0x22d0 [ 612.368277] ? ip6_finish_output+0xc13/0xca0 [ 612.368292] ? ip6_output+0x5e4/0x720 [ 612.368307] ? ip6_local_out+0x164/0x1d0 [ 612.368322] ? ip6_send_skb+0xf6/0x3b0 [ 612.368339] ? udp_v6_send_skb+0x113f/0x1df0 [ 612.368355] ? udpv6_sendmsg+0x43e5/0x4960 [ 612.368370] ? inet_sendmsg+0x4e9/0x800 [ 612.368383] ? ___sys_sendmsg+0xe68/0x1250 [ 612.368396] ? __sys_sendmmsg+0x56b/0xa90 [ 612.368410] ? __se_sys_sendmmsg+0xbd/0xe0 [ 612.368423] ? __x64_sys_sendmmsg+0x56/0x70 [ 612.368438] ? do_syscall_64+0xcf/0x110 [ 612.368463] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.368506] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.368525] ? memcg_kmem_put_cache+0x8e/0x460 [ 612.368550] ? __msan_get_context_state+0x9/0x30 [ 612.368565] ? INIT_INT+0xc/0x30 [ 612.368583] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 612.368612] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.368638] __msan_memcpy+0x6f/0x80 [ 612.368656] pskb_expand_head+0x43b/0x1d20 [ 612.368690] gre_tap_xmit+0x4e3/0x910 [ 612.368714] ? gre_tap_init+0x650/0x650 [ 612.368730] dev_hard_start_xmit+0x6dc/0xe00 [ 612.368766] sch_direct_xmit+0x59b/0x890 [ 612.368796] __qdisc_run+0x1bac/0x3600 [ 612.368828] ? __msan_get_context_state+0x9/0x30 [ 612.368858] __dev_queue_xmit+0x2131/0x3e00 [ 612.368880] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.368918] dev_queue_xmit+0x4b/0x60 [ 612.368939] ip6_finish_output2+0x1a5b/0x22d0 [ 612.368984] ? validate_xmit_skb+0x1780/0x1780 [ 612.369005] ip6_finish_output+0xc13/0xca0 [ 612.369036] ip6_output+0x5e4/0x720 [ 612.369063] ? ip6_output+0x720/0x720 [ 612.369080] ? ac6_seq_show+0x200/0x200 [ 612.369099] ip6_local_out+0x164/0x1d0 [ 612.369124] ip6_send_skb+0xf6/0x3b0 [ 612.369152] udp_v6_send_skb+0x113f/0x1df0 [ 612.369192] udpv6_sendmsg+0x43e5/0x4960 [ 612.369216] ? ip_copy_metadata+0x1710/0x1710 [ 612.369271] ? __msan_poison_alloca+0x1e0/0x2b0 [ 612.369299] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 612.369316] inet_sendmsg+0x4e9/0x800 [ 612.369338] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.369355] ? security_socket_sendmsg+0x1bd/0x200 [ 612.369378] ___sys_sendmsg+0xe68/0x1250 [ 612.369396] ? inet_getname+0x490/0x490 [ 612.369431] ? __msan_poison_alloca+0x1e0/0x2b0 [ 612.369459] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 612.369493] ? rcu_all_qs+0x3b/0x310 [ 612.369510] ? _cond_resched+0x59/0x120 [ 612.369548] ? rcu_all_qs+0x53/0x310 [ 612.369566] ? _cond_resched+0x37/0x120 [ 612.369581] ? __sys_sendmmsg+0x7c9/0xa90 [ 612.369603] ? _cond_resched+0x59/0x120 [ 612.369622] __sys_sendmmsg+0x56b/0xa90 [ 612.369661] ? syscall_return_slowpath+0x123/0x8c0 [ 612.369677] ? put_timespec64+0x162/0x220 [ 612.369703] __se_sys_sendmmsg+0xbd/0xe0 [ 612.369726] __x64_sys_sendmmsg+0x56/0x70 [ 612.369742] do_syscall_64+0xcf/0x110 [ 612.369759] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.369772] RIP: 0033:0x457569 [ 612.369790] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 612.369801] RSP: 002b:00007f233e51cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 612.369819] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569 [ 612.369830] RDX: 000000000000004f RSI: 00000000200092c0 RDI: 0000000000000004 [ 612.369840] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 612.369851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f233e51d6d4 [ 612.369862] R13: 00000000004c374a R14: 00000000004d57b8 R15: 00000000ffffffff [ 612.369883] Uninit was stored to memory at: [ 612.369901] kmsan_internal_chain_origin+0x136/0x240 [ 612.369918] __msan_chain_origin+0x6d/0xd0 [ 612.369933] __save_stack_trace+0x8be/0xc60 [ 612.369947] save_stack_trace+0xc6/0x110 [ 612.369963] kmsan_internal_chain_origin+0x136/0x240 [ 612.369984] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.370000] __msan_memcpy+0x6f/0x80 [ 612.370013] pskb_expand_head+0x43b/0x1d20 [ 612.370026] gre_tap_xmit+0x4e3/0x910 [ 612.370039] dev_hard_start_xmit+0x6dc/0xe00 [ 612.370052] sch_direct_xmit+0x59b/0x890 [ 612.370065] __qdisc_run+0x1bac/0x3600 [ 612.370078] __dev_queue_xmit+0x2131/0x3e00 [ 612.370090] dev_queue_xmit+0x4b/0x60 [ 612.370106] ip6_finish_output2+0x1a5b/0x22d0 [ 612.370120] ip6_finish_output+0xc13/0xca0 [ 612.370135] ip6_output+0x5e4/0x720 [ 612.370150] ip6_local_out+0x164/0x1d0 [ 612.370165] ip6_send_skb+0xf6/0x3b0 [ 612.370182] udp_v6_send_skb+0x113f/0x1df0 [ 612.370197] udpv6_sendmsg+0x43e5/0x4960 [ 612.370212] inet_sendmsg+0x4e9/0x800 [ 612.370226] ___sys_sendmsg+0xe68/0x1250 [ 612.370239] __sys_sendmmsg+0x56b/0xa90 [ 612.370252] __se_sys_sendmmsg+0xbd/0xe0 [ 612.370266] __x64_sys_sendmmsg+0x56/0x70 [ 612.370280] do_syscall_64+0xcf/0x110 [ 612.370295] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.370300] [ 612.370306] Uninit was stored to memory at: [ 612.370323] kmsan_internal_chain_origin+0x136/0x240 [ 612.370338] __msan_chain_origin+0x6d/0xd0 [ 612.370354] __save_stack_trace+0x8be/0xc60 [ 612.370368] save_stack_trace+0xc6/0x110 [ 612.370385] kmsan_internal_chain_origin+0x136/0x240 [ 612.370400] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.370416] __msan_memcpy+0x6f/0x80 [ 612.370429] pskb_expand_head+0x43b/0x1d20 [ 612.370441] gre_tap_xmit+0x4e3/0x910 [ 612.370465] dev_hard_start_xmit+0x6dc/0xe00 [ 612.370477] sch_direct_xmit+0x59b/0x890 [ 612.370490] __qdisc_run+0x1bac/0x3600 [ 612.370502] __dev_queue_xmit+0x2131/0x3e00 [ 612.370515] dev_queue_xmit+0x4b/0x60 [ 612.370530] ip6_finish_output2+0x1a5b/0x22d0 [ 612.370545] ip6_finish_output+0xc13/0xca0 [ 612.370559] ip6_output+0x5e4/0x720 [ 612.370574] ip6_local_out+0x164/0x1d0 [ 612.370589] ip6_send_skb+0xf6/0x3b0 [ 612.370606] udp_v6_send_skb+0x113f/0x1df0 [ 612.370622] udpv6_sendmsg+0x43e5/0x4960 [ 612.370637] inet_sendmsg+0x4e9/0x800 [ 612.370650] ___sys_sendmsg+0xe68/0x1250 [ 612.370663] __sys_sendmmsg+0x56b/0xa90 [ 612.370684] __se_sys_sendmmsg+0xbd/0xe0 [ 612.370698] __x64_sys_sendmmsg+0x56/0x70 [ 612.370712] do_syscall_64+0xcf/0x110 [ 612.370727] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.370732] [ 612.370739] Uninit was stored to memory at: [ 612.370756] kmsan_internal_chain_origin+0x136/0x240 [ 612.370772] __msan_chain_origin+0x6d/0xd0 [ 612.370787] __save_stack_trace+0x8be/0xc60 [ 612.370802] save_stack_trace+0xc6/0x110 [ 612.370819] kmsan_internal_chain_origin+0x136/0x240 [ 612.370835] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.370851] __msan_memcpy+0x6f/0x80 [ 612.370864] pskb_expand_head+0x43b/0x1d20 [ 612.370877] gre_tap_xmit+0x4e3/0x910 [ 612.370891] dev_hard_start_xmit+0x6dc/0xe00 [ 612.370905] sch_direct_xmit+0x59b/0x890 [ 612.370918] __qdisc_run+0x1bac/0x3600 [ 612.370932] __dev_queue_xmit+0x2131/0x3e00 [ 612.370945] dev_queue_xmit+0x4b/0x60 [ 612.370961] ip6_finish_output2+0x1a5b/0x22d0 [ 612.370982] ip6_finish_output+0xc13/0xca0 [ 612.370997] ip6_output+0x5e4/0x720 [ 612.371012] ip6_local_out+0x164/0x1d0 [ 612.371027] ip6_send_skb+0xf6/0x3b0 [ 612.371045] udp_v6_send_skb+0x113f/0x1df0 [ 612.371061] udpv6_sendmsg+0x43e5/0x4960 [ 612.371076] inet_sendmsg+0x4e9/0x800 [ 612.371089] ___sys_sendmsg+0xe68/0x1250 [ 612.371103] __sys_sendmmsg+0x56b/0xa90 [ 612.371117] __se_sys_sendmmsg+0xbd/0xe0 [ 612.371131] __x64_sys_sendmmsg+0x56/0x70 [ 612.371145] do_syscall_64+0xcf/0x110 [ 612.371161] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.371166] [ 612.371172] Uninit was stored to memory at: [ 612.371189] kmsan_internal_chain_origin+0x136/0x240 [ 612.371209] __msan_chain_origin+0x6d/0xd0 [ 612.371224] __save_stack_trace+0x8be/0xc60 [ 612.371239] save_stack_trace+0xc6/0x110 [ 612.371256] kmsan_internal_chain_origin+0x136/0x240 [ 612.371272] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.371288] __msan_memcpy+0x6f/0x80 [ 612.371302] pskb_expand_head+0x43b/0x1d20 [ 612.371315] gre_tap_xmit+0x4e3/0x910 [ 612.371329] dev_hard_start_xmit+0x6dc/0xe00 [ 612.371342] sch_direct_xmit+0x59b/0x890 [ 612.371355] __qdisc_run+0x1bac/0x3600 [ 612.371369] __dev_queue_xmit+0x2131/0x3e00 [ 612.371382] dev_queue_xmit+0x4b/0x60 [ 612.371398] ip6_finish_output2+0x1a5b/0x22d0 [ 612.371414] ip6_finish_output+0xc13/0xca0 [ 612.371429] ip6_output+0x5e4/0x720 [ 612.371444] ip6_local_out+0x164/0x1d0 [ 612.371468] ip6_send_skb+0xf6/0x3b0 [ 612.371485] udp_v6_send_skb+0x113f/0x1df0 [ 612.371501] udpv6_sendmsg+0x43e5/0x4960 [ 612.371516] inet_sendmsg+0x4e9/0x800 [ 612.371529] ___sys_sendmsg+0xe68/0x1250 [ 612.371542] __sys_sendmmsg+0x56b/0xa90 [ 612.371555] __se_sys_sendmmsg+0xbd/0xe0 [ 612.371575] __x64_sys_sendmmsg+0x56/0x70 [ 612.371587] do_syscall_64+0xcf/0x110 [ 612.371601] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.371606] [ 612.371612] Uninit was stored to memory at: [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] __msan_chain_origin+0x6d/0xd0 [ 612.371626] __save_stack_trace+0x8be/0xc60 [ 612.371626] save_stack_trace+0xc6/0x110 [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.371626] __msan_memcpy+0x6f/0x80 [ 612.371626] pskb_expand_head+0x43b/0x1d20 [ 612.371626] gre_tap_xmit+0x4e3/0x910 [ 612.371626] dev_hard_start_xmit+0x6dc/0xe00 [ 612.371626] sch_direct_xmit+0x59b/0x890 [ 612.371626] __qdisc_run+0x1bac/0x3600 [ 612.371626] __dev_queue_xmit+0x2131/0x3e00 [ 612.371626] dev_queue_xmit+0x4b/0x60 [ 612.371626] ip6_finish_output2+0x1a5b/0x22d0 [ 612.371626] ip6_finish_output+0xc13/0xca0 [ 612.371626] ip6_output+0x5e4/0x720 [ 612.371626] ip6_local_out+0x164/0x1d0 [ 612.371626] ip6_send_skb+0xf6/0x3b0 [ 612.371626] udp_v6_send_skb+0x113f/0x1df0 [ 612.371626] udpv6_sendmsg+0x43e5/0x4960 [ 612.371626] inet_sendmsg+0x4e9/0x800 [ 612.371626] ___sys_sendmsg+0xe68/0x1250 [ 612.371626] __sys_sendmmsg+0x56b/0xa90 [ 612.371626] __se_sys_sendmmsg+0xbd/0xe0 [ 612.371626] __x64_sys_sendmmsg+0x56/0x70 [ 612.371626] do_syscall_64+0xcf/0x110 [ 612.371626] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.371626] [ 612.371626] Uninit was stored to memory at: [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] __msan_chain_origin+0x6d/0xd0 [ 612.371626] __save_stack_trace+0x8be/0xc60 [ 612.371626] save_stack_trace+0xc6/0x110 [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.371626] __msan_memcpy+0x6f/0x80 [ 612.371626] pskb_expand_head+0x43b/0x1d20 [ 612.371626] gre_tap_xmit+0x4e3/0x910 [ 612.371626] dev_hard_start_xmit+0x6dc/0xe00 [ 612.371626] sch_direct_xmit+0x59b/0x890 [ 612.371626] __qdisc_run+0x1bac/0x3600 [ 612.371626] __dev_queue_xmit+0x2131/0x3e00 [ 612.371626] dev_queue_xmit+0x4b/0x60 [ 612.371626] ip6_finish_output2+0x1a5b/0x22d0 [ 612.371626] ip6_finish_output+0xc13/0xca0 [ 612.371626] ip6_output+0x5e4/0x720 [ 612.371626] ip6_local_out+0x164/0x1d0 [ 612.371626] ip6_send_skb+0xf6/0x3b0 [ 612.371626] udp_v6_send_skb+0x113f/0x1df0 [ 612.371626] udpv6_sendmsg+0x43e5/0x4960 [ 612.371626] inet_sendmsg+0x4e9/0x800 [ 612.371626] ___sys_sendmsg+0xe68/0x1250 [ 612.371626] __sys_sendmmsg+0x56b/0xa90 [ 612.371626] __se_sys_sendmmsg+0xbd/0xe0 [ 612.371626] __x64_sys_sendmmsg+0x56/0x70 [ 612.371626] do_syscall_64+0xcf/0x110 [ 612.371626] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.371626] [ 612.371626] Uninit was stored to memory at: [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] __msan_chain_origin+0x6d/0xd0 [ 612.371626] __save_stack_trace+0x8be/0xc60 [ 612.371626] save_stack_trace+0xc6/0x110 [ 612.371626] kmsan_internal_chain_origin+0x136/0x240 [ 612.371626] kmsan_memcpy_origins+0x13d/0x1b0 [ 612.371626] __msan_memcpy+0x6f/0x80 [ 612.371626] pskb_expand_head+0x43b/0x1d20 [ 612.371626] gre_tap_xmit+0x4e3/0x910 [ 612.371626] dev_hard_start_xmit+0x6dc/0xe00 [ 612.371626] sch_direct_xmit+0x59b/0x890 [ 612.371626] __qdisc_run+0x1bac/0x3600 [ 612.371626] __dev_queue_xmit+0x2131/0x3e00 [ 612.371626] dev_queue_xmit+0x4b/0x60 [ 612.371626] ip6_finish_output2+0x1a5b/0x22d0 [ 612.371626] ip6_finish_output+0xc13/0xca0 [ 612.371626] ip6_output+0x5e4/0x720 [ 612.371626] ip6_local_out+0x164/0x1d0 [ 612.371626] ip6_send_skb+0xf6/0x3b0 [ 612.371626] udp_v6_send_skb+0x113f/0x1df0 [ 612.371626] udpv6_sendmsg+0x43e5/0x4960 [ 612.371626] inet_sendmsg+0x4e9/0x800 [ 612.371626] ___sys_sendmsg+0xe68/0x1250 [ 612.371626] __sys_sendmmsg+0x56b/0xa90 [ 612.371626] __se_sys_sendmmsg+0xbd/0xe0 [ 612.371626] __x64_sys_sendmmsg+0x56/0x70 [ 612.371626] do_syscall_64+0xcf/0x110 [ 612.371626] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 612.371626] [ 612.371626] Local variable description: ----_type.i@icmp6_send [ 612.371626] Variable was created at: [ 612.371626] icmp6_send+0x171/0x3ca0 [ 612.371626] icmpv6_send+0xe5/0x110 [ 612.432144] *** Guest State *** [ 612.432185] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 612.432216] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 612.432234] CR3 = 0x0000000000000000 [ 612.432257] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 612.432282] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 612.432315] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 612.432356] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 612.432396] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 612.432436] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 612.432482] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 612.432523] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 612.432563] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 612.432594] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 612.432634] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 612.432666] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 612.432707] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 612.432735] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 612.432764] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 612.432791] Interruptibility = 00000001 ActivityState = 00000000 [ 612.432808] *** Host State *** [ 612.432838] RIP = 0xffffffff812c8203 RSP = 0xffff8801a65af3c8 [ 612.432884] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 612.432920] FSBase=00007f09ac9c2700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 612.432949] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 612.432991] CR0=0000000080050033 CR3=000000013356b000 CR4=00000000001426e0 [ 612.433026] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 612.433053] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 612.433070] *** Control State *** [ 612.433097] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca [ 612.433120] EntryControls=0000d1ff ExitControls=002fefff [ 612.433153] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 612.433181] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 612.433208] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 612.433233] reason=80000021 qualification=0000000000000000 [ 612.433256] IDTVectoring: info=00000000 errcode=00000000 [ 612.433277] TSC Offset = 0xfffffeb3c94dbf8d [ 612.433301] EPT pointer = 0x0000000109a8301e 06:14:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x200, 0x0) write$input_event(r3, &(0x7f0000000140)={{0x77359400}, 0x16, 0x80000001, 0xffffffffffffffc0}, 0x18) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:00 executing program 0: perf_event_open$cgroup(&(0x7f0000000900)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400000, 0x0) r1 = shmget$private(0x0, 0x2000, 0xa00, &(0x7f0000ffc000/0x2000)=nil) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000040)=""/177) accept$packet(0xffffffffffffffff, &(0x7f0000006340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000006380)=0x14) sendmsg$can_raw(r0, &(0x7f00000064c0)={&(0x7f00000063c0)={0x1d, r2}, 0x10, &(0x7f0000000100)={&(0x7f0000006400)=@can={{0x2, 0x1, 0x7, 0x7b9}, 0x0, 0x1, 0x0, 0x0, "5e05c754dec4537b"}, 0x10}, 0x1, 0x0, 0x0, 0x50}, 0x4) 06:14:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x3, 0x0) ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000100)={0x4, 0xf034, 0xffffffffffffff00, 0xffffffffffffc7fc, 0x9, 0xcf, 0x800, 0x7, 0x2, 0x0, 0x5, 0x80}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:00 executing program 2: r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000c743000000000000ff010000000000000000000000000000000000000000000000000000d2b5d95bea2b911cffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000004000000000000000000000000000000000000000000000000000000000000000000000000e97b1daf4ef543"], 0x7f) 06:14:00 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000005740)='/dev/dsp\x00', 0x40000, 0x0) accept4$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000056c0)='/dev/sequencer2\x00', 0x200, 0x0) ioctl$SIOCGIFMTU(r1, 0x8921, &(0x7f0000005700)) r2 = syz_open_dev$mouse(&(0x7f00000042c0)='/dev/input/mouse#\x00', 0x3f, 0xedba04a78d2b7fd3) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000004300)={{0x80000001, 0x2, 0x1f, 0x0, 0x3, 0x5}, 0x40}) r3 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) socketpair$inet(0x2, 0x4, 0x399, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000180)={0xfffffffffffff9a0}, 0x4) write$binfmt_elf64(r2, &(0x7f0000005640)=ANY=[@ANYRESOCT=r2, @ANYRES16=r3, @ANYRES32=r3], 0xfffffffffffffdcb) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r5 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9, r5) r6 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') r7 = accept$packet(r6, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r6, 0x40045731, &(0x7f0000005780)) execveat(r6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) sysinfo(&(0x7f0000004640)=""/4096) r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000004340)='/dev/ppp\x00', 0x80000, 0x0) recvmsg(r8, &(0x7f0000004600)={&(0x7f0000004380)=@in6, 0x80, &(0x7f00000045c0)=[{&(0x7f0000004400)=""/200, 0xc8}, {&(0x7f0000004500)=""/29, 0x1d}, {&(0x7f0000004540)=""/76, 0x4c}], 0x3, 0x0, 0x0, 0xfffffffffffffff7}, 0x40002001) recvmmsg(r7, &(0x7f00000041c0)=[{{&(0x7f0000000240)=@hci, 0x80, &(0x7f0000001480)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/237, 0xed}, {&(0x7f0000001400)=""/46, 0x2e}, {&(0x7f0000001440)=""/5, 0x5}], 0x4, &(0x7f00000014c0)=""/55, 0x37, 0x2}, 0x3fff80000000}, {{0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000001500)=""/207, 0xcf}, {&(0x7f0000001600)=""/228, 0xe4}, {&(0x7f0000001700)=""/130, 0x82}, {&(0x7f00000017c0)=""/229, 0xe5}, {&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f00000028c0)=""/138, 0x8a}], 0x6, &(0x7f0000002a00)=""/23, 0x17}, 0xfffffffffffffff8}, {{0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000002a40)=""/237, 0xed}, {&(0x7f0000002b40)=""/92, 0x5c}, {&(0x7f0000002bc0)=""/116, 0x74}, {&(0x7f0000002c40)=""/28, 0x1c}, {&(0x7f0000002c80)=""/187, 0xbb}, {&(0x7f0000002d40)=""/16, 0x10}, {&(0x7f0000002d80)=""/82, 0x52}, {&(0x7f0000002e00)=""/218, 0xda}, {&(0x7f0000002f00)=""/4096, 0x1000}], 0x9, &(0x7f0000003fc0)=""/46, 0x2e, 0x1}, 0x6}, {{&(0x7f0000004000)=@nfc_llcp, 0x80, &(0x7f0000004180)=[{&(0x7f0000004080)=""/112, 0x70}, {&(0x7f0000004100)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x8}, 0x5}], 0x4, 0x5f5f0a1e6038c819, 0x0) write$P9_RFLUSH(r6, &(0x7f0000005680)={0x7, 0x6d, 0x1}, 0x7) [ 616.384203] *** Guest State *** [ 616.387713] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 616.396859] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 616.405963] CR3 = 0x0000000000000000 [ 616.409809] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 616.416064] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 616.422211] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 616.428923] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 616.437143] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 616.445300] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 616.453602] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 616.461758] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 616.469783] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 06:14:00 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)='task\x00', 0xffffffffffffffff}, 0x30) syz_open_procfs(r1, &(0x7f00000001c0)='net/fib_triestat\x00') r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 616.478039] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 616.486200] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 616.494399] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 616.502630] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 616.510644] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 616.517285] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 616.524929] Interruptibility = 00000001 ActivityState = 00000000 [ 616.531200] *** Host State *** [ 616.534590] RIP = 0xffffffff812c8203 RSP = 0xffff88010a09f3c8 [ 616.540619] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 616.547187] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 616.555126] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 616.561054] CR0=0000000080050033 CR3=00000001a5cc9000 CR4=00000000001426f0 [ 616.568254] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 616.575110] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 616.581206] *** Control State *** 06:14:00 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vsock\x00', 0x800, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000001c0)={0xb5a, {{0x2, 0x4e23, @rand_addr=0x7}}}, 0x88) socketpair$unix(0x1, 0x9, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$seccomp(0x16, 0x2, &(0x7f0000001b40)={0x1, &(0x7f0000001b00)=[{0x6, 0x6, 0x800, 0x2ca8}]}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000380)=@assoc_value={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000480)={r4, 0x1c, &(0x7f0000000400)=[@in6={0xa, 0x4e23, 0x2, @loopback, 0x2}]}, &(0x7f00000004c0)=0x10) clock_getres(0xfffffffffffffffe, &(0x7f00000006c0)) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000500)={0x7fffffff, 0x18, 0x1, r1}) ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f00000010c0)) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000000)={'veth0_to_bond\x00', 0x2}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000680)=0xe8) getresuid(&(0x7f0000000bc0), &(0x7f0000000c00), &(0x7f0000000c40)=0x0) fstat(r1, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000d00)={0x0, 0x0}, &(0x7f0000000d40)=0xc) lstat(&(0x7f0000000d80)='./file0\x00', &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000e40)='./file0/file0\x00', &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = getegid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000f00)={0x0, 0x0, 0x0}, &(0x7f0000000f40)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000f80)={0x0, 0x0, 0x0}, &(0x7f0000000fc0)=0xfffffffffffffcfa) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001000)={0x0, 0x0, 0x0}, &(0x7f0000001040)=0xc) getresgid(&(0x7f0000001080), &(0x7f0000001900), &(0x7f0000001940)=0x0) stat(&(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r1, &(0x7f0000000540)='system.posix_acl_default\x00', &(0x7f0000001a40)={{}, {0x1, 0x4}, [{0x2, 0x1, r5}, {0x2, 0x2, r6}, {0x2, 0x4, r7}, {0x2, 0x7, r8}, {0x2, 0x1, r9}], {0x4, 0x5}, [{0x8, 0x3, r10}, {0x8, 0x1, r11}, {0x8, 0x5, r12}, {0x8, 0x1, r13}, {0x8, 0x2, r14}, {0x8, 0x1, r15}, {0x8, 0x1, r16}], {0x10, 0x1}, {0x20, 0x7}}, 0x84, 0x1) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000280)=ANY=[@ANYBLOB="66696c746572000000210000000000000000000000000000007f00000000000002e3ffffff000000000000000000000000000000000000000066bedcec02e36d0f515d79e9c7a5dd06bdc974d0a26bab247f5c2a995e87f92e91c61f0e9ae1c84d780a38fd8f91ce69509530ff328d3d3828468b3b88752f320aedb5569ff7d80854df777c825881c1a9899be55e983a7b49105c1e1847ac534de2859aef2cc34484e3add2427ea4787c4c2cc2aa931ed39b2eba7195e3e02cdcd36b7309f01af58acdd07f3fa200f32f8213e5fa61237e80d2224026c5d7e91df56b5de4abef0ecf69aafe71b9aa000000000000000000"], 