0x1000000000016)

[  760.178595] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:30 executing program 5:
syz_open_dev$sndtimer(&(0x7f0000000400)='/dev/snd/timer\x00', 0x0, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000180)=0x20000)
write(r1, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x64}, &(0x7f0000000100), &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

13:33:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x200000003)

13:33:30 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x6729390000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  760.450714] cgroup: fork rejected by pids controller in /syz1
[  760.457908] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:31 executing program 3:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
bind$alg(0xffffffffffffffff, &(0x7f0000002a40)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)

13:33:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xffffffea)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000440)={0x0, <r3=>0x0})
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000480), 0x8)
pselect6(0x40, &(0x7f00000000c0), &(0x7f00000004c0)={0x20}, &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r3+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x110, 0x2000)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000180)=""/31, &(0x7f0000000240)=0x1f)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000340))
ioctl$FIGETBSZ(r2, 0x2, &(0x7f00000003c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x4)

13:33:31 executing program 5:
socket$inet6(0xa, 0x2, 0x4)
r0 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x0, 0x20200)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040), 0xc, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[]}, 0x1, 0x0, 0x0, 0x40000000000}, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f00000002c0)=ANY=[])
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getrusage(0x1, &(0x7f0000000740))
fchdir(r1)
ioctl$SCSI_IOCTL_SYNC(r1, 0x4)
r2 = open(&(0x7f0000000480)='./file0\x00', 0x801, 0x80)
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000700))
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000580)=0x5)
syz_extract_tcp_res$synack(&(0x7f00000001c0), 0x1, 0x0)
unlinkat(r1, &(0x7f0000000400)='./file0\x00', 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_elf32(r2, &(0x7f0000000c80)=ANY=[@ANYBLOB="7f454c46f800790006000000000000000300060000000000e300f065a9d2f5cd48349fe9e77b817a00003800000049020000010000000400200002000008050007000000000055e5746420000000090000000002000040000000070000000500000009000000030000703e0300000100000000000100020000000100000001000000fcffffffd42b841621feee56ae29038f559f7fad4478fc93d52e5ba585f1dd8dfcf9af3e42582b59b903d43dcd2959915fa8371349d30bc673ade230f59f8a27d4a860a1c0611243b679e84c72b47fd3a89c1762107ccdeb2163e7e4818886fd8c1c5b3ec569c06c0695d4bf6751a30888ad7d495491f1faa8285726b9e5a0149702d020b6c3f2927e4a1b2f23c25d7475499dd2e3f217d514a8d7cb5d717c9a9ceadfe1b1ddf49c4bbda3bdd1ed3c08716d1b181cf815c305b9cb87f5e315727307d8444937ba3ccab800f697855abf3bdcd7ec6306dc1d5ec3ef57cf7bb924bf0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x363)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000005c0)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x7, @mcast1, 0x9}}, 0x0, 0x0, 0x5, 0x100000001, 0x5}, &(0x7f0000000240)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={r4, 0x1, 0x26, 0x10000, 0x0, 0x3}, &(0x7f00000003c0)=0x14)
sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000500)={0x0, 0x2, {0x0, 0x0, 0xd58, 0x1}})

13:33:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000)

13:33:31 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:31 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfe800000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  761.048364] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:31 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents(r0, &(0x7f0000000000)=""/127, 0x2fb)
ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000100)=0x100)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000140)={0x1, 0x3})

13:33:31 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x700]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x37f2609b7f0000)

13:33:31 executing program 5:
socket$inet6(0xa, 0x2, 0x4)
r0 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x0, 0x20200)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040), 0xc, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[]}, 0x1, 0x0, 0x0, 0x40000000000}, 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f00000002c0)=ANY=[])
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getrusage(0x1, &(0x7f0000000740))
fchdir(r1)
ioctl$SCSI_IOCTL_SYNC(r1, 0x4)
r2 = open(&(0x7f0000000480)='./file0\x00', 0x801, 0x80)
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000700))
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000580)=0x5)
syz_extract_tcp_res$synack(&(0x7f00000001c0), 0x1, 0x0)
unlinkat(r1, &(0x7f0000000400)='./file0\x00', 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_elf32(r2, &(0x7f0000000c80)=ANY=[@ANYBLOB="7f454c46f800790006000000000000000300060000000000e300f065a9d2f5cd48349fe9e77b817a00003800000049020000010000000400200002000008050007000000000055e5746420000000090000000002000040000000070000000500000009000000030000703e0300000100000000000100020000000100000001000000fcffffffd42b841621feee56ae29038f559f7fad4478fc93d52e5ba585f1dd8dfcf9af3e42582b59b903d43dcd2959915fa8371349d30bc673ade230f59f8a27d4a860a1c0611243b679e84c72b47fd3a89c1762107ccdeb2163e7e4818886fd8c1c5b3ec569c06c0695d4bf6751a30888ad7d495491f1faa8285726b9e5a0149702d020b6c3f2927e4a1b2f23c25d7475499dd2e3f217d514a8d7cb5d717c9a9ceadfe1b1ddf49c4bbda3bdd1ed3c08716d1b181cf815c305b9cb87f5e315727307d8444937ba3ccab800f697855abf3bdcd7ec6306dc1d5ec3ef57cf7bb924bf0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x363)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000005c0)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x7, @mcast1, 0x9}}, 0x0, 0x0, 0x5, 0x100000001, 0x5}, &(0x7f0000000240)=0x98)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={r4, 0x1, 0x26, 0x10000, 0x0, 0x3}, &(0x7f00000003c0)=0x14)
sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000500)={0x0, 0x2, {0x0, 0x0, 0xd58, 0x1}})

[  761.327481] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  761.397632] device bridge_slave_1 left promiscuous mode
[  761.403221] bridge0: port 2(bridge_slave_1) entered disabled state
[  761.419492] IPVS: ftp: loaded support on port[0] = 21
13:33:31 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x17fa9ae5]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:31 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents(r0, &(0x7f0000000000)=""/127, 0x2fb)
ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000100)=0x100)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000140)={0x1, 0x3})

[  761.461989] device bridge_slave_0 left promiscuous mode
[  761.502140] bridge0: port 1(bridge_slave_0) entered disabled state
13:33:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x1a0ffffffff)

[  761.721086] team0 (unregistering): Port device team_slave_1 removed
[  761.763141] team0 (unregistering): Port device team_slave_0 removed
[  761.790373] bond0 (unregistering): Releasing backup interface bond_slave_1
[  761.820976] bond0 (unregistering): Releasing backup interface bond_slave_0
13:33:31 executing program 0:
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
r0 = semget(0x2, 0x3, 0x380)
semctl$IPC_RMID(r0, 0x0, 0x0)

13:33:31 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
io_submit(0x0, 0x0, &(0x7f0000000780))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400)='/dev/audio\x00', 0x200000, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = gettid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8b, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt(0xffffffffffffffff, 0x3, 0x1, &(0x7f00000003c0), 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@dev={0xfe, 0x80, [], 0x1b}, 0x6f})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f0000000240))
ioctl$VT_DISALLOCATE(r1, 0x5608)
ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local, @empty, @loopback, 0x3})
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000440))
syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x3, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00001ec000)="0a0775b0d5e383e5b3b60ced5c54", 0xe)
r4 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x400000, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
getpgid(0x0)
r5 = creat(&(0x7f00000003c0)='./bus\x00', 0xc0)
fcntl$setstatus(r5, 0x4, 0x44000)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r5, 0x0, 0x0, 0xa6b9d)
io_setup(0x40000100000003, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x10, 0x8, 0x1, 0x0, r5, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x3000000}])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r5, 0xc08c5335, &(0x7f0000000440)={0x3, 0x1, 0x0, 'queue1\x00'})
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340))
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000005e40)={0xffffffffffffffff, r4, 0x0, 0xa, &(0x7f0000005e00)='/dev/vhci\x00'}, 0x30)
ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f0000007680))
stat(&(0x7f00000076c0)='./file0\x00', &(0x7f0000007700))

13:33:31 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_buf(r0, 0x29, 0x8000000039, &(0x7f0000000180)="d1020400005800200007000613f32e1c00ce5fe1b471985e", 0x18)
sendto$inet6(r0, &(0x7f0000000040)="cd", 0x1, 0x0, &(0x7f0000aa9000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1000000000000004}, 0x1c)
listen(r0, 0x5)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x0, 0x0)
r2 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0xf826, 0x141102)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x401, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r2, 0x20, 0x4, r3})
accept(r0, &(0x7f0000000100)=@hci, &(0x7f0000000240)=0x2a8)

13:33:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x8000a0)

[  761.885317] bond0 (unregistering): Released all slaves
[  762.968558] bridge0: port 1(bridge_slave_0) entered blocking state
[  762.975055] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.982716] device bridge_slave_0 entered promiscuous mode
[  763.033156] bridge0: port 2(bridge_slave_1) entered blocking state
[  763.039753] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.047327] device bridge_slave_1 entered promiscuous mode
[  763.093873] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  763.141961] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  763.281813] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  763.331437] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  763.557139] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  763.564658] team0: Port device team_slave_0 added
[  763.604033] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  763.611280] team0: Port device team_slave_1 added
[  763.640234] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  763.669361] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  763.698814] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  763.706439] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  763.714301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  763.742645] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  763.750096] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  763.758537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  764.024792] bridge0: port 2(bridge_slave_1) entered blocking state
[  764.031208] bridge0: port 2(bridge_slave_1) entered forwarding state
[  764.037965] bridge0: port 1(bridge_slave_0) entered blocking state
[  764.044322] bridge0: port 1(bridge_slave_0) entered forwarding state
[  764.052244] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  765.007792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  765.029236] 8021q: adding VLAN 0 to HW filter on device bond0
[  765.123130] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  765.215722] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  765.222312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  765.229988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  765.321422] 8021q: adding VLAN 0 to HW filter on device team0
13:33:35 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:35 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2000000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:35 executing program 0:
socketpair(0x2000800000001, 0x40000000000001, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x5452, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$cgroup_int(r1, &(0x7f00000000c0), 0xffffff19)
write$cgroup_int(r1, &(0x7f0000001800), 0x12)
close(r0)

13:33:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x1000000)

13:33:35 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x800000000000005)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1000000009, 0x1b, 0x249e24, 0x8000000001, 0x2}, 0x27)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000100)="a529c6a1620ec22e3305cc5a7fea60af06f939e25cc93421aa8f89854a94c4d22c971e175436bc484edeeb61b6d71988028f6d9f0ef23875d99ce56860e72bf7f0042ccba48fec75d3fbee87a066a785ec8b3446ea81d35228b11e88a3880613a5691cd0ba53df952e8c68f27c9ced304516feb439f3affe783567e253f36f92605dda89a0a13a6119552ba1fdd30f85ba39dff647a1d713c46e1d52ea", &(0x7f0000000000), 0x2}, 0x20)

13:33:35 executing program 3:
open$dir(&(0x7f0000000000)='./file0\x00', 0x404040, 0x20)
r0 = socket$inet6(0x10, 0xfffffffffffffff, 0x0)
sendmsg(r0, &(0x7f0000000180)={&(0x7f0000000240)=@nl, 0x80, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000019007f5300fe01b2a4a280930a06000000a84308910000003900090008000c00060000001900150004000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0)

[  765.879544] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0)
write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
userfaultfd(0x0)
prctl$intptr(0x29, 0x2)
clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x10000, 0x0)
fremovexattr(r1, &(0x7f0000000240)=@known='system.sockprotoname\x00')
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f00000000c0), 0x1, 0x2000000000002)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff)
mount(&(0x7f0000000340)=ANY=[@ANYBLOB="e6e1708cf1cd19ec2d5df3bf2f646576309a54416d604246199618a79462178b311e3e4a42a673c8f76a8ecf7e728aadf5553a7dbce072580477d97ae1bf587163cd4c8b2d0d028dd2fbfa7d2afb"], &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='ext2\x00', 0x0, &(0x7f0000000300)='\x00')
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_tables_names\x00')
perf_event_open(&(0x7f0000000040)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$nfc_llcp(r2, 0x118, 0x2, &(0x7f0000000180)=""/41, 0x29)
r3 = socket(0x40000000015, 0x805, 0x0)
fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x3)
getsockopt(r3, 0x114, 0x2711, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0xd)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0x80000000}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r4, 0x0, 0x10}, 0xc)
ioctl$TIOCCONS(r0, 0x541d)

13:33:36 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  765.960358] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  765.978338] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  765.981972] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f00000000c0)={'bond_slave_1\x00', {0x2, 0x0, @local}})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
prctl$setptracer(0x59616d61, r1)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@empty, 0xffff, 0x0, 0x0, 0x0, 0x7, 0x8}, &(0x7f0000000080)=0x20)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
r2 = socket$l2tp(0x18, 0x1, 0x1)
clock_settime(0x7, &(0x7f00000001c0)={0x0, 0x989680})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200))
dup3(r0, r2, 0x80000)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x4, @empty, 0x3}, 0x1c)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0)
dup(0xffffffffffffffff)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x0, "5804f6c19a317413e31f0613"}, 0x1)

13:33:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0xffffffffa0020000)

13:33:36 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfe80000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:36 executing program 0:
syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x0)
syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

13:33:36 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  766.134774] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  766.159719] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f00000000c0)={'bond_slave_1\x00', {0x2, 0x0, @local}})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
prctl$setptracer(0x59616d61, r1)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@empty, 0xffff, 0x0, 0x0, 0x0, 0x7, 0x8}, &(0x7f0000000080)=0x20)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
r2 = socket$l2tp(0x18, 0x1, 0x1)
clock_settime(0x7, &(0x7f00000001c0)={0x0, 0x989680})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200))
dup3(r0, r2, 0x80000)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x4, @empty, 0x3}, 0x1c)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0)
dup(0xffffffffffffffff)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x0, "5804f6c19a317413e31f0613"}, 0x1)

[  766.288801] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:36 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x9, 0x20000)
getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000100)=0x81e, &(0x7f0000000180)=0x2)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f00000001c0)=@hopopts={0x5f, 0x10, [], [@generic={0xdc, 0x70, "ce4cfaae0e61fdd4659ed883dad20a55249b97a3cef2dc403122b2800ed1a5b7050f64e8495680e621d6646b64bb0edd4c6041c4a91d3ad1d66048d32dcd8e150078d768599174d65e8a8eeab4069c6b316e33039726cee4bb7792afd32fe643af1e904ecb13dff6d7d3684a8f768ca8"}, @hao={0xc9, 0x10, @loopback}]}, 0x90)
ioctl(r2, 0x8000, &(0x7f0000000140)="025cc80700145f8f764070")
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0xe4ffffff00000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000220001000000000008000c00dc140de396ec25888e5e72982474bfb58c7a98323dd225d6cb4ded0ad0f2e79459ca93ca56cde04f5829acc3b4b3197bfa1d08978f593c0820ba07b31327942518baf0930bd4d30005000000000000003ada427afdd4", @ANYRES32=0x0], 0x1c}}, 0x0)

[  766.337940] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x0, 0xaaaae28, &(0x7f0000000000))

13:33:36 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:36 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x7000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  766.390724] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 5:
r0 = shmget$private(0x0, 0x3000, 0xdab37b0dd33ee6ba, &(0x7f0000ffb000/0x3000)=nil)
shmctl$IPC_STAT(r0, 0x2, &(0x7f0000000200)=""/41)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)={{{@in6, @in=@rand_addr}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8)
fstat(0xffffffffffffff9c, &(0x7f0000000300))
mount$9p_unix(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x0, &(0x7f0000000380)={'trans=unix,', {[{@cache_mmap='cache=mmap'}, {@access_any='access=any'}, {@cache_none='cache=none'}, {@version_L='version=9p2000.L'}, {@cache_none='cache=none'}, {@version_u='version=9p2000.u'}]}})

[  766.477944] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x7f9b60f23700)

[  766.580658] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:36 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  766.634347] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  766.643143] 9pnet: p9_fd_create_unix (8018): problem connecting socket: ./file0: -111
13:33:36 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000300), 0x4)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
r3 = dup2(r2, r0)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000100)={0x20, 0x1, 0x9, 0x40, 0x2, 0x80c9})
ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000200))
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="649c47ad46390dc86dae79fa409d4d54", 0x10)
r4 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000001380)="82161580982ad16959fcaf8acaeb189d", 0x10}], 0x1, &(0x7f0000000180)}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0x3, @ipv4={[], [], @local}, 0x1f}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e24, 0x80000001, @ipv4={[], [], @broadcast}, 0x6}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1a}}, @in6={0xa, 0x4e21, 0x10000, @mcast2, 0x1}], 0x74)
ioperm(0xc1aa, 0x3, 0xfffffffffffffff7)
io_setup(0x78, &(0x7f00000002c0)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000bd9fe0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f00000001c0)="bb", 0x1}])

[  766.768695] 9pnet: p9_fd_create_unix (8028): problem connecting socket: ./file0: -111
[  766.843384] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  766.878120] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:36 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:36 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
r2 = dup2(r1, r1)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="a1cda4c0cf771939351542a339673f4c3f56e5c40faaa700051910f90b0c2cf648f6938ac88c0c1ae09c02167bc1d6852c7fa81fabe4860d4ce87b0ee059b1026bd77759ac5f511615ae50593df21c878633fb89801155cf551c2f866755378fa9bcb81faafa843f6e9c42426a632c83f2907543c5aa3f8cc62ad08698fc115eb840882199c813"], 0x1}}, 0x44801)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[@ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="a693f9714864fc33948eba9a50340442897ec1c9a73466b49b708d27f8a986ad5970cc06408fa7452be3905c9800770f93640cf50d49e95b97f95618d583b222e5cc65fa9c2fbbfa57da921cfea5df4967492719f9124c8ffc19c08e14cb90c495ca82a74b371afdf79f360b5c11ea3a0a6ec553f2302586df394da63601cf39902b488df8e13c1365532d9bc1c06429669c3e4a1c9747916b57c09c38b6308d7d6de83be847e95f6dc2f4a28331202ca62b5e8945e488e92c445fbe88d9b84c4982b93de8e0f1ecb30a5a489a112a6aba9851b0cc616eba6ae03202950187f4f3d63961784938317877fa20fc6141cf58eff6a398f41fba"]]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x1)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000380), 0xfdf5)
sendto$inet(r1, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000000000, @empty, [0x0, 0x3e8]}, 0x0)
sendfile(r0, r2, &(0x7f0000000280)=0x4505, 0x5)
ustat(0x80000000, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27)
socket$inet(0x2, 0x7, 0x85)
clock_gettime(0x0, &(0x7f0000000240))
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f00000002c0)=0x8, 0x4)
setsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000300), 0x8)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f00000005c0)={0x51c, 0x8}, 0xc)
ioctl$EVIOCGBITKEY(r2, 0x80404521, &(0x7f00000004c0)=""/136)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000440)=0x7, 0x4)
ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000200))
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000580))

13:33:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x1a0)

13:33:37 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe3b00000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:37 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xb, 0x0)
read(r2, &(0x7f0000000100)=""/158, 0x9e)
ioctl$int_in(r2, 0x800000c0045009, &(0x7f00000000c0))
close(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1000000000001ed)

13:33:37 executing program 0:
syz_mount_image$gfs2(&(0x7f00000003c0)='gfs2\x00', &(0x7f0000000400)='./file1\x00', 0x0, 0x1, &(0x7f0000001840)=[{&(0x7f0000000000)="982b7add40077a0289125f5cad5629c2624c869fa6cb86751e8b51ad799ac4dd3e34fabfd3c57d026388bcf4319ba81f45f71f77a8ea22c617722a4bc196a3640799b3b92d3dea4b4e3e409e86c9df4e93b7499c6c776be9d83b015c09456def5bad8541557d0472a9aef368108aac13dabfa086d097edd4d940bb162034e27c53627bd5b589fd79e3ef8e60cb3e93e1ef5f7a6e9bd59794947ad074ff20bbcd8e2ac881c4cee336065097f90d280f3d28b5baf969e1eae8c51bc558ca8d2c4a40f3f09eb31608213e5e27c533494d22c8bccb287dc4ff32505235f9e7823d833231b57024ea704d96181b46a826f594921f555b4a9ae1945a63b7955405a0cc8555ee09cd46bfb878d56abb477af394f975390f837ceba16f80f4c45b2894e3e55179ba123899a285beb007207cd7cb041f5ceba1ab8fc8804b4e7a4362049b7a4a8d51917b35b99323d9e125e2143caa2893cb355ffc53a839732b11eb5aee05e369efa24dda49c6327ecea5df70dd40d291341407b0fd1a64c943a9da90c118549725dd08f5345ebbc6841cbb42aa320d7d709158057f640e367bdc42c73c64b2809d528f07a30e1d03fa589aaf9841bba8501907a2aed85c0ab4b3407ca632af98ea17e7bdece7f7f312912bbe282fbf1276cfd97546c522a749565996e6aeb50cf73b9e4e5b9991989e0613105fdaa9363d9896a71d4c4f05ae", 0x1fc, 0x5}], 0x0, &(0x7f00000018c0))

[  767.154444] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  767.185182] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:37 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  767.210191] attempt to access beyond end of device
[  767.225287] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  767.266050] loop0: rw=4096, want=136, limit=1
[  767.299360] gfs2: error 10 reading superblock
[  767.326085] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
13:33:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x600)

[  767.368081] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  767.377564] attempt to access beyond end of device
[  767.382534] loop0: rw=4096, want=136, limit=1
13:33:37 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x700000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:37 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  767.412260] gfs2: error 10 reading superblock
13:33:37 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
r2 = dup2(r1, r1)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="a1cda4c0cf771939351542a339673f4c3f56e5c40faaa700051910f90b0c2cf648f6938ac88c0c1ae09c02167bc1d6852c7fa81fabe4860d4ce87b0ee059b1026bd77759ac5f511615ae50593df21c878633fb89801155cf551c2f866755378fa9bcb81faafa843f6e9c42426a632c83f2907543c5aa3f8cc62ad08698fc115eb840882199c813"], 0x1}}, 0x44801)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[@ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="a693f9714864fc33948eba9a50340442897ec1c9a73466b49b708d27f8a986ad5970cc06408fa7452be3905c9800770f93640cf50d49e95b97f95618d583b222e5cc65fa9c2fbbfa57da921cfea5df4967492719f9124c8ffc19c08e14cb90c495ca82a74b371afdf79f360b5c11ea3a0a6ec553f2302586df394da63601cf39902b488df8e13c1365532d9bc1c06429669c3e4a1c9747916b57c09c38b6308d7d6de83be847e95f6dc2f4a28331202ca62b5e8945e488e92c445fbe88d9b84c4982b93de8e0f1ecb30a5a489a112a6aba9851b0cc616eba6ae03202950187f4f3d63961784938317877fa20fc6141cf58eff6a398f41fba"]]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x1)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000380), 0xfdf5)
sendto$inet(r1, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000000000, @empty, [0x0, 0x3e8]}, 0x0)
sendfile(r0, r2, &(0x7f0000000280)=0x4505, 0x5)
ustat(0x80000000, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27)
socket$inet(0x2, 0x7, 0x85)
clock_gettime(0x0, &(0x7f0000000240))
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f00000002c0)=0x8, 0x4)
setsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000300), 0x8)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f00000005c0)={0x51c, 0x8}, 0xc)
ioctl$EVIOCGBITKEY(r2, 0x80404521, &(0x7f00000004c0)=""/136)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000440)=0x7, 0x4)
ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000200))
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000580))

13:33:37 executing program 0:
mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4)
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x53, &(0x7f0000000000), &(0x7f0000000040)=0x7)
close(r1)
close(r2)
close(r0)

13:33:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x202, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x100, 0x4, 0x100000001, 0x401, 0x9, 0xfffffffffffffff7, 0x8, <r4=>0x0}, &(0x7f0000000180)=0x20)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f00000001c0)={r4, 0x80000000, 0x6c, "88546bf25c950a0f7621ec97f916144c43722890622548c7168390f506d08f36d6394fa549aa479a6c52d12238fdfbd71df25c570d79f10a8b4fb0b66daa031ac5a4ea12ded86eea3bb6772741f30a2b573ec0ed65d7dd2393e36fbf5b115037fd898fae542301d09a1f979f"}, 0x74)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  767.549856] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  767.578693] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:37 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  767.651089] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  767.804217] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  767.807034] *** Guest State ***
[  767.826509] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  767.840423] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:37 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x10000, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
recvmsg(r0, &(0x7f00000013c0)={&(0x7f00000001c0)=@can, 0x80, &(0x7f0000001380)=[{&(0x7f0000000240)=""/41, 0x29}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/52, 0x34}, {&(0x7f00000012c0)=""/179, 0xb3}], 0x4, 0x0, 0x0, 0x40}, 0x40000123)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt(r1, 0x10e, 0xb, &(0x7f0000000100)="aa543eef", 0x4)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000040)=0x7, 0x4)
sendmsg$nl_route(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000180)=@ipv4_delroute={0x1c, 0x19, 0xe21}, 0x1c}}, 0x0)
r2 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x80010, r0, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000001500))
lstat(&(0x7f0000001440)='./file0\x00', &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getegid()
fchown(r0, r3, r4)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000001400)={r2})

13:33:37 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  767.852922] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  767.874175] CR3 = 0x0000000000000000
[  767.881480] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  767.888052] RFLAGS=0x00000002         DR7 = 0x0000000000000400
13:33:37 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x10)
set_mempolicy(0x4000, &(0x7f0000000080)=0x8, 0x7)
sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x14, 0x28, 0xaff, 0x0, 0x0, {0x11}}, 0x14}}, 0x0)

[  767.901711] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  767.915665] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  767.924649] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  767.933238] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  767.943623] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  767.945565] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  767.952341] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  767.968515] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  767.987799] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:33:38 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  768.000875] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  768.009418] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  768.017984] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  768.035667] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  768.044394] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:33:38 executing program 5:
socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000240)=ANY=[])
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat(r1, &(0x7f0000000180)="2e2f66692e65318c", 0x0, 0x0)
r2 = fanotify_init(0x7, 0x49001)
fanotify_mark(r2, 0x11, 0x2, r1, &(0x7f0000000380)="2e2f66692e65318c00")
r3 = creat(&(0x7f0000000100)='./file1\x00', 0x0)
read(r2, &(0x7f0000000280)=""/194, 0xc2)
close(r2)
write$FUSE_INTERRUPT(r3, &(0x7f0000000500)={0x1af}, 0x10)
ioctl$KDENABIO(r3, 0x4b36)