0x48) write$binfmt_elf64(r1, &(0x7f0000000700)=ANY=[@ANYBLOB="7f454c46000800610100000000000000030003000002000060030000000000004000000000000000240300000000000008000000050038000100d2880008010005000000080000000100000000000000090000000000000002000000000000007f000000000000000900000000000000010000000000000006000000000000007563000000000000090000000000000003000000000000000500000000000000f30f0000000000000100000000000000c1e4f7e40e1467c8130c0ef8c22276368fcd1148d01b3865c5302ed69b0f7390bea4996565e8b6afbaa5f37938d4e3309dcfd2e683f989bb66015ba5f281614c702971560e9e38badfb485eb9bf35febba0d67afa814000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000997dedd469b9fe414fae97f508aabc1300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c4535c945d26946335983eed66532eb7478170beb5a34dc1166a4742d2776a5e8f31c2ee952398c12e173930133cee1beb8cf24df7583fbe782090861d61f9de8ad54a55d554d0f6d3c96c4d94e8dce4f986ad24bd1f24c56de5fb44f05842c07c37de3cab2ba6160a393e792f99ba0d0679ed99a323261e019cc8ccb986a12414d15f63704f872cecf2c171eab93a23ee0a55b187d4aac845bd00000000000000000000"], 0x4a0) setxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000100)=@sha1={0x1, "80bf84fb390d823dde6c18b50d417143c738a54b"}, 0x15, 0x3) [ 616.585137] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 616.592004] EntryControls=0000d1ff ExitControls=002fefff [ 616.597525] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 616.604644] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 616.611352] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 616.618103] reason=80000021 qualification=0000000000000003 [ 616.624582] IDTVectoring: info=00000000 errcode=00000000 [ 616.630059] TSC Offset = 0xfffffeb0f8fef7c9 [ 616.634547] EPT pointer = 0x000000010b59a01e 06:14:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) fsetxattr(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="6f73782e62646576706f7369785f61636c5f61636365737300ee2131e4f9ba7cae4aa7784d8e6f72493191270457a4addff80129f3418990d7c3938bc466b8cc4582d4e41ec8f05e2decda8ea5ccff29cc3a557f0ab3a1cd41badf757dd30c37b3d633c44fb9e3e898884febf3a4dc6389079b091f3891a3dca25c6b2301a2b107ea09b6033dd7226c773c"], &(0x7f0000000100)='ppp0\x00', 0x5, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:00 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x2000, 0x0) ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000100)) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$sock_void(r1, 0x1, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$P9_RRENAME(r0, &(0x7f00000001c0)={0x7, 0x15, 0x1}, 0x7) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 616.876266] Unknown ioctl -2011670964 [ 616.931567] Unknown ioctl 35125 [ 616.987260] audit: type=1326 audit(1541225641.034:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13807 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 06:14:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) fstat(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000440)={{{@in=@multicast2, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) setresuid(r3, r4, r5) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:01 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$vsock_dgram(0x28, 0x2, 0x0) sendto$inet(r0, &(0x7f0000000100)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) r2 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r2, 0x0) ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f00000000c0)={0x0, 0x5, 0x3, 0x20, &(0x7f0000000000/0x4000)=nil, 0x1f}) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000080)) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0xd, &(0x7f0000000140)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000000000)=0x84) 06:14:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000200)={[{0x7f, 0x20d2aa36, 0x9, 0xffffffffffffff7f, 0x2, 0x2, 0x1000, 0x1, 0x0, 0xb, 0x50, 0x7fffffff, 0x9}, {0x7fff, 0x6, 0x1, 0x8, 0x1ff, 0x7fffffff, 0x100000001, 0x5, 0x7, 0x8, 0x9, 0x80000001, 0xfffffffffffffffb}, {0x1, 0x9, 0x7f, 0x7f, 0xe0c, 0x6, 0x101, 0x7d8, 0x3, 0x101, 0x6, 0x2, 0x7}], 0x100000001}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 617.522967] audit: type=1326 audit(1541225641.574:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13807 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 [ 617.557633] Unknown ioctl -2011670964 [ 617.583153] Unknown ioctl 35125 06:14:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r3 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x2, 0x400000) setsockopt$inet_tcp_buf(r3, 0x6, 0x0, &(0x7f0000000140)="6e862c72abe2456a9dc7dbfab74235b97e5c64d90fce42e6c197d875e854cb4f5dbefb61d4e417c8a34db7eaa9ec9158f94bee645da30c268a485a0691f4253ce1fbcd43b09bcef28c8cff", 0x4b) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:01 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vsock\x00', 0x800, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000001c0)={0xb5a, {{0x2, 0x4e23, @rand_addr=0x7}}}, 0x88) socketpair$unix(0x1, 0x9, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$seccomp(0x16, 0x2, &(0x7f0000001b40)={0x1, &(0x7f0000001b00)=[{0x6, 0x6, 0x800, 0x2ca8}]}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000380)=@assoc_value={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000480)={r4, 0x1c, &(0x7f0000000400)=[@in6={0xa, 0x4e23, 0x2, @loopback, 0x2}]}, &(0x7f00000004c0)=0x10) clock_getres(0xfffffffffffffffe, &(0x7f00000006c0)) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000500)={0x7fffffff, 0x18, 0x1, r1}) ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f00000010c0)) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000000)={'veth0_to_bond\x00', 0x2}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000680)=0xe8) getresuid(&(0x7f0000000bc0), &(0x7f0000000c00), &(0x7f0000000c40)=0x0) fstat(r1, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000d00)={0x0, 0x0}, &(0x7f0000000d40)=0xc) lstat(&(0x7f0000000d80)='./file0\x00', &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000e40)='./file0/file0\x00', &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = getegid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000f00)={0x0, 0x0, 0x0}, &(0x7f0000000f40)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000f80)={0x0, 0x0, 0x0}, &(0x7f0000000fc0)=0xfffffffffffffcfa) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001000)={0x0, 0x0, 0x0}, &(0x7f0000001040)=0xc) getresgid(&(0x7f0000001080), &(0x7f0000001900), &(0x7f0000001940)=0x0) stat(&(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r1, &(0x7f0000000540)='system.posix_acl_default\x00', &(0x7f0000001a40)={{}, {0x1, 0x4}, [{0x2, 0x1, r5}, {0x2, 0x2, r6}, {0x2, 0x4, r7}, {0x2, 0x7, r8}, {0x2, 0x1, r9}], {0x4, 0x5}, [{0x8, 0x3, r10}, {0x8, 0x1, r11}, {0x8, 0x5, r12}, {0x8, 0x1, r13}, {0x8, 0x2, r14}, {0x8, 0x1, r15}, {0x8, 0x1, r16}], {0x10, 0x1}, {0x20, 0x7}}, 0x84, 0x1) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000280)=ANY=[@ANYBLOB="66696c746572000000210000000000000000000000000000007f00000000000002e3ffffff000000000000000000000000000000000000000066bedcec02e36d0f515d79e9c7a5dd06bdc974d0a26bab247f5c2a995e87f92e91c61f0e9ae1c84d780a38fd8f91ce69509530ff328d3d3828468b3b88752f320aedb5569ff7d80854df777c825881c1a9899be55e983a7b49105c1e1847ac534de2859aef2cc34484e3add2427ea4787c4c2cc2aa931ed39b2eba7195e3e02cdcd36b7309f01af58acdd07f3fa200f32f8213e5fa61237e80d2224026c5d7e91df56b5de4abef0ecf69aafe71b9aa000000000000000000"], 0x48) write$binfmt_elf64(r1, &(0x7f0000000700)=ANY=[@ANYBLOB="7f454c46000800610100000000000000030003000002000060030000000000004000000000000000240300000000000008000000050038000100d2880008010005000000080000000100000000000000090000000000000002000000000000007f000000000000000900000000000000010000000000000006000000000000007563000000000000090000000000000003000000000000000500000000000000f30f0000000000000100000000000000c1e4f7e40e1467c8130c0ef8c22276368fcd1148d01b3865c5302ed69b0f7390bea4996565e8b6afbaa5f37938d4e3309dcfd2e683f989bb66015ba5f281614c702971560e9e38badfb485eb9bf35febba0d67afa814000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000997dedd469b9fe414fae97f508aabc1300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c4535c945d26946335983eed66532eb7478170beb5a34dc1166a4742d2776a5e8f31c2ee952398c12e173930133cee1beb8cf24df7583fbe782090861d61f9de8ad54a55d554d0f6d3c96c4d94e8dce4f986ad24bd1f24c56de5fb44f05842c07c37de3cab2ba6160a393e792f99ba0d0679ed99a323261e019cc8ccb986a12414d15f63704f872cecf2c171eab93a23ee0a55b187d4aac845bd00000000000000000000"], 0x4a0) setxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000100)=@sha1={0x1, "80bf84fb390d823dde6c18b50d417143c738a54b"}, 0x15, 0x3) 06:14:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 617.925149] *** Guest State *** [ 617.928690] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 617.937926] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 617.946915] CR3 = 0x0000000000000000 [ 617.950747] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 617.957382] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 617.963520] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 617.970235] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 617.978384] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 617.986498] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 617.994622] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.002745] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.010833] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.018962] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 618.027188] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 618.035293] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.043507] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 618.051528] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 618.058115] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 618.065677] Interruptibility = 00000001 ActivityState = 00000000 [ 618.072098] *** Host State *** [ 618.075341] RIP = 0xffffffff812c8203 RSP = 0xffff8801a66df3c8 [ 618.081373] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 618.087999] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 618.095940] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 618.102031] CR0=0000000080050033 CR3=00000001090fe000 CR4=00000000001426e0 [ 618.107165] Unknown ioctl -2011670964 [ 618.109079] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 618.109108] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 618.109123] *** Control State *** [ 618.109150] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 618.109172] EntryControls=0000d1ff ExitControls=002fefff [ 618.109201] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 618.109227] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 618.109252] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 618.109275] reason=80000021 qualification=0000000000000003 [ 618.109298] IDTVectoring: info=00000000 errcode=00000000 [ 618.109316] TSC Offset = 0xfffffeb027b87031 [ 618.109343] EPT pointer = 0x000000010912301e [ 618.151376] Unknown ioctl 35125 [ 618.283463] audit: type=1326 audit(1541225642.334:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13863 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 06:14:02 executing program 0: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000800)=0x1f) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000001c0)="153f6234488dd25d766070") r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r2, 0x0, 0x4, &(0x7f0000000180)=0x8000101, 0x4) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYBLOB="800000003000aeca4389c28e2ef2415767f206d134031ef2fbb9ea574b930304f7ebb760f59abb0bee5b78a1447887da5ea8e93b067e22ee7c8b4ef622f4e8b6f0457c60026640020938ecca9ea6933a06352b95899fb939a6e167393b6165f33f77cb000f26559cb3225ac098bb0c79092794b742bda3ba0b74561b1d9a6da9dd3790d2"], &(0x7f0000000780)=0x88) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000007c0)={0x9, 0x80000001, 0xa, 0x9ba1, 0x9, 0x3, 0x2, 0x7, r3}, 0x20) r4 = dup(r1) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000600)={0x0, 0x2}, &(0x7f0000000640)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000680)={r5, @in={{0x2, 0x3, @loopback}}}, &(0x7f0000000740)=0x84) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000480)=0x3, 0x4) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xffffffff, 0x43) [ 618.613267] *** Guest State *** [ 618.616857] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 618.626023] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 618.635004] CR3 = 0x0000000000000000 [ 618.638766] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 618.644939] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 618.650947] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 618.657895] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 618.666036] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.674249] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.682427] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.690463] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.698730] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 618.706857] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 618.715053] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 618.723200] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 618.731227] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 618.739385] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 618.745921] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 618.753544] Interruptibility = 00000001 ActivityState = 00000000 [ 618.759794] *** Host State *** [ 618.763165] RIP = 0xffffffff812c8203 RSP = 0xffff88010b49f3c8 [ 618.769186] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 618.775768] FSBase=00007f09ac980700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 618.783709] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 618.789629] CR0=0000000080050033 CR3=00000001090fe000 CR4=00000000001426e0 [ 618.796944] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 618.803761] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 618.809907] *** Control State *** [ 618.813500] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca [ 618.820293] EntryControls=0000d1ff ExitControls=002fefff [ 618.825905] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 618.832957] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 618.839661] VMExit: intr_info=80000306 errcode=00000000 ilen=00000003 [ 618.846434] reason=80000021 qualification=0000000000000003 [ 618.852909] IDTVectoring: info=00000000 errcode=00000000 [ 618.858385] TSC Offset = 0xfffffeb027b7e2a1 06:14:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x6, 0x2000) write$FUSE_DIRENT(r3, &(0x7f0000000280)={0xc8, 0x0, 0x1, [{0x6, 0x8, 0xe, 0x80000001, '/dev/snapshot\x00'}, {0x0, 0xfffffffffffffffa, 0x21, 0x1, '[-selinuxwlan0\'posix_acl_access&@'}, {0x1, 0x7, 0xe, 0x20, '/dev/snapshot\x00'}, {0x3, 0x5, 0xe, 0xfffffffffffffffc, '/dev/snapshot\x00'}]}, 0xc8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000100), &(0x7f0000000200)=0x4) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {0x0, 0x80000000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 618.862913] EPT pointer = 0x000000010912301e 06:14:05 executing program 2: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7fff, 0x100) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x10, r1, 0x0) prctl$setendian(0x14, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x23, &(0x7f0000000980), &(0x7f0000000940)=0xffffffffffffffa4) 06:14:05 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x10000080000000, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000380)={0x0, 0x0, 0x0, {0x1, @sliced}}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="0900000029c53912ca9639dad488139bb3"], &(0x7f0000000040)=0x11) r2 = fcntl$dupfd(r0, 0x406, r0) write$P9_RLCREATE(r2, &(0x7f0000000000)={0x18, 0xf, 0x2, {{0x2, 0x3, 0x3}, 0xfffffffffffffa82}}, 0x18) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f00000001c0)) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000080)={r1, 0x90, "12edf025398ba652f0318c832f886e39bb353ee93aedafef8463526531d88c4a5efc75d97bb4e4d5212309a9d09d9c1081c2e8c4bd56d6912105408b8d51c806c007fb1c16002091d795b9771326412b093f11fbcac98a088af4cd05762a0309e5b8cba7b607dfc9c34b2f6a3b47bbdc4e40af92e4865616a28662678dd82f2a355969fb8c4dde8827e1f3c0f542d7bc"}, &(0x7f0000000140)=0x98) 06:14:05 executing program 1: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x2, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000001c0)={&(0x7f0000000180)=[0x5, 0x0, 0x8, 0x1], 0x4, 0xffff, 0x4, 0x400, 0x7, 0x3b, {0x9, 0x1, 0xaf4, 0x8, 0x3, 0x6, 0x5, 0x3, 0x10001, 0x2, 0x101, 0x2f0, 0x3, 0x1f, "3f69b80c34dedf4e8276a60be66cde16bd2a6155fe815a8b9f555d6fc4abe57d"}}) r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0xfffffffffffffffe, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffffffffff5d) mq_timedreceive(r0, &(0x7f0000000300)=""/150, 0x96, 0x3, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000240)={0x9, {{0x2, 0x4e24, @multicast1}}}, 0x88) 06:14:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vga_arbiter\x00', 0x20401, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000380)={0x2, "f83040bf0cad46879834d928549df9bd69af9e45db2624e712a570a3012cdb7f", 0x3, 0x1}) syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0x8, 0x50400) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000240)={0x100000000000000, 0x0, 0xff, 0x1, 0x8}) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000100)={'erspan0\x00', 0xff}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000280)=""/144) 06:14:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0xe3, 0x0) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000200)={r3, 0x1, 0x6, @local}, 0x10) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 06:14:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f0000000200)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x4, r2}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 621.625763] *** Guest State *** [ 621.629199] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 621.638333] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 621.647299] CR3 = 0x0000000000000000 [ 621.651048] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 621.657277] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 621.663502] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 621.670292] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 621.678483] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 621.686613] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 621.694776] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 621.702892] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 621.710944] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 06:14:05 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0xee5, 0x40000) execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) [ 621.719110] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 621.727253] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 621.735419] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 621.743551] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 621.751561] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 621.758150] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 621.765790] Interruptibility = 00000001 ActivityState = 00000000 [ 621.772181] *** Host State *** 06:14:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x6, 0x2000) write$FUSE_DIRENT(r3, &(0x7f0000000280)={0xc8, 0x0, 0x1, [{0x6, 0x8, 0xe, 0x80000001, '/dev/snapshot\x00'}, {0x0, 0xfffffffffffffffa, 0x21, 0x1, '[-selinuxwlan0\'posix_acl_access&@'}, {0x1, 0x7, 0xe, 0x20, '/dev/snapshot\x00'}, {0x3, 0x5, 0xe, 0xfffffffffffffffc, '/dev/snapshot\x00'}]}, 0xc8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000100), &(0x7f0000000200)=0x4) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {0x0, 0x80000000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 621.775441] RIP = 0xffffffff812c8203 RSP = 0xffff88010ac6f3c8 [ 621.781483] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 621.788342] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 621.796314] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 621.802511] CR0=0000000080050033 CR3=000000010a9b8000 CR4=00000000001426e0 [ 621.809580] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 621.816440] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 621.822652] *** Control State *** [ 621.826143] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 621.833007] EntryControls=0000d1ff ExitControls=002fefff [ 621.838509] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 621.845644] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 621.852462] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 621.859111] reason=80000021 qualification=0000000000000003 [ 621.865629] IDTVectoring: info=00000000 errcode=00000000 [ 621.871107] TSC Offset = 0xfffffeae2915c22e [ 621.875635] EPT pointer = 0x000000010a12501e 06:14:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000200)={[{0x7f, 0x20d2aa36, 0x9, 0xffffffffffffff7f, 0x2, 0x2, 0x1000, 0x1, 0x0, 0xb, 0x50, 0x7fffffff, 0x9}, {0x7fff, 0x6, 0x1, 0x8, 0x1ff, 0x7fffffff, 0x100000001, 0x5, 0x7, 0x8, 0x9, 0x80000001, 0xfffffffffffffffb}, {0x1, 0x9, 0x7f, 0x7f, 0xe0c, 0x6, 0x101, 0x7d8, 0x3, 0x101, 0x6, 0x2, 0x7}], 0x100000001}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000300)=ANY=[@ANYBLOB="fb26a9cb1a9c0962127723871b9aad397cdfbe6b5c73318ffd33316eeb3a2d221b9afcc32123a093ced5a537aa51f111e0fe10b94db73f8d299ff621eddbf875e31d069ef9ff87179ed9f588e90036c8ab939d9029b8d865b78b0e8fa42acf7bf78a91318011a9dbf4d0284ae763209510be3609bd042cf6a645ede75acf94f027ae072b3deaf73252e3dbe0ea8ee240e5acaec6cc34a64edcec476cbafd25895b013c69e2d58bbaad3b873c2d24c218cc971cfba67dce00ef2a08d0fc96bc9b743e07479b960ae9e733151be89ed274c7a3d7bc571a3fafc4a42377f877e5f6d07ac36b8895966717aefa704ce70b6e729ea70b40a32739f8497bc747f98fb67f458994bf1a5ebd61ce1c223bb94c4ed2603522d542e7228e06d79dc6f663cf3328a54c0d4304bcc9d3cf6ac74e0dd088ebb62ca7cbc4c9bb12adaf92e5fcb2a8cfcc336fd6706c5450037239762096bc8b4649a596f32d5b6a4affe2de65c9b06215651744233bb7ee6e8956c57584f911bed398eae6b9c7d39d637af53d981652fef1f50b45dc797ff654d70a1d7c1ec51ff85403c24831d8da87aa0626842f84c16baad2aab0c33a43179971f714d3bcb832f83b07d2ce55576e5f87c6cae33d128f7fd173994ff92d2108fc86c6b9ccb868523853dd60e5c5d6aa5c4530fed312c05591b52d347f334337e025ea05b540c79f8f26b3409b9e5d9c60d3d6873fda5e600bfec0441f3a39df2bfc6ee873688c31678e2eb92a03d81b56622bddf6fed81e11092f000000"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:06 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x319943, 0x0) ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000300)) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x802, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000240)={0xf2, 0x5, 0x8f, 0x1, 0x80000001}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000280)=[@dstype0], 0x100000f6) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) restart_syscall() r5 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x3, 0x40) ioctl$SG_GET_LOW_DMA(r5, 0x227a, &(0x7f0000000100)) 06:14:06 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket(0x800000000000a, 0x80005, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000000c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x9, @remote, 0x1f}, r3}}, 0x30) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000100)={'bridge_slave_0\x00', 0x7b}) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000180)={'bridge_slave_0\x00', 0x4340}) 06:14:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r3 = dup3(r2, r2, 0x80000) ioctl$EVIOCGABS3F(r3, 0x8018457f, &(0x7f0000000200)=""/176) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = add_key(&(0x7f0000000040)='ceph\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f00000002c0)="d01c295effde08e54784eb4203ffb18f12c087f0e5237917b4c4db751efbd0fb3ea39fad23ff2ff9a4be74ea3007584223e7e0f0b2fc38ed142ab5002d17c61cef6d0d728e74c7aa841b0857657c66d13435f20b7df06857fd25bc1270ebcdc4972b5251eed768127b", 0x69, 0xfffffffffffffffa) keyctl$read(0xb, r4, &(0x7f0000000440)=""/93, 0x5d) 06:14:06 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x800000008912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$l2tp(0x18, 0x1, 0x1) prctl$getreaper(0x19, &(0x7f0000000000)) 