13:33:38 executing program 3:
r0 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x2, 0xf09af22884f14b0a)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f00000001c0)={'icmp6\x00'}, &(0x7f0000000200)=0x1e)
mkdir(&(0x7f0000000280)='./file0\x00', 0x100)
setxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f0000000180)=@sha1={0x1, "dbd8ecbdf72397fa6f63553e294ca093465ae676"}, 0x15, 0x2)
mount(&(0x7f0000000000)=ANY=[@ANYBLOB="f260afee604c8ad1d7d03d9c756269325f"], &(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0)='ubifs\x00', 0x0, &(0x7f0000000140)='adfs\x00')

[  768.054116] Interruptibility = 00000001  ActivityState = 00000000
[  768.068775] *** Host State ***
[  768.077035] RIP = 0xffffffff8120269c  RSP = 0xffff88018230f390
[  768.088875] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  768.101224] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  768.114511] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  768.127164] FAT-fs (loop5): bogus number of reserved sectors
[  768.137115] CR0=0000000080050033 CR3=00000001894cc000 CR4=00000000001426e0
[  768.148783] FAT-fs (loop5): Can't find a valid FAT filesystem
[  768.149047] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  768.154835] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  768.187692] UBIFS error (pid: 8140): cannot open "ò`¯î`LŠÑ×Ð=œubi2_", error -22
[  768.191320] UBIFS error (pid: 8143): cannot open "ò`¯î`LŠÑ×Ð=œubi2_", error -22
[  768.192695] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  768.218959] *** Control State ***
[  768.222610] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  768.229841] EntryControls=0000d1ff ExitControls=002fefff
[  768.235504] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  768.243530] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  768.251656] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  768.259049]         reason=80000021 qualification=0000000000000000
[  768.266276] IDTVectoring: info=00000000 errcode=00000000
[  768.271940] TSC Offset = 0xfffffe6272516fdf
[  768.276856] EPT pointer = 0x000000017ee6c01e
[  768.284205] FAT-fs (loop5): bogus number of reserved sectors
[  768.294043] FAT-fs (loop5): Can't find a valid FAT filesystem
[  768.300725] *** Guest State ***
[  768.304180] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  768.314118] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  768.324620] CR3 = 0x0000000000000000
[  768.328741] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  768.335610] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  768.341939] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  768.349162] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  768.357716] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.366045] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:38 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x40020000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:38 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234488dd25d766070a0f6c9e2eba2910e3b0f0e2b328ca9f1dfdf4ad957ae30f4e69bb9822d6121ffb09ccc2e93853a43ecf9c42d4bc5462017c539")
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r1, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RWALK(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="cc"], 0x1)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0)

13:33:38 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:38 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
r1 = accept(r0, &(0x7f0000000380)=@ax25, &(0x7f0000000040)=0xfed2)
socketpair(0x11, 0xe, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000280)={r0, r2})
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYPTR64], 0xfffffd2a}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0x4, 0x800, 0x3, 0x7, 0x4, r0, 0x1000}, 0x2c)

[  768.401894] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.416674] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.430604] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  768.459457] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  768.480049] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  768.483724] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  768.501083] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  768.501629] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  768.537011] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  768.545553] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  768.554138] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  768.561467] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  768.569351] Interruptibility = 00000001  ActivityState = 00000000
[  768.575624] *** Host State ***
[  768.578950] RIP = 0xffffffff8120269c  RSP = 0xffff8801d4a87390
[  768.586242] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  768.592875] FSBase=00007f9b60ec0700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  768.604811] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  768.611440] CR0=0000000080050033 CR3=00000001894cc000 CR4=00000000001426f0
[  768.619075] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  768.626222] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  768.639232] *** Control State ***
[  768.642721] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  768.650753] EntryControls=0000d1ff ExitControls=002fefff
13:33:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x7)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140))
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000bfcffc), &(0x7f00000000c0)=0x4)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000440)="26f3af316000660f3a212800c2be390fa22e0fa30966663ef08157cb4ec500000f237866b89261ab540f23d00f21f86635300000050f23f80f287a0f", 0x3c}], 0x1, 0x0, &(0x7f00000001c0)=[@vmwrite={0x8, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0xffffffffffff248d}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb010018000000000000004800000060000000000000009d5bfb2db3244db501472e8e4d8d50a12b7a2cd60706ec760821eaf06050e10ca93f8a461170ad1afe91033efe150f2860d6d58c710589c362c387351037669a438930651300000000c08d8e1c55ee72d7e04ddd834264f60f51b036bd55342678c4a9996cf815714d11be4b73d133332336c747c4bc21041f2c77275cbfaa2869916fe5bfef4100da5bff86f6a979fb4d66b0f66b217d48b9291e12e1a70b2f337270994754839dca0a03fcc197f57bc8892e8dda3b3bb5d8eeb37d70389a9a5da2125bbd13f43ffd5dd41d2caa461110e845c48acce12f68b75c8da105c976d9334bc0946ed4556767d53f4303274f1f0f0c82dd540d2bb28c006ea13557b63f9cc45405328026155d3b48df0971000c8f9e8a20d69d510045daa162f6240529f226f1f66bd22e004b01791442e18ea662d751798bea2aa1b96b42dd384e9fd7434a88ed0537b285507b4de979e4e3306cd9489ba3250f859ff32c20c331b1bf941fb1eae79be8e741288890bf7a435a559a3c2b428162"], &(0x7f00000005c0)=""/134, 0x121, 0x86}, 0x20)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000100)=[{0x3, 0xc91}], 0x1)
socket$netlink(0x10, 0x3, 0x16)
membarrier(0x20, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:38 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:38 executing program 3:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snapshot\x00', 0x40000, 0x0)
ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f0000000640)={0x0, 0x6, 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500)='/dev/net/tun\x00', 0x3, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={"0000000000000000000000000200"})
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000300)={<r3=>0x0, 0x23, "0571f7ff4ec2284683886f711b9798a37982636a15efc6ac289012bf032db881288016"}, &(0x7f0000000540)=0x2b)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000580)={r3, 0xf74}, 0x8)
r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r4)
io_setup(0x6, &(0x7f0000000340))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f00000005c0)={0x2, 0x4e20, @rand_addr}, 0xfe34)
setsockopt$inet_tcp_int(r5, 0x6, 0x2, &(0x7f00000000c0)=0x3, 0x4)
lookup_dcookie(0x8000, &(0x7f0000000480)=""/72, 0x48)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x4e20}, 0x10)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000240)={0x0, 0x4}, 0x8)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000001c0)=0x1, 0x4)
getsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000100), &(0x7f0000000140)=0xfe45)
sendmsg$alg(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000006c0)="a08e7a60014506868498fb858a9fa0a79529e02f5065eeb5c8f56693dbbec5051e025dc2c46af5bf0847a220e53939fe16424973387859c3bcc506310c6cdf09f53321366cd4de10676bf7c42301f5158d5ff62a787fa00ba9e3d36eb6579d220b1d739721173e8ca3fd70db75ae368779cb3798280b3321e2291c23e3c079fd529565ec3d4b76b02b4a42268172ca10b76cfb573b277083de6c90c0ba4db8855fbc54c55eb3f8d5c23ccb6e1a44e7f4cc9d9e004d2984c04ba50e95ab4987bd03989c6a70b459918a12934fca6d3d6ccfdcd91577ba03ee7910aae4cec340", 0xdf}], 0x1, &(0x7f0000000800), 0x0, 0x80}, 0x40000)
mq_getsetattr(r5, &(0x7f0000000040)={0x6, 0xf82, 0x0, 0x2, 0x1, 0x9ed, 0x5, 0x80}, &(0x7f0000000180))
ioctl$TUNSETLINK(r1, 0x400454cd, 0xffff)
shutdown(r5, 0x1)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000002c0)={<r6=>0x0, 0xa61, 0x6, [0x5, 0x7ff, 0xfff, 0x2, 0x5, 0x1]}, &(0x7f0000000380)=0x14)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f00000003c0)={r6, @in={{0x2, 0x4e20}}}, 0x84)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r5, &(0x7f000099bf26), 0x143, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)

13:33:38 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x6)

13:33:38 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xb8ff]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  768.659566] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  768.666832] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  768.673535] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  768.680614]         reason=80000021 qualification=0000000000000000
[  768.687432] IDTVectoring: info=00000000 errcode=00000000
[  768.692888] TSC Offset = 0xfffffe6272516fdf
[  768.697398] EPT pointer = 0x000000017ee6c01e
[  768.790730] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  768.815761] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
13:33:38 executing program 0:
r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0xffffffffffffff2d, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8090, 0xf, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r4, 0x6)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffffffff7fff}, 0x8)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x8000000000004e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
r6 = accept(r4, 0x0, &(0x7f0000000080))
sendmmsg(r5, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pppoe={0x18, 0x0, {0x0, @remote, 'ip6gre0\x00'}}, 0x326, &(0x7f0000003b80), 0x0, &(0x7f0000003bc0)}}], 0x22b, 0x0)
close(r6)
close(r5)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r7, 0x0)
sendto$inet6(r2, &(0x7f0000f6f000), 0x5b37ca81a71c1086, 0x20000003, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)

[  768.838489] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:38 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:38 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfe80]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:39 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  768.947658] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

13:33:39 executing program 3:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x405c5503)

[  769.023830] dccp_flush_write_queue: CCID did not manage to send all packets
13:33:39 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  769.068897] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  769.202204] *** Guest State ***
[  769.217674] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  769.286461] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  769.330319] CR3 = 0x0000000000000000
[  769.334062] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  769.368705] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  769.374831] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  769.402374] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  769.420613] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.435998] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.443998] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.486304] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.494299] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  769.534866] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.561514] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  769.575988] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  769.587822] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  769.616314] EFER =     0x0000000000000000  PAT = 0x0007040600070406
13:33:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x4002, 0x0)
read(r0, &(0x7f00003fefff)=""/1, 0x1fc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000140)=0xe8)
getgroups(0x8, &(0x7f0000000180)=[0xffffffffffffffff, 0x0, 0xee00, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0x0, 0xee01, 0xffffffffffffffff])
fchown(r0, r1, r2)
r3 = syz_open_dev$dmmidi(&(0x7f0000000240)='/dev/dmmidi#\x00', 0xd0b4, 0x40000)
ioctl$EVIOCGABS2F(r3, 0x8018456f, &(0x7f0000000280)=""/227)
fcntl$setstatus(r0, 0x4, 0x40800)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=<r4=>0x0)
mq_notify(r0, &(0x7f0000000200)={0x0, 0x35, 0x1, @tid=r4})
readv(r0, &(0x7f0000dcdff0)=[{&(0x7f0000cd8000)=""/1, 0x1}], 0x1)

13:33:39 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/tcp6\x00')
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0xfffffffffffffffd, 0x401, 0xc145, 0x8, 0x6, 0x0, 0x7, 0x9, 0x300000000, 0x11b})
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f0000000000)={'bpq0\x00', {0x2, 0x0, @multicast2}})
bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r2, 0x4)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
socket$inet6(0xa, 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r4, 0x0)
write$tun(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="286db4276c7501ab5fbcff"], 0x1)
r5 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mlockall(0x3)
close(r5)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000200)=0xc)
sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x0)
setgid(r6)
r7 = accept4(r2, 0x0, &(0x7f0000000040), 0x0)
inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0x10000000)
syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x7fff, 0x200000)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000240))
r8 = dup3(r0, r7, 0x80000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000280)={<r9=>0x0, 0x80000000}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000400)={r9, 0x0, 0x8001, 0x80000000}, &(0x7f0000000440)=0x14)