06:14:08 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000002ff0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendmsg$rds(r0, &(0x7f0000000a00)={&(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000100), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000e3ecdb4a0c00000000001200000800000000000000001401000001f10017e710000000000000123d7bf4283761c3869e16e581f0afe690547150d7f7f5a28e7065ad2aa3bc7da15dea8b000000000000000000000000003ccb3674"], 0x30}, 0x0) 06:14:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = dup2(r0, r0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000009000/0x3000)=nil, 0x3000}, &(0x7f0000000140)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000180)=[@cstype0={0x4, 0x9}, @efer={0x2, 0xa000}], 0x2) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000240)={r4}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:14:08 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x4200, 0x0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000080)) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f00000002c0)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f00000015c0), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000001b40)}}], 0x2, 0x0) 06:14:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) flock(r1, 0x4) 06:14:11 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x2d2) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in6=@ipv4={[], [], @rand_addr}}}, {{@in6=@local}, 0x0, @in6}}, 0xe8) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) sendmmsg(r1, &(0x7f00000002c0), 0x4cc, 0x0) 06:14:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x800, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={0x0, 0x7}, &(0x7f0000000240)=0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x40000, 0x0) openat$vhci(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vhci\x00', 0x80000, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000340)='/dev/vcs#\x00', 0xa8, 0x80800) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000300)=@assoc_value={r3, 0xd64d}, &(0x7f0000000040)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:11 executing program 0: unshare(0x28020400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x8, 0x4, 0x100000001, 0x0, r0}, 0x2c) times(&(0x7f0000000280)) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0) ioctl$VIDIOC_S_FBUF(r2, 0x4030560b, &(0x7f0000000180)={0x4, 0x20, &(0x7f0000000140)="bc19f0b7b5c674abeb718a00bfb8439a7246764551555ace652140d66400ad8db1be1db84bd891eeaa98f9b7419452c5459833fba1aecfb42fc97a12083862", {0x6, 0x4, 0x32777f5c, 0x2, 0x0, 0x2, 0x7, 0xfffffffffffffffa}}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f00000001c0)={0x8, 0x7fffffff, 0x8, 'queue1\x00', 0x100007ae62d6c}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0xff85, &(0x7f00000000c0)}, 0x2fd) write$binfmt_elf32(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4607020507030000000000000000003f000600000049010000380000007400000004000000070020000100000000040900000000000700000000020000466500001d440000050000000600000002000000000000005b82baab9f8b67eb2abddc30243987517ad82ffa70fbbf77042fca5a94a14f583e3b54ac208fc5b94b81d41e83776ef2049a5cef059adbd20a6790fd955f64b2a381c50ccb66dac9503f05ce26dabf8206ab311265d88b1bb13b9a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x6b3) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r1, &(0x7f00000001c0), &(0x7f0000000080), 0x3}, 0x20) 06:14:11 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12, 0x0, @thr={&(0x7f00000002c0), &(0x7f0000000340)}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x0, 0x989680}, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x31, 0xffffffffffffffff, 0x0) tkill(r1, 0x1000000000014) r2 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r2, 0x800000c0045006, &(0x7f0000000000)=0x80) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) read(r2, &(0x7f0000000680)=""/187, 0xbb) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) bind$rds(r4, &(0x7f0000000180)={0x2, 0x4e20}, 0x10) 06:14:11 executing program 4: openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x402481, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000000c0)=ANY=[@ANYBLOB="a9c579c9dad000"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x10201, 0xfffffffffffffffe, 0x0, 0x1000, &(0x7f0000014000/0x1000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) setxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='security.capability\x00', &(0x7f0000000240)=@v1={0x1000000, [{0x8, 0xfffffffffffffff9}]}, 0x6, 0xffffffffffffffff) 06:14:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snapshot\x00', 0x0, 0x0) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000340)=0xfffffffffffffffc, 0x4) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/null\x00', 0x90000, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000040)={0x5, 0x80000000, 0x200, 0x8000, 0x0, 0x400, 0x5, 0x100, r2}, 0x20) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x100, 0x0) ioctl$EVIOCGNAME(r5, 0x80404506, &(0x7f0000000240)=""/96) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 06:14:11 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000040)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f0000000140)) r0 = inotify_init1(0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0x1c000803) preadv(r1, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) 06:14:11 executing program 0: unshare(0x400) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x1, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000240)) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = memfd_create(&(0x7f0000000040)='}\x00', 0x3) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000280)={0x75, 0x3}, 0x2) ioctl$EVIOCGVERSION(r2, 0x80044501, &(0x7f0000000080)=""/80) accept4$unix(r2, &(0x7f0000000100), &(0x7f0000000180)=0x6e, 0x80800) getsockopt$netlink(r1, 0x10e, 0x5, &(0x7f00000010c0)=""/4096, &(0x7f0000000000)=0x1000) openat$smack_task_current(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/attr/current\x00', 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f00000001c0)=[{0x8, 0xa000000000}, {0x4, 0x3464}, {0x4, 0x7}, {0x2, 0xffffffff80000001}, {0x8, 0x6}], 0x5) 06:14:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000100)={0x1, 0x21, &(0x7f0000000040)="b9c42b823fbb27380f896065e49cea25dbae9a6c7aeb93fd9c4ba47d0f2db61149"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x3, 0x40) setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000240)=0x200, 0x4) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 06:14:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000500)=ANY=[]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$amidi(0xffffffffffffffff, 0x100000000, 0x100) getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f00000000c0)=0x80000000, &(0x7f0000000140)=0x4) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$pppoe(0x18, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000200), &(0x7f0000000100)=0x68) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) setsockopt$inet_mreq(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local}, 0x8) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:12 executing program 2: capget(&(0x7f0000000140), &(0x7f0000000300)) r0 = memfd_create(&(0x7f0000000340)='\x00', 0x6) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000)) write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000040)={0xa3}, 0x2e8) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) capset(&(0x7f0000000100), &(0x7f0000000180)) 06:14:12 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8000, 0x280) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x100, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x3f, 0x8, 0x1, r1}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000360000)={0x0, 0x0, &(0x7f000035d000)={&(0x7f000033c000)=ANY=[@ANYBLOB="020d00001000000000000000000000000300060000000000020000007f0000010000000000000000030005000000000002000000000000000000000000000000080012000200010000000000000000003000000000000000000000000000ff01000000000000000000000000000100000000000000000000ffffe00000010000"], 0x80}}, 0x0) 06:14:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fsetxattr$security_smack_entry(r1, &(0x7f0000000040)='security.SMACK64EXEC\x00', &(0x7f0000000100)='$vboxnet1keyring}\x00', 0x12, 0x2) openat$dsp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x42440, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r3 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x7, 0x100) openat$cgroup_ro(r3, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x200, 0xf94000, 0x0, 0x7, 0x17, 0x11, "be4c32dfb9335a6e802bcaef9dbe6c937d8f8a2137c59752e0daffe50d7efbea0ace7a0653b0b35a7597d128dd12230efb675c04d1cdf470bf3f234fb6d516cb", "6880c683b1864f8c96e502fe148f72155b68ad1150f8cc5eb9383ec251f3edb65bced62ab8c9760a6bacb8b319bdcd939ba646d778fdb0d3da9ae91bd6b4be29", "d0c22748b985160bb97fb4b5ac0b8ffb66f4c6f70e99795aeebcfd85e14f7900", [0x239]}) 06:14:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="b9"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000280)={0x0, 0x6, 0x0, 0x3, 0x6}, &(0x7f00000007c0)=0x18) getsockopt$bt_BT_RCVMTU(r3, 0x112, 0xd, &(0x7f00000000c0)=0x5, &(0x7f0000000140)=0x2) setsockopt$inet_sctp6_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000800)=@assoc_id=r4, 0x4) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$DRM_IOCTL_MODESET_CTL(r3, 0x40086408, &(0x7f0000000200)={0xe91, 0xfa2a}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x4, 0x2, 0x0, 0x1000, &(0x7f0000008000/0x1000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:16 executing program 0: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x200200, 0x8) ioctl$VIDIOC_EXPBUF(0xffffffffffffff9c, 0xc0405610, &(0x7f0000000540)={0xf, 0x101, 0x55b5, 0x80000, 0xffffffffffffffff}) splice(r0, &(0x7f00000000c0), r1, &(0x7f0000000580), 0x2000, 0x2) unshare(0x20400) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f0000000000)) 06:14:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r2) close(r0) 06:14:16 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="598505000000000000770c6e103ea750eb861e3fac2000fb"]) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r0, 0xae9a) r1 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x8000, 0x20000) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000180)={0x6, 0x100, 0x1, 0x1, 0xdf2, 0x8, 0x5, 0x1f, 0xffffffffffff9d6a, 0x100000001}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 06:14:16 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x1c, 0x1) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x12d3, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:14:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x73f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:16 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0) ioctl$KVM_SET_DEBUGREGS(r0, 0x4080aea2, &(0x7f0000000200)={[0x1000, 0x2, 0x10001, 0x5007], 0x354, 0x80, 0x8}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000280)="48b8933b0000000000000f23d00f21f835000000080f23f8b9a7010000b871000000ba000000000f30c402513e854fe70000420f23bd46f4660f00acf23870000066baf80cb8687fec8def66bafc0cecf047fe8907000000f30f2081440f01cf", 0x60}], 0x1, 0xc, &(0x7f0000000340)=[@efer={0x2, 0x1000}, @cr4={0x1, 0x10004}], 0x2) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0}, &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000100)=0x1d000) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000540)) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000440)={r4, @in={{0x2, 0x4e24, @rand_addr=0x1}}}, &(0x7f0000000500)=0x84) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) write$binfmt_aout(r0, &(0x7f0000000900)=ANY=[@ANYBLOB="0b0106056001000047010000e7000000150100006c91000000000000000000003a36e4bbd199ef1dff3188716f60bce8a2dc2c7a8fe33c1f7398ecc8602d2bf2b3623839923a6f668a31e9701ca5f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007fd56a28020ef44ebdb3964466e5ae6eb4f6ffa66b48dcb53aa4fa412a9c1b93b1e4e490d0b7ca833924b5f0746cf7db4b0eb349b747beb760239cf9fd0e62ebc6eaeb21e72b850c"], 0x44f) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:14:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000140)=ANY=[@ANYRES32=0x0]) r2 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x7d27, 0x40000) openat$full(0xffffffffffffff9c, &(0x7f0000000200)='/dev/full\x00', 0x8100, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0x1}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x103ff, 0x1, 0x2002, 0x2000, &(0x7f000000a000/0x2000)=nil}) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) write$P9_RRENAME(r2, &(0x7f0000000280)={0x7, 0x15, 0x1}, 0x7) setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) shutdown(r4, 0x1) setsockopt$inet_tcp_int(r4, 0x6, 0x4000000000014, &(0x7f0000000180)=0x80000000002, 0x93) recvmsg(r4, &(0x7f0000000100)={&(0x7f0000000000)=@hci, 0x80, &(0x7f0000000480)}, 0x40000102) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) 06:14:16 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100)}, 0x0) r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0x0, 0x100000000, 0x18}, 0xc) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/106, 0x6a}, {&(0x7f0000000780)=""/4096, 0x1000}], 0x2) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f3, &(0x7f0000000580)='ip6_vti0\x00') 06:14:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r2) close(r0) 06:14:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) truncate(&(0x7f00000002c0)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x40000, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000280)={0x3a, @empty, 0x4e23, 0x0, 'rr\x00', 0x20, 0x40, 0x7c}, 0x2c) ioctl$BLKPG(r3, 0x1269, &(0x7f0000000180)={0x7fffffff, 0x7, 0x4b, &(0x7f0000000200)="0ef48a252485b5c446ca52c1a1db2a18eac3385d369920278035cd47dabf1ce47dcf594d1b004b1b86d72e11fea530801d5bdc7046e2878cfb025afdb8664501560eab2f80fdef2819de03"}) 06:14:17 executing program 0: r0 = socket$nl_xfrm(0x11, 0x3, 0x6) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x400) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x0, &(0x7f00000001c0)}, 0x10) 06:14:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="fbea38d99727222047954fbf9e1e921537f27e771cadd63b1b1114d256f7c5b1bc79d7c8b053c34a2364018da79753458ded1984ea2d901cbda22be7619f56c9887142badec001366d7a2c418675e253b32f894c907292c6dfecd74bd57408c608afb9b2c4ded2d964e956f6e62245fe10a1e888b6bc5a990541781af7327472c0f4cd35316b1e7184b77c61f95fffff014d331730e1de8b83"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:17 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r2) close(r0) 06:14:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r3 = fcntl$dupfd(r2, 0x406, r2) sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2, 0x3, 0x3, 0x6, 0x1e, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_spirange={0x2, 0x10, 0x4d3, 0x4d4}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e24, 0x3ff, @dev={0xfe, 0x80, [], 0x1f}, 0x85}}, @sadb_x_nat_t_type={0x1, 0x14, 0x4}, @sadb_x_sec_ctx={0x11, 0x18, 0x1, 0x5, 0x7e, "383ad2a4f802d4aca141c349ebf3cceca13486317167abe580982b17c016c9a5dc89888285022a476dffa458166e86564084898507dc1b38c35f84db8ffd4933e969aa3b38852d8bd41e41e6a9a7a11d900076b73ccaa3c88589457a64303378d83f281c9842e8254351d2ac38fb83b1d482e79d80758a7c04c0d13622e3"}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e20}]}, 0xf0}}, 0x8001) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:17 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r2) close(r0) 06:14:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000140)=""/96) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:20 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0xfb5, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:14:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0xb65175c5e5ddc785, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000000200)=""/133) r3 = syz_open_dev$sndpcmc(&(0x7f0000000440)='/dev/snd/pcmC#D#c\x00', 0x2, 0x10400) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r3, 0x10, &(0x7f00000002c0)={&(0x7f0000000100)=""/20, 0x14}}, 0x10) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x0, 0x0, 0x1000000000000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) read(r1, &(0x7f0000000040)=""/32, 0x20) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000380)=ANY=[@ANYBLOB="2b00000000001b207f5c5eeb0800450000180000000000009078ac1414aaac1414aa34000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000000000000000000088fab57633c6b0408c2f6e83a6156e8054d5283e43d1df7ee8c10000c51796d0501cefc76df541b58baaaf6073afaaee2af7c2bccb21189a0b56e210545281df8802ef74402d91923190bd3b5e6a84a076c31f6764b2485a2b88e5c01db7171073fdf6cf339c0f74e07e54ca120a1e18f606cbd7b31fc8a64b25caf72e36076c2d4b8b601fd1"], &(0x7f0000000000)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x11e000}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000140)={r2}) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x9, 0x5e97, 0x4b, 0x100000000, 0xa88}, &(0x7f00000001c0)=0x14) setsockopt$inet_sctp6_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r4}, 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000100)=0x78) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x2d3, 0xfffffffffffffffc, &(0x7f0000000280), 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000480)={r4, @in6={{0xa, 0x4e22, 0x20000000000, @dev={0xfe, 0x80, [], 0x13}, 0x4}}, 0x65f, 0x400, 0x6, 0x0, 0x10}, &(0x7f0000000040)=0x98) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r0) 06:14:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x200000) getsockopt$inet_tcp_buf(r3, 0x6, 0x0, &(0x7f0000000200)=""/205, &(0x7f0000000300)=0xcd) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x4, 0x123100) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r0) 06:14:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000380)="1d107f21838c6497900a5eae406c91499be99e35ef2b7e9bc1fa2706b4cf692a9fa36414cbe9a50153ad4b7548d5eba00d456c63606660c77c7784e1cd50ceb09dedd53004c8dde7eae9c33f150b4a722a4ba37fcc3280845c3f", 0x5a, 0xfffffffffffffffb) r3 = add_key$user(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x2}, &(0x7f0000000500)="dc6c767850e43228d15863b6bc504f0a7fbbd3c0f5d42ed5a4ce08e4eb743afd8c00718b94ca3f04a9f3221b59213f", 0x2f, 0xfffffffffffffff8) keyctl$instantiate_iov(0x14, r2, &(0x7f0000000440)=[{&(0x7f0000000400)="0f28219183a7d07790953206ffb0", 0xe}], 0x1, r3) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x4000, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)={&(0x7f0000000200)='./file0\x00', r4}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180), 0x4) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x1, 0x0, 0x4000000000116004, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 06:14:21 executing program 5: r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1f1, 0x101000) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000200)={0x0, 0x5}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r1, 0x1, 0x7ff, 0x7}, &(0x7f00000002c0)=0x10) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0x800, 0x401, 0x4, 0x8, 0x9, 0xb0, 0xffffffff}, 0x1c) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 06:14:21 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000000180)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="01000074748330e1203c0c3d2b"], &(0x7f00000002c0)=0x8) socket$packet(0x11, 0x3, 0x300) 06:14:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) close(r0) 06:14:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup3(r0, r0, 0x80000) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x40, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r2, 0xfffffffffffffffd, 0x7, r3}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000180)=ANY=[@ANYBLOB="73b7a1dd7d80bceee9c6c91659903d54993a388eccbf193129030e8e47c8ff1d45fff623872e8eb2d35b"]) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r3, &(0x7f0000000200)={0x2, 0x7}, 0x2) 06:14:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) close(r0) 06:14:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) close(r0) 06:14:24 executing program 1: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) times(&(0x7f0000000080)) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000180)=0x9) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0xffffffe8) socketpair(0x1d, 0x2, 0x6, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) 06:14:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x280000, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={0x0, r1, 0x7}, 0x14) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xffffffffffff54f4, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={0x0, @remote, @broadcast}, &(0x7f00000002c0)=0xc) ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000300)=r4) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000440)={0x15, 0x110, 0xfa00, {r6, 0x3, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0xfb, @mcast1, 0x9}, @ib={0x1b, 0x5f2e, 0x1, {"46ec975c50580142e73b51eb8c86d783"}, 0x7, 0x1, 0x6}}}, 0x118) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000340)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000240), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 06:14:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x7, 0x40) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) sendmsg$unix(r3, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="18000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x30}, 0x0) close(r0) 06:14:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/sequencer\x00', 0x111480, 0x0) ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000001d00)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) r4 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) accept4$alg(r4, 0x0, 0x0, 0x80800) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 640.680822] *** Guest State *** [ 640.684552] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 640.693630] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 640.702627] CR3 = 0x0000000000000000 [ 640.706380] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 640.712530] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 640.718582] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 640.725503] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 640.733656] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 640.741818] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 640.749846] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 640.757996] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 640.766151] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 640.774286] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 640.782461] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 640.790504] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 640.798646] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 640.806799] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 640.813396] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 640.820899] Interruptibility = 00000001 ActivityState = 00000000 [ 640.827389] *** Host State *** [ 640.830623] RIP = 0xffffffff812c8203 RSP = 0xffff88010a11f3c8 [ 640.836830] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 640.843543] FSBase=00007f09ac9e3700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 640.851400] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 640.857593] CR0=0000000080050033 CR3=00000001086c3000 CR4=00000000001426f0 [ 640.864772] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 640.871493] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 640.877769] *** Control State *** [ 640.881269] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 640.888167] EntryControls=0000d1ff ExitControls=002fefff [ 640.893790] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 640.900760] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 640.907658] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 640.914394] reason=80000021 qualification=0000000000000003 [ 640.920758] IDTVectoring: info=00000000 errcode=00000000 [ 640.926418] TSC Offset = 0xfffffea3f6dea096 [ 640.930790] EPT pointer = 0x000000010963b01e [ 640.980269] can: request_module (can-proto-6) failed. 