13:33:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000000)={0xfffffffffffffc01})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f0000000000), 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:39 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x9]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  769.634793] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  769.644217] Interruptibility = 00000001  ActivityState = 00000000
[  769.652743] *** Host State ***
[  769.656518] RIP = 0xffffffff8120269c  RSP = 0xffff8801cf7e7390
[  769.666508] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  769.705636] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  769.738620] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  769.760294] CR0=0000000080050033 CR3=00000001864b8000 CR4=00000000001426f0
[  769.767647] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  769.774605] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  769.781482] *** Control State ***
[  769.785242] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  769.792540] EntryControls=0000d1ff ExitControls=002fefff
[  769.799582] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  769.806812] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  769.806823] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  769.806832]         reason=80000021 qualification=0000000000000000
[  769.806841] IDTVectoring: info=00000000 errcode=00000000
[  769.806847] TSC Offset = 0xfffffe61b1f0995c
[  769.806858] EPT pointer = 0x00000001cd5c201e
13:33:39 executing program 5:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40441, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x40040, 0x0)
linkat(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x1400)
fcntl$getflags(r0, 0x40b)
r2 = open(&(0x7f0000000100)='./file0\x00', 0x111001, 0x30)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x4400, 0x80)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x12d)
ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f00000001c0))
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, &(0x7f0000000200)=0x80000000)
r4 = shmget(0x1, 0x4000, 0x80, &(0x7f0000ffb000/0x4000)=nil)
shmctl$IPC_INFO(r4, 0x3, &(0x7f0000000240)=""/82)
setsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f00000002c0)={0x1f, 0x4, 0xffffffffffffffe0, 0x4}, 0x8)
setsockopt$inet_group_source_req(r2, 0x0, 0x2f, &(0x7f0000000300)={0x8, {{0x2, 0x4e22, @local}}, {{0x2, 0x4e20, @multicast2}}}, 0x108)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000440)=0x31, 0x4)
ioctl$int_in(r0, 0x5473, &(0x7f0000000480)=0x5)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000004c0)={<r5=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f00000005c0)={<r6=>0x0})
r7 = mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000004, 0x20010, r2, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f00000007c0)={<r8=>0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000a00)={0x12c, 0x0, &(0x7f0000000800)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x38, &(0x7f0000000500)=[@fd={0x66642a85, 0x0, r1, 0x0, 0x5c}, @flat={0x717f6784c0aa57c4, 0x100, r5}, @fda={0x66646185, 0xa, 0x3, 0x4}], &(0x7f0000000580)=[0x78, 0x30, 0x38, 0x20, 0x38, 0x38, 0x20]}}, @transaction_sg={0x40486311, {{0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x48, &(0x7f0000000600)=[@fd={0x66642a85, 0x0, r0, 0x0, 0x4}, @flat={0x73682a85, 0x1, r6, 0x2}, @fda={0x66646185, 0x6, 0x0, 0x19}], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x78, 0x28, 0x20, 0x38, 0x0, 0x38]}, 0x100}}, @dead_binder_done={0x40086310, 0x3}, @release={0x40046306, 0x3}, @reply={0x40406301, {0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000700)=[@fd={0x66642a85, 0x0, r1, 0x0, 0x2}, @fda={0x66646185, 0x2, 0x3, 0xf}, @fda={0x66646185, 0x1, 0x3, 0x2f}], &(0x7f0000000780)=[0x48, 0x38, 0x28]}}, @clear_death={0x400c630f, 0x2, 0x3}, @acquire_done={0x40106309, r7, 0x1}, @increfs_done={0x40106308, r8, 0x4}, @dead_binder_done={0x40086310, 0x2}], 0xaa, 0x0, &(0x7f0000000940)="05ad94dc903cee8462093a7e567d18ae20d30c6209e68a0b913e96ac9893776231888d03434bef30aea7819253b03a9362be3a58e2b13e52bf7804daa251325e1335412021a22687603d25ccb0379eaf7abcd803ddea5c43cfb566bc9477aca4335b0c0079eac8dce069f7afaa62dc770338c06285c75a989142c4edacf3391c5488b2ad94311c431b56a7da22ab5e80f09255f1fd7c9f35b3fb5b3d1a71917a859bc66544e310b5313c"})
r9 = request_key(&(0x7f0000000a40)='cifs.idmap\x00', &(0x7f0000000a80)={'syz', 0x0}, &(0x7f0000000ac0)='/dev/rtc0\x00', 0x0)
keyctl$clear(0x7, r9)
getsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000b00), &(0x7f0000000b40)=0xb)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
listxattr(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)=""/121, 0x79)
getresuid(&(0x7f0000000c40)=<r10=>0x0, &(0x7f0000000c80), &(0x7f0000000cc0))
getgroups(0x3, &(0x7f0000000d00)=[0xffffffffffffffff, 0xee01, <r11=>0xffffffffffffffff])
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000d40)={0xa0, 0x0, 0x7, {{0x1, 0x0, 0x4, 0x0, 0xcbd, 0x100, {0x4, 0x100, 0x7, 0x9, 0x35, 0x7, 0x330b, 0x7f, 0xb2b, 0x5, 0x5, r10, r11, 0x1a9f}}, {0x0, 0x5}}}, 0xa0)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000e00))
fsync(r1)

[  769.880574] *** Guest State ***
[  769.884666] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
13:33:40 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r0)
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
ioctl$EVIOCGID(r2, 0x80084502, &(0x7f0000000300)=""/121)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@mcast1, @in=@multicast2, 0x4e23, 0x80000000, 0x4e24, 0x9, 0xa, 0xa0, 0xa0, 0xc, 0x0, r3}, {0x7, 0x1, 0x40, 0x2, 0xfffffffffffffffe, 0x1ff, 0x2, 0x9}, {0x0, 0xc73, 0x80, 0x6}, 0x0, 0x6e6bb1, 0x0, 0x0, 0x1, 0x1}, {{@in6, 0x4d6, 0xcca085be0a8ff7fc}, 0xa, @in, 0x3505, 0x5, 0x0, 0x1f, 0x8, 0x4, 0x71}}, 0xe8)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  769.961524] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  769.991810] CR3 = 0x0000000000000000
[  770.008292] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  770.031665] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  770.055739] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
13:33:40 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  770.074782] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  770.087681] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  770.114153] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
13:33:40 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='vcan0\x00', 0x10)
sendto$inet(r1, &(0x7f0000000b40)="94", 0x1, 0x0, 0x0, 0x0)
sendto$inet(r1, &(0x7f00006d1fd4)="db", 0x1, 0x4000010, &(0x7f00004daff0)={0x2, 0x0, @loopback}, 0x10)
write(r1, &(0x7f0000000980)="1acbcb75ce3c3dc9edabb5a2e6b48b07bcbefcc1a1f84f9488393825b2026eb6fbccd36bf4d163948b6d551f19be4b8e54455dab3f89ab8b06a9c2a76fea14feb16945b43c8c69", 0x47)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f00000000c0)={'bridge_slave_1\x00', {0x2, 0x4e20}})

[  770.137522] *** Guest State ***
[  770.141133] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  770.149453] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  770.159199] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  770.183147] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  770.199299] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  770.219048] CR3 = 0x0000000000000000
[  770.229878] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
13:33:40 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xa00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  770.240853] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  770.264003] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  770.271498] GDTR:                           limit=0x00000000, base=0x0000000000000000
[  770.321779] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  770.336056] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  770.356177] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  770.397009] IDTR:                           limit=0x00000000, base=0x0000000000000000
[  770.414064] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.435261] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
13:33:40 executing program 5:
socketpair(0xfffffffffffffffc, 0x80003, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000040)="256472b0eeb708339cf725b9b2c4bc20e22389fa72246e8f9706f877ffa1c85cd913303af9eeaece2cddeee3b37f47")

[  770.457105] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.542021] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.554262] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  770.558317] IPVS: ftp: loaded support on port[0] = 21
[  770.582958] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.591590] device bridge_slave_1 left promiscuous mode
[  770.597327] bridge0: port 2(bridge_slave_1) entered disabled state
[  770.608684] device bridge_slave_0 left promiscuous mode
[  770.615761] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:33:40 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4000000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  770.644825] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.656842] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  770.696649] Interruptibility = 00000000  ActivityState = 00000000
[  770.720418] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:33:40 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8000008912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000), 0x1c)
close(r1)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in6, @in6=@remote}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000140)=0xe8)

[  770.752367] *** Host State ***
[  770.787576] RIP = 0xffffffff8120269c  RSP = 0xffff88018877f390
[  770.797104] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  770.842434] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  770.856246] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  770.864348] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  770.872556] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  770.879120] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  770.886907] FSBase=00007fa378de4700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  770.894979] Interruptibility = 00000001  ActivityState = 00000000
[  770.915942] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  770.921966] *** Host State ***
[  770.925288] CR0=0000000080050033 CR3=000000018749c000 CR4=00000000001426f0
[  770.932610] RIP = 0xffffffff8120269c  RSP = 0xffff8801be92f390
[  770.938781] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  770.947917] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  770.963802] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  770.970897] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  770.984449] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  770.990766] *** Control State ***
[  770.994461] CR0=0000000080050033 CR3=00000001c7ac1000 CR4=00000000001426e0
[  770.995392] team0 (unregistering): Port device team_slave_1 removed
[  771.002276] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca
[  771.015046] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  771.022788] EntryControls=0000d1ff ExitControls=002fefff
[  771.029017] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  771.037246] *** Control State ***
[  771.043282] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  771.052882] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  771.061774] team0 (unregistering): Port device team_slave_0 removed
[  771.068660] EntryControls=0000d1ff ExitControls=002fefff
[  771.076661] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  771.087277] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  771.096829] bond0 (unregistering): Releasing backup interface bond_slave_1
[  771.104074] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  771.111184] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  771.118579] VMExit: intr_info=80000306 errcode=00000000 ilen=00000002
[  771.133386] bond0 (unregistering): Releasing backup interface bond_slave_0
[  771.140916]         reason=80000021 qualification=0000000000000000
[  771.147713]         reason=80000021 qualification=0000000000000000
[  771.154368] IDTVectoring: info=00000000 errcode=00000000
[  771.166556] IDTVectoring: info=00000000 errcode=00000000
[  771.178092] TSC Offset = 0xfffffe6131b6e69f
[  771.184969] TSC Offset = 0xfffffe61631ec4fd
[  771.193500] EPT pointer = 0x00000001b7f2f01e
[  771.202899] EPT pointer = 0x00000001c7bdf01e
[  771.271431] bond0 (unregistering): Released all slaves
13:33:42 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e5, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r2 = memfd_create(&(0x7f0000000340)='{ppp1eth1self!user\x00', 0x3)
syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
r3 = memfd_create(&(0x7f00000010c0)="643d000000000000000000000000000000768e05f7c155ad7dc6947c573e5a69244e76382c0aa63d575ea3597f8b1728277ef76b30544d7ba92dcf978f1f81dc1b7f8f7b3451dada02ccb4f1ddcc8b5241da8945666e007300000000c64dbea37a99557bea78bcd1b1c6d32e836a25b2be553cd0a864c75c06000000794261", 0x0)
r4 = socket$inet6(0xa, 0x4000007fffd, 0x1f9)
ioctl(r4, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000000)=<r5=>0x0)
perf_event_open(&(0x7f0000001040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
prctl$getreaper(0x1b, &(0x7f0000000080))
ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000300))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000380)={{{@in=@multicast2, @in6}}, {{@in6=@ipv4={[], [], @rand_addr}}}}, &(0x7f0000000480)=0xe8)
iopl(0xcf)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f0000000680)={<r7=>0x0, 0x3}, &(0x7f0000000d40)=0x8)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000004c0)=0x7)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f00000005c0)={r7, 0x5, 0x1}, &(0x7f0000000600)=0x8)
keyctl$session_to_parent(0x12)
ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000f80)=""/176)
unshare(0x2000400)
r8 = syz_init_net_socket$llc(0x1a, 0x3, 0x0)
sendto$llc(r8, &(0x7f0000001240), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x10)
recvmmsg(r8, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000003300)=""/4096, 0x1000}, {&(0x7f0000000180)=""/89, 0x59}], 0x2, 0x0, 0x0, 0xff}, 0x4}, {{&(0x7f0000000240)=@llc, 0x80, &(0x7f0000000b00)=[{&(0x7f00000002c0)=""/39, 0x27}, {&(0x7f0000004300)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/147, 0x93}, {&(0x7f0000000780)=""/125, 0x7d}, {&(0x7f0000000800)=""/200, 0xc8}, {&(0x7f0000000900)=""/117, 0x75}, {&(0x7f0000000640)=""/30, 0x1e}, {&(0x7f0000000980)=""/138, 0x8a}, {&(0x7f0000000a40)=""/89, 0x59}, {&(0x7f0000000ac0)=""/14, 0xe}], 0xa, &(0x7f0000000bc0)=""/252, 0xfc, 0x6}}], 0x2, 0x10040, &(0x7f0000000dc0))
connect$llc(r1, &(0x7f0000000000)={0x1a, 0x300, 0x0, 0xffff, 0x2, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
r9 = socket$kcm(0x29, 0x100000000000002, 0x0)
ioctl(r9, 0x8912, &(0x7f0000000000)="0047fc2f07d82c99240970")
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
io_setup(0xb, &(0x7f0000000d80)=<r11=>0x0)
io_pgetevents(r11, 0xffffffffffff6346, 0x8, &(0x7f0000000e00)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000f40)={0x0, 0x989680}, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r10, 0x29, 0x31, &(0x7f0000000180)={'IDLETIMER\x00'}, &(0x7f00000001c0)=0x1e)

13:33:42 executing program 0:
sched_setaffinity(0x0, 0xffffffffffffff1c, &(0x7f0000000380)=0x40000000000009)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000280)={0x1, &(0x7f00000001c0)=[{}]})
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000200)=r3)
ftruncate(r3, 0x2007fff)
write$P9_RSETATTR(r3, &(0x7f0000000040)={0x7}, 0x7)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000000c0)={<r4=>0x0, 0x80000, r3})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000140)={r4, 0x80000, r3})
sendfile(r0, r3, &(0x7f0000d83ff8)=0x75a, 0x800000000024)
creat(&(0x7f0000000340)='./bus\x00', 0x80)