06:14:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(0xffffffffffffffff, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) close(r0) 06:14:25 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000aeff, &(0x7f0000000300)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, &(0x7f0000001a40)=""/203, &(0x7f0000001b40)=""/221, &(0x7f0000000340)=""/126, 0xfffffffffffffffc}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)) 06:14:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) socketpair(0x0, 0x0, 0x9, &(0x7f0000000040)={0xffffffffffffffff}) fallocate(r3, 0x48, 0x7, 0x1) getsockopt$ARPT_SO_GET_REVISION_TARGET(r3, 0x0, 0x63, &(0x7f0000000100)={'HL\x00'}, &(0x7f0000000200)=0x1e) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000440)) syz_open_dev$mice(&(0x7f0000000300)='/dev/input/mice\x00', 0x0, 0x40b7dcfe75129a60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) r3 = syz_open_dev$audion(&(0x7f00000002c0)='/dev/audio#\x00', 0x2, 0x101500) write$UHID_INPUT(r3, &(0x7f0000000500)={0x8, "3d48b4f56e4dd1e1fc585906662776a5edc9a17563780fb7f1e1bc6425c719fee1e44dca3e20ab088ff5f24ba39ef798fbb69d2b16f7999a6493d4fe53bfbf4dbb770bb27cbadf371074e5bfb6959f068cd2f30a17b595ef5220af87e433c1598fa78f458abd9b176a13a968b9545d0f43ac428a175a71c758a1b417487c792149ca19021a6bf405a34b8c59e4b03aa24175e1a4f3e3abb736f00650e50b16e7673d0b663aa92a1f31fda1c6317a0e9cc655e56533c5ecc33c112e08372e3647ee9ab8a176ca3e2ff21156692ffc6cc2f5e588bc1de431a27109e6000e25c433ec1a340cf39e90a98d8eb6d9d7f48476810795b179b72e47796bb30293d47378526b379f3fbc5ef03aedb70b8047b640a0e44c6e0b1381901ffcff2f216caa2d64779f507fd58b5448e51e14e776928e992617e005cb8f720570cb37ff559d07ed88c5a595c8294bee3cf6dbfd41ac1db06b5e4f221e9499a0435875c1a0f744870984e0c424d7b16ce8b988a365cd44105efbe0d8b86ae9bea7c1bc3a2dca5ee828f8e76211e3d9836d303b785f9dcf057b11059a77bb4d07e533c8abcf3dc07ac5b46828e4919be6a0795da1f8b836e9b1c56e0499adf8c843a84af4c0c1ccb7378e3ccfe4b51805f48508b0a294115abbce0528e8d83bb6f07774025dcff33e02b96e48e6b4390d2a1026538b4c8d2233f54262037f8ec6e2c73f88af78639db9ec71b684490768b1e5c89c16a4650a4670e2a3aeefb3faa3861b313495a620e47a80f7442d89da3b5943e11782acaa144388fa7dd968d1cf7df5b0d60376c04c5492f9abe72b0ead0c29cead35cc13fcf906ecd82daa04d2c7626b1ae0e9666461cc9df30091f1f94abe9c3846e40e287ee758d3dbc992294cde50bc64af295e28390184c0f9dfb1f3645a31c6c51586540fdefbab476d586c84fa38ac5846102d8dbf7aaeccc1eda5e95d4ad6ca936dcfcb1ebdd3e4bc95285e91625248dd79f74f2c9fb1170b71ac619f52cf0579f9c1a59641ac0ebaba0bcd8429c4dddb73bee9701dee7b8742495c253cff116820a6ad52f39eea2a147bf5326972b3ca2e9a2feb8d23b18c67a9f9b9974c3fb8831e2036a348861897b91cf7d35e9300c2e7e7ace1dee2c4500cb5189ef68a8ca8a0986528e69e92c13b6768a64a6fc6de2137278a2666f687a855e9344d847d55fecd4a28f36096c1b09ffe412588374a9c38c34bc96798bbde47a9215b81ceb2d36ce01e841f8df1286c2b4665ab5cad78febde32824aeb13d3455e24afdd5403e2e0590f7c66aabe8f2baf839b34eda2be9d708479a84633369c6a7565dc4a45f50ab54134e0f1a62678a558f5dd3174d93f0f66e3fcc751ecbc45ea662a6d859cf07968970bfcc2ee78f69b0b82d71e123b6791b2f7beaf6842c22f9c959ed7959612c6af661ba0af52b62fd79d61d89ce91e48f848aa3711cedea9f5c65909c9ec99985ebf535b29db97b64037646bfee05ecbc4e7a9e9f69bf8be5b84ecec810d0841d94d23cc50f12e792358d4617e87f1962f4c9a3e78ef3b5336da2bc20843aa619ed49bec631046297eb3d6ac6b551932f5b117c8a4db6a3a72fcea82c3fe6b3ffc40b1fd60f7b3fc87b654933cab00da75e5ae6340a84adf20fbfa036737b974bfaf32ca7ee0a58590b4a29d238d9ecbc057377d4b6a0f0c54cb047e018c205b24b6d4bc69f83a691bcc22571fc43ace505485ad9fe9fd1399d8551ffa567ccbf016819546e88280dcfc0cf125b54c7906821b2318919552fc53e8181c01f62c18887e76ff0bdd97b3fd9867a39d30ff82ce306a4683f022c90e6a5e9a88b64c84c19b202027f40337dd55cdfc83d7bb1905ca19751ef8980ddfc37ec562fb1fa7608866b24938369c12c0cb8382dbeffa5d71c98ea4c11f9fb5534f36adc1d048c08459819f76669fe9b3dec0c115d58a655f3b880c950a1506e5c8bfd589a1a48f3cb9881201536a7f2b58fd921c596c31518d4eeae72c9542405e198f297ac3a1f964e9db0cf1db9ede1d75dfea2fd42829b81902257dcd66049f61c60cc4d53c62417d2f8c578fc974c7fa4638b6d4b074b936fc1de27606f9592511ac7cb73f670c70445057c964bfe4fbc898ff06eb3a64da950d325e30ffffd17eb4b8dfb1309a5eb8153087d9f6a6b58c866fd45ecbb50359813373fe439d6268ee75e0846456e2fbdcf5fffa73439d99efaa495c2387ec66125a2d9562f2ce75fc6eb705d8b8826bba042ae4fde5ba3cf4ae17561fe0b98478c4cc2aea665196598b46160e111c44c4a8bcf19de03844e6ba18e307961860497c3ce8e38dbb6a596494ddb079071fc2d5317972e4a90ea15e895e69334580c06ce8476bac55f5d3f596800da27e7d640a7579a3bed60b1558b75dd06244152e43cc0760e6511041790470149cc86f2ba421a4126ff48b08f285fcf5071ce769ff546a5c48b66576250786ade5b0faf895a8ca9a25f435ec226265a2b7b4bb237153c368171cb53d589e39b5a955802a9de700ce237d704a8510173e8c045db46a0b9c480822d5e7bb26a90b25ad4db2ad0f96555361ad274eca6631f430d00f76de550a7daa0a55efc0daf16a606ee6ef563a9688a80aff02f0d238f14a27bea658030d09e7a0691d2695cd0efc872c2cc264828e038295ec59868044a51c679da727502868fe917b8ba41337ce0c63714982a6e0019315627a5ee725980fb7c0b504f83847942e48bf01b51b7c8db76c7fa912ef3f31e5de4318599c474f9d03bfd8b8da5ca7db5e293ba76201ca8bce2d8fd621a766f5cbde53ab9c995d6940bb176cc2458e2cad81c2a68d192e3ac47e8fc349dad2bed2665903fcd098179dd7e928a3a52da0bfc46bca8c82c1acff1021d0ede706e51170b7e1debb8b0df803eba03ff97a451fb17258bbbb80b534337054424e6b9cbc6b9b523221cb2038a3f8ff7a651e29ee7e3172a2488137c8db8e3a064632f96ccafb4fcc0f6d914520562a67f76cc3dec4216c97a96f5846705eb9b2966e003d6be25ad0588dba901b0601f4e6f2087660cddd6330721267882a6aedc25898eac7af3c0f9dd0669116ac8565660e01dc78531779914203d2a5b2eaa2754c4235aecef26eaff54283875a1f648588cd3be4413975d10be849f55db8f12f4361e44130d1cfd24b36b8b7110d818c00db8a999edcb2ac6c32aaba2dfc05d0e6dca5fbeaf5ec0de98b130bda2c194faec8556273fb826a34a29d077ba7feaeca76680d94de1ea1b10578f67118220e388fe9918544ba3de72f2f9c165b94cb027cdb0cb6896593158019ae9fc91ab7b49094331981032d1a50d9034e2ef3b051308c4420f9276d6c028b8c43a556bb738b979680a4955c3a0b7855fe79a7e841e1d3e5f2ad60f56dd953e2c856dc887e1936d67718081e1b2aca36605963920e30d2ec92b20e334fe8e0bc92a804f8283869b5b9199c6e84cfbccbad353d705500f2aea14451915fe86be5b2ccc242de5968db6bcdeee5cc1204f819d822f71b6516b26495de8248999f71557621efb0beed9864689fdc45cc804b5e011f14a17355e980b464c2642ce7bfa26643a9ff3f8bb7b1067279c545facc1ec96b5b258d1b6dbc0032c207486265c05604a68a28af93b506dfd92d7f32f8cca2bf98f3f45e3d4d11ee17a727ea4708e89112f7bffe9da333a293ddda0ea961e993ed7696f6ed470651ab44a828b22bf1c4116100f4e81ead7be91a6b22bd5d219c5d9094fc5f885f50105a221f53f62e73222d51a3564eae58f1baa21cc4371aa548153a84c228b939c34e53deb325eace71cbecbf045f450a9f7b08c47ee698ee47f1850354f5852909ffd9e012f6153c9a4423c5241b48fdc0f99668ca9f655330531bc55b264c266ca06c3d0afa0ebf14ff91d5d48fc7d640a4a021c9ec43487a889b869cc464067032d6d33cc0c3671d167debb9010a45a6d636d2aa9a54db8fec34de4aaa2fb667bc48dd44eb835ef42851615c9731d14eba413db02eb17548086e69d06584d91b1fe62654065e3eb0748e8dfd0a0fce4a4a41e208331eb987ef9dbbe9839f319c1ef0e5e8d58b2942b5cbf96ad8c970964dd1bfa45a2aa09e97c91e99b62d5f3cfe8351a3c58f2fc4dd7a368194328d374f89ce35bf9af9759ef86e59efb4417e81d440ac9d41d269d8a97d9e433bd6541417572cd229ab1fb25830dffd86a266a1f69508144d5451c3892b83f99ae15305782fde8c9dfd7e8c2819c7d17c3e5b9a4d8931117bedd15989e23c632e5a31976aa2ad646da0cd55c27e78969e0b1629856cb461e13b70a2e2514fa650d28b3fffa28061fe43cc1e191c9cfd52ab959f321c85676c97b9e945104a1899157289c140e71d0e8a7a694f13d5f275c429e859c29336409135f6e5f6de3905511ee7902184551562d023ca781ea17ec2227731f1946e76b8b8b77b556cfff60906d209cd04a230e65ecfc139b57b1b9b77dea047700a5ec12ab7376cd3a096068cac218c2e46851823b93bb783a3824a346f29c0c71e50bde1259d86118d82481f48807db286213f48f0df96b4a4a4e72afc4cc9831ea63b0c20a7404f8d797fbcd1c4a3e239b09ae4f6cfd8a3d349ab3b8524dc260d0fc01ad02f8e58663a7de90db711b05bc6b4031bde5c1af5ace19895662dd89822df7cba04d6ddbda13d761eee04535d40392cf5b63756d4df5ac255200298a59e9897ffe33d27d5fb23953c080cbbeacaacfac5bea036863f05b5eeb6dc3af5dc238a0c3f23a39dc8b668da0a23aed67ebb29d18d72bb324f8583f5baccf257cc32894e1f737918f725985959dc9be93a0694fd95c60f8ca66dc55faf5eb88801250eb0312dd0f75c5a45c91c6066318fa6c9891107d25879b11662d285827c75358cb24728c18361dc8476413203d5d7d8ad7ed18719b0cf1e57102e69434dbf73e514fa4a6f7e153b250cbbf123adbf34d2d54f41067ceca66e40236879715975786f3d517cd66080fac5435a8bb0f6756f133e896e0ca7a8ffbd5e53af022e208cac896caf56cbf0f5afec830ff2334291c4eae4d4546017df7ca3f62890a1a1fcb6213a30e1b622604a84fe9f36930d14b019ab0ea41456bdd2b5491e27d89bf684a7fb0354d0709d20815430a8a6a9794c7ab7ca31a8deeffe36ce959011ff6e0c22cd291c04cab573984b3ef0ab9840926abc70dbb49cb4da75ef340880e3ffea0ddfde989228e78690967bb7127b8e4dc4171046bb7632af8baf96b6d2b5adbf8fff40d7a99898b69466daa7ef5569573a55da30459443c677d5908a9e909018d44e771fc9c5f050dd331b74240e43b64ebfb57b198d09d5442bfb727ee9fc0a3212e19c7369529fcc51befe898d3eb426b0f4ff10a4e014861a78dc7ed7aafc995006e054c6e1802b00e9d03167116c334e11443df6fd42796fa1a62d4f7339053a725dc42ce99410962fd93b96a8cc8ec51d8a9ce1b78516ab0b9f06bded444e62113921fd5474f47594e4ebdbb7c4e0b2e0b0467916034e59fc638813538e2348656b6f2efdddf28a2bd5c94ef514438991f876d72fe57630e0cd89338833df92826bff49d8ccd721d9fea58ba9be9a34661dae5807ae52db9c47da9c77cd6167a4d8fd14404cc32a861561fc872b224b21805d3d9e537386bea6da68a388daa36ed155edfdad9313ceda91338e25ded3db2d7d9f25afbf95bb1ca932be84e42fa701d56f461635ba6d7b1938731d12046b6b4d99cc35155ece3434163f75dce84456cba52b314699f04", 0x1000}, 0x1006) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) r4 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x7, 0x800) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f0000000280)={0x8001, 0x7, 0x315, 0x100000000}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5}) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) getsockopt$bt_rfcomm_RFCOMM_LM(r5, 0x12, 0x3, &(0x7f0000000100), &(0x7f0000000200)=0x4) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 06:14:25 executing program 2: sendmsg$unix(0xffffffffffffffff, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [0xffffffffffffffff]}], 0x18}, 0x0) close(0xffffffffffffffff) 06:14:25 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x2f5}], 0x30}, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) readv(r2, &(0x7f0000000400)=[{&(0x7f0000000280)=""/131, 0x6}, {&(0x7f0000000140)=""/25, 0x19}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x3) ioctl$sock_SIOCADDDLCI(r2, 0x8980, &(0x7f00000000c0)={'ifb0\x00', 0x8}) 06:14:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0xfed26731b346e3df, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="c8000000efb528fc5f21e7634bd0e168c88f0548f8b105dc1fa4a15397f90364596ad4987b2b348959147c1d5f247ef5f5d299c87cec106fbd3446ab7c8c8a0a5286d18f040663772000000000000000b130dd0ef874971bcf86e51729b2323e50d72aba596bcc4021816548e765bf1e33ac5d02294f011a42f8812cb220caec13d3da63b943ebbe6cd9b709b876e594164ba9ae247c0e579d391a4bf9fc67ee11d14290c02e6e22773b5f4704d749d02d32672829cacb9c85cc65e60130b263fa4353e38468f6f8e83c7699"], &(0x7f0000000400)=0xd0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000440)={r4, 0x1, 0x1, [0xffffffffffffffff]}, 0xa) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000014000/0x1000)=nil}) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000000080)={0x3, [0x3, 0x5, 0x9]}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x90000, 0x90) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r5, 0x84, 0x65, &(0x7f0000000200)=[@in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e23, 0x4, @mcast1, 0x1}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e22, 0x3b3, @ipv4={[], [], @multicast2}, 0x3}, @in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e22, 0xfe86, @dev={0xfe, 0x80, [], 0x14}, 0xb3}, @in6={0xa, 0x4e22, 0x7, @local, 0x5}], 0xb0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 641.724181] can: request_module (can-proto-6) failed. 06:14:28 executing program 1: accept4$inet6(0xffffffffffffff9c, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='task\x00') execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180), 0x0) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x14) 06:14:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x2) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x3}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000240)={0x2}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f0000000040)={0x1000, 0x0, 0x7, 0x1, 0x5}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:14:28 executing program 3: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x3f, 0x0) execveat(r0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000440)=[&(0x7f0000000200)='/dev/kvm\x00', &(0x7f0000000240)='(\x00', &(0x7f0000000280)='/dev/kvm\x00', &(0x7f00000002c0)='^eth0}-.|user\x00', &(0x7f0000000300)='\x00', &(0x7f0000000340)='\x00'], &(0x7f0000000500)=[&(0x7f0000000480)='@mime_type\x00', &(0x7f00000004c0)='/dev/kvm\x00'], 0x1000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000540)='/dev/full\x00', 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000040), 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000140), &(0x7f00000001c0)=0xc) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x5}) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000080)={[{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:14:28 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(0xffffffffffffffff, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) close(r0) 06:14:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000140)={0x4, 0x1f2}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fb"]) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r1, &(0x7f00000001c0)={r2, r3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x200) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000180)={0x1, 0x80000000, [{0x40, 0x0, 0x80000000}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 06:14:28 executing program 0: r0 = syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x80000000008, 0x0) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000140)={0x0, 0x3, 0x4, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '4,,D'}, 0x0, 0x0, @planes=&(0x7f0000000100)={0x0, 0x0, @fd=0xffffffffffffffff}, 0x4}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000440)={0x1, 0x5, 0x1, 0x0, 0x0, [], [], [], 0xff}) fcntl$getownex(r1, 0x10, &(0x7f0000000400)={0x0, 0x0}) process_vm_writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/76, 0x4c}], 0x1, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/172, 0xac}, {&(0x7f00000002c0)=""/209, 0xd1}], 0x2, 0x0) [ 644.803109] *** Guest State *** [ 644.806639] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 644.815790] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 644.824881] CR3 = 0x0000000000000000 [ 644.828643] RSP = 0x0000000000000f80 RIP = 0x0000000000000001 [ 644.834773] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 644.840916] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 644.847801] CS: sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000 [ 644.855934] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 644.864071] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 644.872197] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 644.880216] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 644.888343] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 644.896493] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 644.904626] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 644.912767] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 644.920786] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 644.928885] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 644.935431] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 644.943031] Interruptibility = 00000001 ActivityState = 00000000 [ 644.949299] *** Host State *** 06:14:29 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x802, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x0, 0x4004400}) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000180)) syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x8001, 0x0) [ 644.953197] RIP = 0xffffffff812c8203 RSP = 0xffff88016c16f3c8 [ 644.959255] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 644.965884] FSBase=00007f09ac9e3700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 644.973830] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 644.979766] CR0=0000000080050033 CR3=000000010b420000 CR4=00000000001426e0 [ 644.987005] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 644.993842] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 644.999926] *** Control State *** [ 645.003627] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 645.010333] EntryControls=0000d1ff ExitControls=002fefff [ 645.015997] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 645.023156] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 645.029861] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 645.036645] reason=80000021 qualification=0000000000000003 [ 645.043116] IDTVectoring: info=00000000 errcode=00000000 [ 645.048602] TSC Offset = 0xfffffea1c15bdef1 06:14:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00007a0000)={0xffffffffffffffff}) sendmsg$unix(0xffffffffffffffff, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x6e, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)}, 0x0) close(r0) [ 645.053124] EPT pointer = 0x000000010a4dd01e [ 645.228211] ================================================================== [ 645.231689] BUG: KMSAN: uninit-value in native_apic_mem_read+0x54/0x60 [ 645.231689] CPU: 0 PID: 14348 Comm: syz-executor4 Not tainted 4.19.0+ #77 [ 645.231689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.231689] Call Trace: [ 645.231689] [ 645.231689] dump_stack+0x32d/0x480 [ 645.231689] ? native_apic_mem_read+0x54/0x60 [ 645.231689] kmsan_report+0x1a2/0x2e0 [ 645.231689] ? native_apic_mem_write+0xa0/0xa0 [ 645.231689] __msan_warning+0x74/0xd0 [ 645.231689] native_apic_mem_read+0x54/0x60 [ 645.231689] smp_spurious_interrupt+0x38e/0x770 [ 645.231689] spurious_interrupt+0xf/0x20 [ 645.231689] [ 645.231689] RIP: 0010:vmx_handle_external_intr+0x1e3/0x280 [ 645.231689] Code: e3 20 4c 09 fb 48 89 c1 48 c1 e1 20 4c 09 e9 0f 85 95 00 00 00 4c 89 f4 48 89 e0 48 83 e4 f0 6a 18 50 9c 6a 10 e8 1d 30 d4 09 05 e8 96 e9 78 00 65 48 8b 04 25 28 00 00 00 48 3b 45 d0 75 7d [ 645.231689] RSP: 0018:ffff8801082ef538 EFLAGS: 00000086 ORIG_RAX: ffffffffffffff00 [ 645.231689] RAX: ffff8801082ef538 RBX: ffffffff8ae01520 RCX: 0000000000000000 [ 645.231689] RDX: ffffffff8c4eb000 RSI: fffffe0080000ef8 RDI: 0000760000000ef8 [ 645.231689] RBP: ffff8801082ef590 R08: ffff880000000000 R09: 0000000000000002 [ 645.231689] R10: 0000000000000000 R11: ffffffff812c4e20 R12: fffffe0000000ef8 [ 645.231689] R13: 0000000000000000 R14: ffff8801082ef538 R15: 000000008ae01520 [ 645.231689] ? error_interrupt+0x20/0x20 [ 645.231689] ? free_kvm_area+0x250/0x250 [ 645.231689] ? vmx_handle_external_intr+0x1b2/0x280 [ 645.231689] ? free_kvm_area+0x250/0x250 [ 645.231689] kvm_arch_vcpu_ioctl_run+0xa9b8/0x11d80 [ 645.231689] ? kmsan_set_origin+0x83/0x130 [ 645.231689] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 645.231689] ? __msan_get_context_state+0x9/0x30 [ 645.231689] ? INIT_S64+0xd/0x30 [ 645.231689] ? mutex_unlock+0x21c/0x300 [ 645.231689] ? kmsan_set_origin+0x83/0x130 [ 645.231689] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 645.231689] ? __msan_get_context_state+0x9/0x30 [ 645.231689] ? INIT_BOOL+0x17/0x30 [ 645.231689] ? put_pid+0x319/0x410 [ 645.231689] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 645.231689] ? do_vfs_ioctl+0x187/0x2d30 [ 645.231689] ? kvm_vm_release+0x90/0x90 [ 645.231689] do_vfs_ioctl+0xf77/0x2d30 [ 645.231689] ? security_file_ioctl+0x92/0x200 [ 645.231689] __se_sys_ioctl+0x1da/0x270 [ 645.231689] __x64_sys_ioctl+0x4a/0x70 [ 645.231689] do_syscall_64+0xcf/0x110 [ 645.231689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 645.231689] RIP: 0033:0x457569 [ 645.231689] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 645.231689] RSP: 002b:00007f09ac9a0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 645.231689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 645.231689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 645.231689] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 645.231689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9a16d4 [ 645.231689] R13: 00000000004c028e R14: 00000000004d05f8 R15: 00000000ffffffff [ 645.231689] [ 645.231689] Local variable description: ----regs.i.i@vmx_vcpu_run [ 645.231689] Variable was created at: [ 645.231689] vmx_vcpu_run+0xb7/0x50b0 [ 645.231689] kvm_arch_vcpu_ioctl_run+0xa059/0x11d80 [ 645.231689] ================================================================== [ 645.231689] Disabling lock debugging due to kernel taint [ 645.231689] Kernel panic - not syncing: panic_on_warn set ... [ 645.231689] [ 645.231689] CPU: 0 PID: 14348 Comm: syz-executor4 Tainted: G B 4.19.0+ #77 [ 645.231689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.231689] Call Trace: [ 645.231689] [ 645.231689] dump_stack+0x32d/0x480 [ 645.231689] panic+0x57e/0xb28 [ 645.231689] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 645.231689] kmsan_report+0x2d3/0x2e0 [ 645.231689] ? native_apic_mem_write+0xa0/0xa0 [ 645.231689] __msan_warning+0x74/0xd0 [ 645.231689] native_apic_mem_read+0x54/0x60 [ 645.231689] smp_spurious_interrupt+0x38e/0x770 [ 645.231689] spurious_interrupt+0xf/0x20 [ 645.231689] [ 645.231689] RIP: 0010:vmx_handle_external_intr+0x1e3/0x280 [ 645.231689] Code: e3 20 4c 09 fb 48 89 c1 48 c1 e1 20 4c 09 e9 0f 85 95 00 00 00 4c 89 f4 48 89 e0 48 83 e4 f0 6a 18 50 9c 6a 10 e8 1d 30 d4 09 05 e8 96 e9 78 00 65 48 8b 04 25 28 00 00 00 48 3b 45 d0 75 7d [ 645.231689] RSP: 0018:ffff8801082ef538 EFLAGS: 00000086 ORIG_RAX: ffffffffffffff00 [ 645.231689] RAX: ffff8801082ef538 RBX: ffffffff8ae01520 RCX: 0000000000000000 [ 645.231689] RDX: ffffffff8c4eb000 RSI: fffffe0080000ef8 RDI: 0000760000000ef8 [ 645.231689] RBP: ffff8801082ef590 R08: ffff880000000000 R09: 0000000000000002 [ 645.231689] R10: 0000000000000000 R11: ffffffff812c4e20 R12: fffffe0000000ef8 [ 645.231689] R13: 0000000000000000 R14: ffff8801082ef538 R15: 000000008ae01520 [ 645.231689] ? error_interrupt+0x20/0x20 [ 645.231689] ? free_kvm_area+0x250/0x250 [ 645.231689] ? vmx_handle_external_intr+0x1b2/0x280 [ 645.231689] ? free_kvm_area+0x250/0x250 [ 645.231689] kvm_arch_vcpu_ioctl_run+0xa9b8/0x11d80 [ 645.231689] ? kmsan_set_origin+0x83/0x130 [ 645.231689] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 645.231689] ? __msan_get_context_state+0x9/0x30 [ 645.231689] ? INIT_S64+0xd/0x30 [ 645.231689] ? mutex_unlock+0x21c/0x300 [ 645.231689] ? kmsan_set_origin+0x83/0x130 [ 645.231689] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 645.231689] ? __msan_get_context_state+0x9/0x30 [ 645.231689] ? INIT_BOOL+0x17/0x30 [ 645.231689] ? put_pid+0x319/0x410 [ 645.231689] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 645.231689] ? do_vfs_ioctl+0x187/0x2d30 [ 645.231689] ? kvm_vm_release+0x90/0x90 [ 645.231689] do_vfs_ioctl+0xf77/0x2d30 [ 645.231689] ? security_file_ioctl+0x92/0x200 [ 645.231689] __se_sys_ioctl+0x1da/0x270 [ 645.231689] __x64_sys_ioctl+0x4a/0x70 [ 645.231689] do_syscall_64+0xcf/0x110 [ 645.231689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 645.231689] RIP: 0033:0x457569 [ 645.231689] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 645.231689] RSP: 002b:00007f09ac9a0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 645.231689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 645.231689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 645.231689] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 645.231689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09ac9a16d4 [ 645.231689] R13: 00000000004c028e R14: 00000000004d05f8 R15: 00000000ffffffff [ 645.231689] Kernel Offset: disabled [ 645.231689] Rebooting in 86400 seconds..