13:33:42 executing program 5:
r0 = perf_event_open$cgroup(&(0x7f0000007780)={0x0, 0x70, 0x0, 0x100000000009, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext}, 0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000004900)={&(0x7f00000048c0)='./file0\x00'}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140))
r2 = syz_open_dev$midi(&(0x7f0000001340)='/dev/midi#\x00', 0x0, 0x0)
finit_module(r0, &(0x7f0000000080)='vmnet1\'[:#\x00', 0x3)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000012c0))
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)="2f67726f75702e7374619fd474002b044a7b09ab0b0274e10985a6fa15b35ba69421f204dec5668a06000000b90ff860e01f262bafac750a6d5ce259cb61ea0cd94458583eef2fc597ea93a7dec9b4168e468be0576d1d0ebf8bc4478f8ed85b547c6924880400000000000000901e428b98add1375f51e135848fea98c6e3574511e0c61ff22ff61f", 0x2761, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000024c0)=[{&(0x7f00000023c0)="6a239cd2987e57510e0bc147871e861c20b2c127aad8925f309ca864a2f2bb99b6b817e645364a5896dff32ab99daa1dbcd04415d5914c99a6c886de97df7c2e63193647bad11cb75740721ac87725cd60edbdeeaea6471d400b2dd55d628b31c3180f877b758bc9e9b4345c19ad8ecb6c5f2a987d900063a45c57135032b705443ed1a47ebed57d3abca60e6882cebd09d7d83dc25e688923d19b482df096f4bcee85f6a0f548c5fee01dda33484ea6dc33ac349e1537aeffd26be8a7d0a426d58e4aba71c0edb53eb5b5cc639b5c5542dcc0111fd2e7cbf8b40bd9c944e487d30aab194b40e100728cc0914857b1286e98", 0xf2}], 0x1, &(0x7f0000001580)}, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000))
setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000001380)=0x9, 0x2)

13:33:42 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:42 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x67293900]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  772.164847] net_ratelimit: 2 callbacks suppressed
[  772.164859] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  772.287511] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  772.340386] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  772.351709] llc_conn_state_process: llc_conn_service failed
[  772.428688] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  772.466469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
13:33:42 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xb0e3]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  772.475711] bridge0: port 2(bridge_slave_1) entered blocking state
[  772.482502] bridge0: port 2(bridge_slave_1) entered forwarding state
[  772.515975] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  772.521315] llc_conn_state_process: llc_conn_service failed
[  772.972121] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  773.005960] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  773.515240] bridge0: port 1(bridge_slave_0) entered blocking state
[  773.521871] bridge0: port 1(bridge_slave_0) entered disabled state
[  773.529210] device bridge_slave_0 entered promiscuous mode
[  773.557939] bridge0: port 2(bridge_slave_1) entered blocking state
[  773.564356] bridge0: port 2(bridge_slave_1) entered disabled state
[  773.571656] device bridge_slave_1 entered promiscuous mode
[  773.599799] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  773.627763] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  773.636046] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  773.713138] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  773.745910] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  773.878965] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  773.886905] team0: Port device team_slave_0 added
[  773.915637] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  773.923069] team0: Port device team_slave_1 added
[  773.952883] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  773.987138] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  774.019476] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  774.027080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  774.035030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  774.066642] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  774.073697] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  774.082922] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  774.350934] bridge0: port 2(bridge_slave_1) entered blocking state
[  774.357324] bridge0: port 2(bridge_slave_1) entered forwarding state
[  774.363902] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.370318] bridge0: port 1(bridge_slave_0) entered forwarding state
[  775.355900] 8021q: adding VLAN 0 to HW filter on device bond0
[  775.450731] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  775.546599] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  775.552727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  775.560716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  775.655512] 8021q: adding VLAN 0 to HW filter on device team0
13:33:46 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000600)='/dev/rtc0\x00', 0x305200, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000140)=0x8000000)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000440))
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='trusted.overlay.opaque\x00', &(0x7f0000000200)='y\x00', 0x2, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
timer_create(0x9, &(0x7f0000000380)={0x0, 0x41, 0x0, @thr={&(0x7f0000000240)="da792a0dbfde1e26ebfdf182dfbfc7cf0e8b749d3bf35707418de0ca770625d9e04eaaf1037724c968b0ea4e5e11029f229908e01782", &(0x7f0000000280)="08a55d86fd38191445c605c12e4a62d4ab"}}, &(0x7f0000000300)=<r5=>0x0)
timer_gettime(r5, &(0x7f0000000340))
ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040))
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f00000002c0)={'vcan0\x00'})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:33:46 executing program 5:
r0 = socket$inet6(0xa, 0x800000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x4000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$RTC_PIE_OFF(r2, 0x7006)
sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[], 0xfe7c)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[@ANYPTR64, @ANYRES32=0x0, @ANYRES64=0x0, @ANYRES32=r0], 0x114)
r3 = accept4(r0, 0x0, &(0x7f0000000040), 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4)
getpeername$netlink(r3, &(0x7f0000000000), &(0x7f0000000080)=0xc)
shutdown(r3, 0x1)

13:33:46 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
fcntl$getflags(r0, 0x40a)
r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
lseek(r1, 0xfffffffffffffffd, 0x1)

13:33:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:46 executing program 0:
socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000040))
syz_mount_image$reiserfs(&(0x7f00000005c0)='reiserfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000001440), 0x0, &(0x7f0000000100)={[{@grpjquota='grpjquota', 0x3d}], [{@fowner_lt={'fowner<'}}]})

[  776.207284] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:46 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000008000a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  776.300625] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  776.304628] REISERFS warning (device loop0): super-6502 reiserfs_getopt: unknown mount option ""
[  776.336172] *** Guest State ***
13:33:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffffff8d]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:46 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$inet(0x2, 0x0, 0x400, &(0x7f0000002b80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setresuid(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='attr/exec\x00')
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
clock_adjtime(0x0, &(0x7f0000000440)={0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x101, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x1})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x10001}, 0x8)
keyctl$session_to_parent(0x12)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x0, 0xfffffffffffffffb, 0x9a, 0x4, @buffer={0x0, 0x65, &(0x7f0000000200)=""/101}, &(0x7f0000000280)="66fe0a9deee2a7f7b797abc0c83e803b3430af796c95236c69f44770a5a583ff3b711a424fbf02c06489c64173ce87d515f58ca1b54dbfce60154b61cb288db9ad714f9afe8ed036eff7d62a1adec46bab4396622a994d61df8a87e30a80741ecf7cd85ac5cec93aff4ad14b88b839c282fb406789444719dad3aeaa9397e223b0031796f35f232b34b46b4995c36db16fe9eb44fe0e2b82b8a9", &(0x7f0000000340)=""/10, 0x0, 0x20, 0x0, &(0x7f0000000380)})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x1, 0x3ff, 0xff, 0x0, 0x0, <r3=>0x0}, &(0x7f0000000100)=0x20)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x1}, 0x8)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
listen(r0, 0x1000)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

[  776.346215] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  776.366291] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  776.391730] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  776.425961] CR3 = 0x0000000000000000
13:33:46 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000a0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:46 executing program 3:
r0 = syz_open_pts(0xffffffffffffff9c, 0x1)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)=<r1=>0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f0000788ffc)=0x100000001, 0x1)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x40080, 0x0)
ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x5)
r4 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x2, 0x8200)
ioctl$EVIOCSABS0(r4, 0x401845c0, &(0x7f0000000080)={0x1, 0x1ff, 0x3ff, 0x8, 0x8, 0x3ff})
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000340)='trusted.overlay.redirect\x00', &(0x7f0000000380)='./file0\x00', 0x8, 0x2)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f00000003c0)={'filter\x00', 0x4}, 0x68)
setsockopt$inet_tcp_int(r2, 0x6, 0x15, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
sendto$inet(r2, &(0x7f0000000b40)="ac", 0x1, 0x0, &(0x7f0000000b00)={0x2, 0x0, @local}, 0x10)
ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000100)=r1)
recvmmsg(r2, &(0x7f0000000200)=[{{&(0x7f0000001d80)=@hci, 0x80, &(0x7f0000000240)=[{&(0x7f0000000280)=""/191, 0xbf}], 0x1}}], 0x1, 0x2, 0x0)

13:33:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe803000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  776.452341] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  776.472806] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  776.517194] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  776.524061] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  776.549499] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:46 executing program 5:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={r1, @rand_addr=0x4, @multicast1}, 0xc)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

[  776.564651] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  776.582051] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  776.607362] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  776.615419] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  776.641710] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  776.649858] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  776.658023] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  776.666169] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  776.685421] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  776.703587] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  776.717429] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  776.724047] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  776.731822] Interruptibility = 00000001  ActivityState = 00000000
[  776.738399] *** Host State ***
[  776.741797] RIP = 0xffffffff8120269c  RSP = 0xffff88018843f390
[  776.749175] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  776.755989] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  776.763989] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  776.771375] CR0=0000000080050033 CR3=00000001d86d8000 CR4=00000000001426f0
[  776.779566] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  776.804872] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  776.819287] *** Control State ***
[  776.828166] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  776.844676] EntryControls=0000d1ff ExitControls=002fefff
[  776.857475] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  776.879118] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  776.892888] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  776.911209]         reason=80000021 qualification=0000000000000000
[  776.918229] IDTVectoring: info=00000000 errcode=00000000
[  776.923896] TSC Offset = 0xfffffe5de535d312
[  776.928621] EPT pointer = 0x00000001d86d901e
[  776.976838] *** Guest State ***
[  776.980397] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  776.997086] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  777.020301] CR3 = 0x0000000000000000
[  777.029559] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  777.039259] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  777.060195] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  777.067144] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  777.075144] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.105990] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.114000] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.132756] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.140951] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.149088] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  777.158210] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  777.172184] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  777.180257] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  777.188526] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  777.194953] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  777.202789] Interruptibility = 00000001  ActivityState = 00000000
[  777.209181] *** Host State ***
[  777.212393] RIP = 0xffffffff8120269c  RSP = 0xffff880186177390
[  777.218540] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  777.224962] FSBase=00007f9b60ee1700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  777.232858] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  777.238880] CR0=0000000080050033 CR3=00000001d86d8000 CR4=00000000001426f0
[  777.246925] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  777.253611] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  777.259756] *** Control State ***
[  777.263228] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  777.270116] EntryControls=0000d1ff ExitControls=002fefff
[  777.275587] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  777.282710] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  777.290435] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  777.297101]         reason=80000021 qualification=0000000000000000
13:33:47 executing program 3:
pwritev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040), 0xffffffffffffffd3}], 0x1, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[{0x8, 0x40}, {0x4, 0x9}, {0x4, 0xffffffff7fffffff}, {0x7, 0x81}, {0x3, 0x4c}, {0x4, 0x7d}, {0x0, 0x9d6}], 0x7)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bond0\x00', 0x10)
syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0x40189206, &(0x7f0000000180))

13:33:47 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x645e844e]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:47 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000a00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:47 executing program 5:
perf_event_open(&(0x7f0000000140)={0x0, 0xffffffffffffff5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x1, 0x7, 0x2000000000b, 0x3, 0x16}, 0x2c)

13:33:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/dsp\x00', 0x200, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000600)={<r4=>0x0, 0x1000, "4c1c851a7c3c663c2be7d74fe84ad5c029ac2e3c63b24663b6b6034dce720a1915ffee712560e37b9ebb6486213124f512071c4cccd33480bf62f4b441f6ea68dfad9546ca9ba0b5b234067bff7b62fca2101b6900f742dcdae91b7ea1baaf220bd40bb547645bf8316677d99a7792cca4143d9ff4fbd4a7dc1e815bf525a0548017ea030a2a2873b28dbaa120a73e72497530cea5ebaf4a1fb4392308e9b35f0f4e7d63fdbc990454255caa6d6f159a91cb88c40941dae80f533c28b08d54e4bcae38f60527115cecfc3ab5e1d852b7ccde17b4e56dd89e57d24ea424ca370abd9747db2b1af19561d28f86a01d7739d6c0e7fc4b29ed8d35e8746b80fce8d71fc635971c896305c6923290f0f8509c06c2772a1c1f508c79c0bd8090e06c42d9918b897141685f5fbf6d5bb10809459798cf45a5713dfdf4988712abd3447724d97196b05a29d49ec7bb0c5cf2c1766678a688b0d50c91a75dff5961fae45d44cf6c75e672ebc32ca205d36008d8be2e6e64edc6cb7589dd6d0f1b98f0c7edea34292a4900b512bfa50aa06036d186aa49e10f5ed70cc217527333a6fd4bfbbcdecf3c1c6e2db00ed8e2ad53ce2876aab0600746cbe03f9d0f99e73f48914a1869f1740c3c80be761341203a2443f4c89adf82d0cee79ba06954794368d36ad698e4e0cb27ac75563f02264fde7bff8ae87bef2f6a6955c2c0dd2bf01d0d8ddaee05e064cb68ed9e859b233cf1f5302f67c0f62a970884262badcec674b101f8b9de9278b53d953d41818f2b6e639f8a53723b9f0b90bb0b34a4e565b8823eee511cd418a32d57db6f313c3b32eb3217f2e5c270ba003a4fd5a51e7383680d92ec9223c4171137787face7a337bb0e09730bd0272dd5a2792ff0d3466b21eebe1ce08a4eaa46134542f3304cbde5daf50680f5fe7e817575b45a4b964b9eb0333f90ababfe8dbff61dce72af09faed0cd748cf335f4a089a2a57846702f1344ab666a76ba2c411a514e8345fd214355e5509e66fe1e35cdcf86e3745db78c30bb29deaacf94199285b0b752081db1ce0066789cb7b71cc2a90620a0f033d8a4e074b78acc86ebd7a1e6a4a9a05b79f5863b20f223eb47741dbae4bb091d6b1df685dc51d3bf4f48161e18ea6192b7edf0f6ec400515495688ce6a65962792136d22f9e5590a0f18d9bba4503dcf259fed54e67fe0531633f4fdbb238240a0bf94d8a014cd3bfc6cc82659516c4206ed00917af4314a48bf836ff3dc81079959f95fc7d11908d3561e78ba2dc4fb1b8878d6285fb8ca83baccc549e0491340ab3669d304f28521f3c30c0b73d57c10529dac84181b890341cf6772f6d93663ebd784c2f421f2276aa9ffeb88c40c11fa2afa42d73e02ba17fb530812426c0ff69887f52e725f4a202e798ce6d1761220dedc2fbc2b8bb58ec9b8eb1726b7c97fbaf4284f7f82c80a40d3db5d93879e83bae0f92448d080ccd1306aa932c50cf084ad7bf4ba2fd2a8b83fbe86ff4859e4bbeea2e9305d7945dd5da24f77a830117c3ef3aebacc7aad46ab23684d5620309b1c15f08bee562b26bc6aa621069cd4803b6b23267f3d0e8da7217a42d543a72b943b4995458e5f27a502b0ac8c51828ae9c8f6480aae1cd7ac52bab2bb004e912d09b88a24b996906cdf05a5f8da00aa3627a2928e384abde0890d1efc34cfd98280deb5062a2f4e14f343ba66554f1bcfd8c5892ef08b3c9de1b6729a270b2c948745d17c19ca69a734424ae2f7f3b8239f2d7baf470e372e57c3e0a01b505ea7d7dd0689a69565d332e190cc894619e986dfa4f78b276ba0e3dba6c59886e437f76e34201c6abfc91a5b8cb6cc49ea1567b35089eae20b547657da862af25113047a12effd922f9ba41c4e7b89050e8a89628d49fffef684afba6d29664087e4dbab65d79f13a3675c239c160b00b542a6d27777c60811db661b019b0c230fa12d9f1e6df35ab962623a87ade34a2d07e61f08d48d946d309f7453546a52896729ce0b816126eb3201f8d254ce7d618b1262c2894d935244cd0cc4cb98b76580b607f5a8c23d3869141b5dbfabc99879a75e1aa162f25597766f85b15365e086b40a1fc1ee83fb306a62ce1be4105ae465a05eb4d2384323c5094d566b70d9e08357e80f6a13d3811ea0d7314b41ca31bcda52388d69a17147186db11f16f2adf19268b8495a9edea7cd121ab1701bb73c19506b9ac66a9b41ee67aea0f7342ceca5c60a91e6350366c8c3ea7cb37a564176c95d001c1bbc82758250ac67d13e46a4fe42d8b9a7e1abd66226991134a0345b3e2de1eff77ec4ffbb2a99c5e1ae76efb2f83497487c8498d01e9b80c07b95d7cee116ab8a77f96182e182af28cfe1166c721a6af21f80071c9375e6917d15e49a763ea7d20e9a4f4f02855999877bae5128b4644fcceaee13619018f2d0a3dc7732b75fe469d356f0a156d75dd3c33c9399008aa7585812fbe743de4fa98d0c14cdeeb6204deb2d2dce5a754d64acefc5085b72a522297af2276705b6f18315e6104a27f45c9e2d9d1bf114d45b0061d08c67db8e94b4f17ec2f03ae6cb738ac1594385e870951a573915de04a30d1d956a36047daeed8cc16f92692ad34a68450d18d9049cd75768df4adb6b422358007ff275ff4eae23320ba6c641681dfb9c797a346a9bbd52ac0abd8d593c0e787b5a9891a901da51a6776483db4951c769adda4ffbced46f1efb00eca3d4e5b8b7cc8346373e8437ed0be69139b2326e505c6110ef91c9ed3082d3fddb6d287bcc2999d21f2e3236654a033aac3059f3261720d64fa5d7fc892f849fba107fc24a6a8d70c246a46b04e3eb83df43e2cc01213d6dcb36dcbb676639cd457967989d75e4c9f82236cd71fc3bbc006fc77f7902abadb7622efe469adedc966d0988cea84d82811877ebdd48e5999e8ba92b03338ebd62f5044ab2d228d0c19ad5835cbfed3eb642d353263b5970c26a435bc267a2892832a82ae33cd07c49ae2b2277bf20ec5a133dbe88a421050d182c85908de9a3e736571be451229964330a76b3d5d409130258df6d5d7ac94485455ed40611033ceaf031f0476ea8a0c7ff17d20b840f436287a8599bbe7b32f54bbf05c7d89ef2c9b406988963c7df806720b1391618f29b683c13d99418ae0fc866a9ae098150e42ded610f0ff4e923200cfb5abe7952d44eb80b24a0551b5ff83ea3611617e8bba8274c87830443c05a5f4e2b8c2f7d5b3df94eed4cdb4a5b6df21ecc2db6d8927185cff755c5337c0e18982d76eb6a9250425fd6a3c1ad4a4980bb85f821fc646f688d3410436d51b84cb403ce2615cb07f031f6a0787a5ea6ea413b660d7c916ff11180b0a6e57f4a08541dda47ab41bdaa424a42877ddcc40142b1d71548e840daca89c905601d79fd11f8596838ac37d5eed49c0964d7bddbdff75bbc89a81ca018833b7f7c41a2eac91a0a8eb21a77c19192b0997bfb303424ead488ac1ab9e087946719cd664d5c2f084dd7eda0ecf6124f4fb53fed8bf3aa2b6d70b4bfee0436d166ed54ac7833c1423fa2933b45c464c582eb4e4aea89aac5aaaa3837336db30c11542a0108affb36a74d466cf385333328bcb6863ebabbbf3c7bb147387e7c22eb184872d72a1ba8ae4ce51ac8d6cfd331f2059d7f243fc903b691429ee961d4766de22d0c93fb48f6ba78a0df744c68b7ff87502dc96de171995ce2867f567bc3f5e1e1e7346036056e3fb35ed1ed5d3cb106acfeb30b0fcb91a9da3ff4352126d8e4875592a99044683db0d41e13b023579109387d30a0b5cc5d3cf6faa807b56da43a5b1a8bbd26120f5cfb42eb72040de9bf9d65527b9322c16a456afe721efa37972da7f345d72eabd9d94284b8a96421f9fbddda08ac351e34bcc14744d8a3e83a543fd97e2480730d8f4b61b19aab729a0b5c49d2456c9d836d361bd37e33b33d52bc953ed4ee0cbfdf9cf96187445975b01e77d3d5aa16fa739c0ea70b083d1da6efe3c1c82f0729735c48104b891800e970c8153a0f31030839e5dfc81b2525aa6a8efe32569aeffa9a0e122991bdda5bbff50150df7620d81bfbcf7d0bcfe1bf7bf4ea00fee49aebc56c93470e414fd3f5f09dfcee00b1392ed93322703d04c596e081eb36240a1c9fdae8f2d4233e181118a1c240ccad195152340390b95945ec810ec6cb97653d38f148803fbc4b24ac45f1caa2a37f5e1cc39c18e98d33c7f1832cb33e747f1497b540f98cc70ba86069ca6b2016eca4a3dc4dbe0981abf71dd63370e4e1461a9ba5e34e4d7ba6162427353aae289fbda7dead3116ed1584d4665461078715450ed8cc6cea2ef37187a769c77108c6905721608b54baa6c1ef16c5abb35b03e085db4e5c3ae5c911510b51428ceee53daa2daefd90358044aab2f7c7cd3a76c76cff68cb06560fbf553029987a8dce4dada61f7643a2c68a56e6ac5ea74c79a60b4f248c33820eac6b2b3155c2362d1957f847ab8f711869ffaeaeead1f8d98808f20b35281dac39056ff4388c78c2e38e645146e4f12fc2035a1f5c3ae19c1155ba0a339ae0e712b3ddf29823be1dd483a4b54e7211937f94e25b5ffa5602514b6a005d2f967bf6c2f15ebe6d08b47359c8dc29ee142cae51f0be2298d0eb0ac853ffa54f12ba1927be8c0fce21e840b2a36b40f287d6b091e14d573a0b23e2a919d2bb1ac68a8ad74ff9872261cc704370e7c6a4814cab64dd8e98635ae209150fdad4bd4ea684abf7b2fab9f807c537cab3f2447549f8facf3fd1b59a6e30af6bc85a703a30ec8e7d0864655097bce3407d9c8e33b8cc44840517a52a5d6b471f3d63cfb962d4f23abc566591b005b4a25a2cb95138ee903cf3505ceba979616833c0c3905a993214d8ae1be4f1036de8ba265a5dc806b7f3a24ac36c636cf1909df304bf5cdfc714baeed25bb9b81d252715f37c9053179deee17cce99e33116fbb38fb1f5897022df3960bb9f212a8e8c808a346c02d744ec84e26725444e32bba04d1c2c3dc6f3c2feff45fa4c5d0c57806e9868a69a36855797335f11320b23aafd3dac730683abfffaa96930a64522cc384e8e7c1e03f337fba1765425946a748db029ad053f38aeaf500f85d562cde4565935c45adf6897dc0002a37b1b18f16dfa8b6e103009ee0a5558060f4c9cdf3795bf0542d2de0feb7aa59685afad57cb71b54073ae5b86106bbab48cb7aa922e768b41fbc7e67fa1698245d1030e8512826289f9e17f704f422953a70065c3f643d5054c39dca5d892bc6e02d6a3c08c6a0d1d36d19c1cd891ba11130116e195db39a3c66373522b4c01c4f741a15aa802290b7e48f3b127a9e7f1db88c28b34a82be5281f1da1323a43a82335c3b4ae266d7162cb8d68fdb54aa3b8af8990916cee3f97d65ffde08b575ff6673ff27145bb1c849cdea915b507d2b5e74995cc80bd316551e3a6560cfaa49ab6925262b435517d7cc25030b014c02cf1be5888ba5e7badc361d18f9a6ac7d9d5081cf700726d72e6df36b9b450b556e65c0b7934ab2d5f6d8733e92e37f12fe1f7b7a5c22086554c6a0061b7eaf9076d6651e9081d1a1df246bee10274dfc4678c57d0d4fb2749beb2a067b93eba1084f5430a5c7b6d5939c3350aad72c8bf6f5ae5fe37305372449e4206705f9fbe70732204352651a14be9313725fd01204074e69af8b03bee82b9d8e3eb41c677516e6aabd0f0b93861a9509cc113495a0f49861b8f316dfa00cd3996333da180dd6c2e02663d1565051650d561123c4446928e5"}, &(0x7f0000001640)=0x1008)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000001680)={r4, @in={{0x2, 0x4e20, @remote}}, [0x6, 0x1, 0x2, 0x100000001, 0x101, 0x9, 0x2e09, 0xd70, 0x1000, 0x84c, 0x0, 0x5, 0x7f, 0xb4, 0xa0]}, &(0x7f0000001780)=0x100)
clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff)
r5 = getpid()
sched_setscheduler(r5, 0x5, &(0x7f0000000040))
shmget(0xffffffffffffffff, 0xffffffffff000000, 0x0, &(0x7f0000000000/0x1000)=nil)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vhci\x00', 0x50080, 0x0)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000540)={[], 0x0, 0xfffffffffffff2fb, 0x8001, 0x1ff, 0x4, r5})
recvmsg(0xffffffffffffff9c, &(0x7f0000000380)={&(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, <r7=>0xffffffffffffffff, {0x2, 0x0, @rand_addr}}}, 0x80, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/4, 0x4}, {&(0x7f0000000200)=""/230, 0xe6}], 0x2, &(0x7f0000000340)=""/37, 0x25, 0x2}, 0x40000000)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000003c0)={<r8=>0x0, 0x24, "a698ba748b95da21347ed725ec48323ee38d03ede41273b69fe3de3049dac8c089437d57"}, &(0x7f0000000440)=0x2c)
ioctl$SG_GET_ACCESS_COUNT(r3, 0x2289, &(0x7f00000017c0))
fcntl$setlease(r0, 0x400, 0x3)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f0000000480)=@sack_info={r8, 0x0, 0x1}, &(0x7f00000004c0)=0xc)

13:33:47 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$inet(0x2, 0x0, 0x400, &(0x7f0000002b80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setresuid(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='attr/exec\x00')
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
clock_adjtime(0x0, &(0x7f0000000440)={0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x101, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x1})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x10001}, 0x8)
keyctl$session_to_parent(0x12)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x0, 0xfffffffffffffffb, 0x9a, 0x4, @buffer={0x0, 0x65, &(0x7f0000000200)=""/101}, &(0x7f0000000280)="66fe0a9deee2a7f7b797abc0c83e803b3430af796c95236c69f44770a5a583ff3b711a424fbf02c06489c64173ce87d515f58ca1b54dbfce60154b61cb288db9ad714f9afe8ed036eff7d62a1adec46bab4396622a994d61df8a87e30a80741ecf7cd85ac5cec93aff4ad14b88b839c282fb406789444719dad3aeaa9397e223b0031796f35f232b34b46b4995c36db16fe9eb44fe0e2b82b8a9", &(0x7f0000000340)=""/10, 0x0, 0x20, 0x0, &(0x7f0000000380)})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x1, 0x3ff, 0xff, 0x0, 0x0, <r3=>0x0}, &(0x7f0000000100)=0x20)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x1}, 0x8)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
listen(r0, 0x1000)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

[  777.303438] IDTVectoring: info=00000000 errcode=00000000
[  777.308980] TSC Offset = 0xfffffe5d87581489
[  777.313312] EPT pointer = 0x00000001d537801e
13:33:47 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000bc2000)="8190e2b180b2e9160f8fab58f37d7fc95953350553f5f86d2144d9b788cde28bbfe41fd7cfeb66d2a836003077f7d08144db1d41fa7f1255dff1fe48d081fadc68a93a7adde602d9d01034199ebd5e4b0ed5358a454cc0916d6c0d3f00a7064305ccd46be9553b978243ab9b8e6108f50d9ce98a064592b4a1e4c65d178ed27971639ee2611147ce5f1a3f1ddf213fe4dbb0e1a9e4f307b80ce853ead942049f8c56dc2b880eb0e9e66c679e2b5c2299bd20b39433033ae7119fc61baaab9e67a2d1b24c8f416f2da9a7324e456a1230efeade28f89d03cdee5d867d155e232bb8447512e4a9baee76fd436acd568f285e08fede7e556b7e6f674c34bbc115ec3d94d3928a47ef03ac3e29a0bdb3d5d9eba7bba7d9fd25e76daee480f39831fabbeddd3cd2291d11ba8a2fdafd0387919e2930ba5e91552811b3b90252420a6608fbe93ead3ee66a9283ffb109b32059a9e2fce77fffefdfb7d99b6a61887e320bc019d2463c1a665088be9ca6b9f8c2fe56e5b861cd6f4897a1386d294c73e1c5350ca74b43280f898a30cac1ec91ead092123de6f2b6e9165da84ec60f1c682d7288a75819779f6b071dbf080beee6408268e876adf49fa41231bfb907755e1f2a9ea159b1c09032e797046139547c0fb88167a7780d689106e0303a2c1c9f057776b4f7bd62064f72ae1a080e39e5a1d467f774298f755f64c451f9e01aed896ed84ab1ac72b1448bef1495774573f30131f3b02a35f74222430251b5b1246cdef5b7535f3d32d5ae315d2a0a8f3485d07c257d3f3da00ef2a276db61537e8e0b520a1b1c069d13682a73767ead8a83904873eff3b427f7c2fe6e59196aa2e98b947c996816fe6f62328fe8e052d88641c56dc83eaa3bab293f46698845b7a71e2db4a4c89f187e97d2af64f9ceb8bce27707275d98070187d3004bbcc8f9940b0cef24e9cb87fa4a77470b245a2a3d", 0x2b1, 0x0, &(0x7f0000606fe4)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c)
sendmmsg(r0, &(0x7f0000e8e000)=[{{&(0x7f00008b6000)=@in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x80, &(0x7f0000231ff0)=[{&(0x7f0000f89000)='t', 0x1}], 0x1, &(0x7f0000dffeb8)}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00006a7ffc), 0x4)
listen(r0, 0x2)
r1 = accept4(r0, 0x0, &(0x7f0000622ffc), 0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x80000000, 0x2080)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x10100, 0x0)
renameat(r2, &(0x7f0000000040)='./file0\x00', r3, &(0x7f0000000180)='./file0\x00')
write$binfmt_elf64(r1, &(0x7f0000002d00)=ANY=[@ANYBLOB='%'], 0x1)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100), 0x8)

[  777.404126] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:47 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x240]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  777.454437] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  777.510578] *** Guest State ***
[  777.513940] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  777.544717] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  777.558535] CR3 = 0x0000000000000000
[  777.562428] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  777.569294] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  777.575469] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  777.582366] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  777.591043] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.599243] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:47 executing program 3:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000040807031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e", 0xfffffffffffffdc9}], 0x1}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x0, 0x0)
accept$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e)

13:33:47 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  777.607438] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.615572] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.640515] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  777.664691] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:33:47 executing program 3:
capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8))
r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x1264, &(0x7f00000000c0)=""/109)
chdir(&(0x7f0000000000)='./file0\x00')
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x4, 0x400a00)

13:33:47 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x58718]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  777.706639] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  777.726117] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  777.757495] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  777.758481] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  777.798006] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  777.808762] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  777.835213] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:33:47 executing program 3:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000002c0), 0xffffffffffffffff)
r1 = getpid()
r2 = msgget$private(0x0, 0xc)
msgsnd(r2, &(0x7f0000000080)={0x2, "4dc7d3a0141d48b7bc1936b65af73ebf1f487479f7ae7203e128adae10944e646819e2168e4819df299ed1a43a6933c7149b607821f0bc74ff24178fb14417c7c8fc0336c5b15a7c66de6798dafc73ca3c70f8d9d12174a9e2301660a7fc5fdec2b03963624ec43a7c1138b973df5f05a1c8cbb61b0f26def0705c7ed861722176556276197bd71e88fea048a75e804731ed0ec209245190f154745cc0e444ca3a6e1dc36f78a8d7865be2e125cfa660ff8aa74e8b467eef017b38e88979a21dbd35f8f7c02829b4cc89deaa8eaab22ccdfdacdf"}, 0xdc, 0x800)
sched_setscheduler(r1, 0x5, &(0x7f0000000200))
msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000001c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xfffffffffffffcde, 0x0, 0x0)
r3 = syz_open_procfs(r1, &(0x7f00000001c0)='attr/sockcreate\x00')
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000280)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f0000000400)=0xe8)
r6 = geteuid()
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x100000, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cachetag={'cachetag'}}, {@loose='loose'}, {@uname={'uname', 0x3d, '(user:lo]%'}}, {@aname={'aname', 0x3d, '$}&em1,em1em1'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@uname={'uname', 0x3d, 'keyringnodev$vboxnet0#keyringvmnet1{self'}}], [{@uid_lt={'uid<', r5}}, {@pcr={'pcr', 0x3d, 0x36}}, {@fowner_lt={'fowner<', r6}}, {@dont_hash='dont_hash'}]}})
getpid()

[  777.866644] Interruptibility = 00000001  ActivityState = 00000000
[  777.880878] *** Host State ***
[  777.884372] RIP = 0xffffffff8120269c  RSP = 0xffff880188477390
[  777.899843] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:33:47 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3f00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:47 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  777.916268] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  777.928208] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
13:33:48 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  777.964393] CR0=0000000080050033 CR3=00000001ce3e1000 CR4=00000000001426e0
[  777.978221] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  777.986488] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  777.993201] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  778.001194] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  778.027245] *** Control State ***
[  778.030734] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  778.042059] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  778.075754] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  778.084038] EntryControls=0000d1ff ExitControls=002fefff
[  778.093528] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  778.108360] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  778.116430] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  778.123116] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  778.132211]         reason=80000021 qualification=0000000000000000
[  778.138950] IDTVectoring: info=00000000 errcode=00000000
[  778.144635] TSC Offset = 0xfffffe5d42a95039
[  778.149339] EPT pointer = 0x000000017f0c701e
[  778.190696] *** Guest State ***
[  778.195046] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  778.204346] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  778.213655] CR3 = 0x0000000000000000
[  778.217943] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  778.223913] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  778.230040] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  778.237233] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  778.245212] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.253294] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.261318] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.269357] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.277388] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.285356] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  778.293413] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  778.301441] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  778.309481] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  778.317493] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  778.323887] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  778.332071] Interruptibility = 00000001  ActivityState = 00000000
[  778.338373] *** Host State ***
[  778.341587] RIP = 0xffffffff8120269c  RSP = 0xffff880188477390
[  778.347691] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  778.354104] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  778.361970] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  778.367909] CR0=0000000080050033 CR3=00000001ce3e1000 CR4=00000000001426f0
[  778.374925] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  778.381638] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  778.387737] *** Control State ***
[  778.391189] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  778.397913] EntryControls=0000d1ff ExitControls=002fefff
[  778.403387] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  778.410383] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  778.417116] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  778.423691]         reason=80000021 qualification=0000000000000000
[  778.430101] IDTVectoring: info=00000000 errcode=00000000
[  778.435555] TSC Offset = 0xfffffe5d42a95039
13:33:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'veth0\x00', {0x2, 0x4e24, @broadcast}})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:33:48 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$inet(0x2, 0x0, 0x400, &(0x7f0000002b80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setresuid(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='attr/exec\x00')
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
clock_adjtime(0x0, &(0x7f0000000440)={0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x101, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x1})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x10001}, 0x8)
keyctl$session_to_parent(0x12)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x0, 0xfffffffffffffffb, 0x9a, 0x4, @buffer={0x0, 0x65, &(0x7f0000000200)=""/101}, &(0x7f0000000280)="66fe0a9deee2a7f7b797abc0c83e803b3430af796c95236c69f44770a5a583ff3b711a424fbf02c06489c64173ce87d515f58ca1b54dbfce60154b61cb288db9ad714f9afe8ed036eff7d62a1adec46bab4396622a994d61df8a87e30a80741ecf7cd85ac5cec93aff4ad14b88b839c282fb406789444719dad3aeaa9397e223b0031796f35f232b34b46b4995c36db16fe9eb44fe0e2b82b8a9", &(0x7f0000000340)=""/10, 0x0, 0x20, 0x0, &(0x7f0000000380)})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x1, 0x3ff, 0xff, 0x0, 0x0, <r3=>0x0}, &(0x7f0000000100)=0x20)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x1}, 0x8)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
listen(r0, 0x1000)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

[  778.439939] EPT pointer = 0x000000017f0c701e
[  778.542603] *** Guest State ***
[  778.556025] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  778.575910] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  778.584883] CR3 = 0x0000000000000000
[  778.590847] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  778.597023] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  778.603151] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  778.610013] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  778.618203] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.626358] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.634507] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:48 executing program 5:
capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000000000))
r0 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0xfffffffffffffffc, 0x0)
ioctl$KVM_REINJECT_CONTROL(r0, 0xae71, &(0x7f0000000180)={0x1})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x400, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000001c0)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000100)=0x7)
prctl$setmm(0x23, 0x0, &(0x7f0000ffe000/0x2000)=nil)
times(&(0x7f0000000040))

13:33:48 executing program 3:
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}, 0x0, 0x0, 0x100000000000000, 0x0, 0x40}, 0x98)
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001c80)={&(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10, &(0x7f00000003c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="580000000000000014010000080000000000000000000000", @ANYPTR=&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000000080)=ANY=[@ANYBLOB="0000000000010000"], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000007fffffff000000000000000000000000"], 0x58}, 0xfffffffffffffffd)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ppp\x00', 0x0, 0x0)
statx(r2, &(0x7f0000000280)='./file0\x00', 0x6100, 0x7ff, &(0x7f00000002c0))
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x1f}, 0x1c)

13:33:48 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:48 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfffffff5]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  778.642690] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.650855] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  778.661601] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  778.670085] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  778.705323] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:33:48 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  778.746916] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  778.748686] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  778.783477] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:48 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2d00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:48 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setrlimit(0x9, &(0x7f0000000000))
r0 = accept4(0xffffffffffffff9c, 0x0, &(0x7f00000027c0), 0x800)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000002800)={'vcan0\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000002900)={&(0x7f0000002840)={0x1d, r1}, 0x10, &(0x7f00000028c0)={&(0x7f0000002880)=@can={{0x3, 0x7ff, 0x9}, 0x4, 0x2, 0x0, 0x0, "02ed70680964e492"}, 0x10}, 0x1, 0x0, 0x0, 0x20000884}, 0x4004000)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040)=0x1, 0x4)
io_setup(0xec5, &(0x7f0000000180))

[  778.826675] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  778.870208] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:33:48 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
r1 = dup(0xffffffffffffffff)
mmap$xdp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000008, 0x6053, r1, 0x80000000)
r2 = dup2(r0, r0)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="f9ae23c9c7ee3291db79"], 0x1}}, 0x44801)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x40002)
clock_gettime(0x0, &(0x7f0000000440)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)={{0x77359400}, {r3, r4/1000+30000}})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000380), 0xfdf5)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000000000, @empty, [0x0, 0x3e8, 0xa00000000000000, 0xf401000000000600]}, 0x0)
getsockopt$inet_buf(r2, 0x0, 0x2f, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0xfff, 0x7f}, &(0x7f0000000280)=0x8)
clock_gettime(0x0, &(0x7f0000000240))
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040))
syz_mount_image$ceph(&(0x7f00000002c0)='ceph\x00', &(0x7f0000000580)='./file0\x00', 0x6, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000980), 0x0, 0x18}], 0x20, &(0x7f00000006c0)='\x00')
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000300), 0x8)

[  778.926052] Interruptibility = 00000001  ActivityState = 00000000
[  778.969394] *** Host State ***
13:33:49 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  778.990610] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  778.998808] RIP = 0xffffffff8120269c  RSP = 0xffff880185e57390
[  779.027432] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:49 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  779.030682] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  779.046182] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  779.052775] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  779.086877] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  779.100416] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  779.108715] CR0=0000000080050033 CR3=00000001bea44000 CR4=00000000001426e0
[  779.129240] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  779.138156] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  779.148890] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  779.174685] *** Control State ***
[  779.187421] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  779.236293] EntryControls=0000d1ff ExitControls=002fefff
[  779.270320] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  779.286366] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  779.293230] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  779.301220]         reason=80000021 qualification=0000000000000000
[  779.308367] IDTVectoring: info=00000000 errcode=00000000
[  779.313869] TSC Offset = 0xfffffe5caeba42f4
[  779.318274] EPT pointer = 0x00000001bbc2401e
[  779.336873] *** Guest State ***
[  779.340376] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  779.350464] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  779.359444] CR3 = 0x0000000000000000
[  779.363187] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  779.369277] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  779.375269] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  779.382654] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  779.390697] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  779.399259] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  779.407331] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  779.415322] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  779.423377] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  779.431415] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  779.439464] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  779.447491] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  779.455474] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  779.463516] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  779.470017] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  779.477510] Interruptibility = 00000001  ActivityState = 00000000
[  779.483747] *** Host State ***
[  779.487941] RIP = 0xffffffff8120269c  RSP = 0xffff880185e57390
[  779.493921] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  779.500421] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  779.508263] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  779.514142] CR0=0000000080050033 CR3=00000001bea44000 CR4=00000000001426f0
[  779.521203] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  779.528480] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  779.534529] *** Control State ***
[  779.538062] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  779.544746] EntryControls=0000d1ff ExitControls=002fefff
[  779.550270] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  779.557255] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  779.563931] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  779.570555]         reason=80000021 qualification=0000000000000000
[  779.576936] IDTVectoring: info=00000000 errcode=00000000
[  779.582394] TSC Offset = 0xfffffe5c4214e3a3
13:33:49 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:49 executing program 5:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2004, 0x0, 0x0, 0x5b3, 0x7, 0x0, 0x1, 0x6, 0x80000001, 0x0, 0x7fff, 0x3, 0x6, 0x0, 0x200, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffc01, 0x0, 0x10001, 0x8, 0x20, 0x9f, 0x5, 0x0, 0x0, 0x1, 0x9, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000480)}, 0x2, 0x8001, 0x10000, 0x4, 0x1ff, 0x5}, 0x0, 0xc, 0xffffffffffffffff, 0xa)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x117}}, 0x20)
write$UHID_INPUT(r1, &(0x7f0000000980)={0x8, "7c70ee3800d5ab5f2036f872e0ac57cbd592bca0d671633f50a3102066d6e765f5a64731e3fb8d90d250eda2cc33b60a7ff98074cdc3f1dd1a2df26a381d95974e0925d521c6b48c3dee0d430d398884316091aff6adb6153dc3c92549957d3488efc02d6f6fb172524b095c30c1bd35aae04236bdd42694d613eb54c0b65a338c48dc4c8bad70754fc81d9928e4a1b81f9c77075258a0805b4494867247966b24a023311fd91ef3754b98d3acde6f2ef0617f123c22fccb81c11389fdfa2e21c2365aabfc8916e02151d8643ae21cab7fcbec6142186d3bb57546c106484bc4c28a48da2b75dd82aabe99464558e60cd101f6b65856fabee614d271741a68dd550c8772f06a93cf8e5c0de549c3b75a72f8a590bd50b2af5f64009c969ed7596f0192b0f98b1afac0e8c5f4c653f611b4a71776400a9ae3f18e75f856788c97195749042510735880b9bb0ccb23210832a4f1c6f134d68f8e299837c426e0c9a45d5d2c959446cc363f370c67cd01a063c91254d692fe35abee92fabda4f66d93228c979ebe036c5c2e0028ec76562d67d0919ca28258fec0ed60603142b5c57c4cfb1ea1e892d0fd2f33970142b179c415d6bea344fbcc82d133052e848a885160737c69eb02ca9f544831c8e3ffcf40cb7b415d24795fc8aaeb8e76bec262aea5e28fe5d6495c4b5895a612b1cc2122286add66356f3ecd309f970634f1b09da1507964d35575167317f13c7fd9f11af27ceea86e9a5b3494a27ba98ba38dd1fb72ef2c6163664fd8f7c946935cd4833121f505ff277c03d959d9a12f3389e9eb6701a8b29f72c20c6abb7bd8349dd2e120bdd59dca9f1a2a877f1677b59d7920ddf29b9d94f7c6879b78e31cf1b65b60fe349ef9d4976f46609ee34e33f647aafbf64f6323d18598905f2e73af75661397595b8f9c1e9a4e993946820da5378ca5b363560e95edce316e99bac6e6250efcf1cb58fdcf94c7557c2d7f763a688543462d54b64e178c2e64c6ebba356894973051907fd8de8ba908e822168b171c1707efcd9ac827e64313721876e2ff26ac34e88557a4a0dfde08eda81cf0c1465a89b68429e48966044c767563e1121db48c9b619fd7362afd15ec6aa19b28759d7977be4fbcad0cf8dd5dc5362259bd5cb5089a9d18db969afe1192571f5fcc0c4d6be281d23b9c1f9f32873c058adfa1bf57a3718686957edfd6e4b58aa959541127696d59fb2810d042ced227961eb19a424e4cf45bc6243217bb7561b7ee11f8c0b8f39480343a26f2da5fe79d5e213c01ea47155ffa91e7d7ba0bc8ccb018bd69cfe71dd8565a645d678b404a295397e83ae69dbf8505f6947a836b44823a92861124330fccd4bc4a2e20d9047bd919d82c89623caa87eb09bd584d58f42b35ef55fddc06dfb3957f3f507e5ca9b8b98947cc5bb68846755527ddf32ffa444e1c7a5654d4d377e04a9f22e1069804fdcdb251acb6bd6b32d100feb44286991d779d2b3e2b7f5cc5f8eb3ae166a3b6fb9df11e1867989a6f9b2028e4c73b4d418b51f6e870713cadafddb47a48c9a97283da214f02db3326d42438d9a7db580693ad1887f99d86bb5fafd6d07c2647fc80c2c5a1ed9ea3b95be65ca422080ddefca5b49ccd538f6bc67390f892d9e416f7e835f76dd90edc56256348d20560caeea05c0922cab60dbf0b57ddaaed6ded5a336e01485fd571dc12050461271cee347c31ac245bfee9128630dfcc43b6d88b5ba9937a6f6ab70b7d256784ff72297cfcfd0ffacd09b55fb832bf60f04d87c48c74972b9f18fa178ce4880b025d1c1097ddb929e8f7e02f1c0e03012bec0fa61a49eb1c2a50a45fc0d98b6649de325184006938e421321e8b366649d9b6ebadf77509c9d48844e80f7752fd7daaa5c938b946feaaac0d871203270a747035c7e2f697c84e792a55cbce76c0a25360f7acbeaab60627aa9c37064af75b67f46732844eb2f6b37226004afe451a9fbfbbcf7e72ade67b017e9209b5627fbe16789abd90326751a1fd1d93efc59f2650f979ba71938d784064922bee2874c4b76d5f26e39ea0a98cf175950137feff9456c88c6a295830183fae3a9c2312c25f3d81708d73488d15a587e7e7cdde3b77917eef29c8b5965c916a65c3c5a53b7313c3115d0a8bb4e16f6b80ff6f78adb756aba94ced86047562a2cd2fb25e9a4656f6359c3f2fde8b5ab38852853cbd7221cb4d59b7f0e79bd37f9ade073f62b75edbe63c13c0d02bf076d88f5b750ea640aad47ce97d6a0783398dd3fbb63734ed969470cf45200235650532224fc28caf1e36ca6b402ec4c978add40fc59f2113485875682139f8aa9aeb48d09178de919370b0cd0ebcab5e60e1b0a2fc153db0dae8e50b48561622a677d0f1afc149676f832e016e14007fb298dcb96f11a92a1ac8bd4cc7b34d659d6cd2c9817b586585e72080255b083bc84512277ffb7f561c6a7a08cd128bfe9b525da531f0bf04f11d3de102b3538835807ac0b2f4325fc6765d02d692ec82f5b338c8257029136fcd3427c09874ecc7492becdd6608eac4adf1abc3f7e08868a72e57ce4dcfc288a25af73d19f1118a9254963c1548cdca5fc7c921a7f218f8e71edd7969dfb35beae1091d7530e32236397fa9fcd232b441ff1b0177829468c198d659d247ccca4fbd58c625501e4368075d0e5e69a6f90952f5bbe48e85a303131dedf7f1a513b291598a545784e1013521877c25d6069d3a855652a4bad5b2df2e4da2de756a20e790b756dd2925ce824561e5892b5e064c7c7b996acc4e29597e0cd00956e9c57ec374714f846be7632d3075e38bead499163498810886c78a2cc73fb64fd48e186083ce911e0751b4dc63476859c2824fa532a4b1711c244619e702eeab19380aeb7b17f67fade3dcad8ddddd893a526cd5d04d8ae982c88029ec71bdd0772fd74adbdb378fc204ca411a2d8a50331516a28552be78f9725f32d1b3a6c7bdf3277c5f7e385c7ebbacc419ec7ca3c5b8f46dbefee59b6422a6b22d60527edc012f852077d925619874f7709f283e01678fed36528003a696ee431a817f34f453c143dc56b70e1f810a5380a555cc8c4fc6522ab544ce5d715caa302ebdd0aa8286b7ef5dd6dd48a8ad9566818f7509daf02db0b98b432f57f1d107ee95a86228728cab4062e27922381e1e2ee351af5e2ea0fd6d1cea70b3b8f4a50f0776fc9aa2a7d2dff6e1ea3769864104f09137b99960b69af13895d842649eacaed8ddf183beba3323640af8deb52b902c0974d685d19fc87c93eb80ad5d28e54363705ad39231d989522e94f000256bc8d93af138a45d67dad3e21fa9fb31d9327c6e71f61956d9daf4f97333112704136d3d1bf6fe0e4c002e10b684d2344300ec70fae0b50532ebace58f0e8318354a172cceacf27d01ff41cc8fef42443f62b0e15b5fcc0728630b96fb2c2b59634f4993bb1ce2eace6fb0f53e5f84bc5f58b1b66d59e3c75a98670496f105a703607211aa9e882e72f13e9fe07f0767ad4e5ac5c732b65301d8ceab36b5ff2f71958fb1b51d2e703ac506e68d4026160fd3f60440b8b8f554f1feeba5d53f71cbe60d143620f8fa779acb94c965b729207a5ab11f4a51b694c31606171da44a28d80cde296dff5724ff718d6377eb8534e616cff39af943ee4ce87b4fadded30c702d370a71072ab3e20f19b8c1b73fdbbb9c675352bb73ee85e22597fc0c439a33f5febe1629bd084af7193f8d1a1415b02ca54706711505cbae11ec6411b012cc3a3eddcfb002901b6e7565b9fbf4d605c147031888ceb590c14697d00970ce9095c6f7fee41ec6a15d7ef52dfedfff2a0d3dbb387b61232aee6ca202787038021e6aabda18e2adf6fd89aa491e65f9813d73412fbfff089752d713d7efa690ec4fc254b56908d3057f65997acf81aea589e272f8fa852849e488f1e0c0cb6cdb5f46ca92e36d39224e704850056d2e9b91909aed0f55d054e274415ecc39b8958335a14cfb0a42d7f26ef8e82592dfd03b3550b5193fba077994c682951968869574fd94976760d9bd9b334353eeda836cc8dab244e72095cc46833f02bb2f6df35601b3085664261abb67fc9ab9f27210e6827cd15ce16c55f0f7f5b8ab401f24032b19a53a9299b62ebf4a8cf7f4753d95126f008a8ce349036666de66bcaf40b27fa875efa98873e1ef9302e2a24bfe07bd1054bdf9ba9ad1b1075402f26d682833b947c762513ba5f07537bb712473184a60e04ace5adb8d982d6153b011ae0b2034adc0ff4a64e2c6561c2e0840cdab2120bc916cde9b7a92c4d332d0f83945fe55e3c8f4d93f22e7759c20241d92cca0ae5a3d06a127e5614df708cea1ad3b2f231c81460ff4c3f349c67a87135a4b67589ffce311832923f71796276e81f0537e265404c0ee06d5ed98a5ec5f8ad62db589eb585fc4627173b51fd4e897a3e8d2acbb82ec2996ac3a6823368a1e12a0536a9d1a7b2d31d80c46c292ff51395481d4f65c53fab867e27bec9156ee189d245d94877a1405dc9e1e996822ad47071a9ab36c9bfd02c41ea5ba21591793053b1b64758bae0addfcd69d169849bc1ee6ce5c08f0d3da5ecc1b6ab31e13af2fa5ce4d921163270901264a88ac6350e8fb6371663dd04146932238597258b123a8036250c190fbb3cfc6ebbf9e06c4a9053e8332c95c91a890a3d35ddd35f47e7ab606f3e345e12560e6d52243883da7b8910834042ad12e7fb3f08a0b14ef6aee22251999e6079be2ef5666d7d5ae00d161720262761da3f378c63cb151f4e94d034e9de949dfe796b905804ca555691023c30ea7cf0cb276e1e3ba65793291f8287d1064606bf5787421b9b9bfc05e9c5eac750de92519fe9e2592cd34a2ef6ec18efed5e7c13bfcfce47327cbecac358bbe6d44164849308cf91cd5ea87fa4b02ba4939e28141c7dad42714b019470d91808a8f46150677b6c90f267ecb39ef42afc95de0cbd016775c89d8213ec9d4e061e6493f237296f91abfc64176c0e885ef54af4136a724fadfe89a25d7599998acebc4a27f8fb5b26936bda5c3d5fec3373dcd9a0e99fc939641c50669adc54119582e8835575d1c57fa955cd29d870360620f91c3ff90d264013816352317ae226f7d7bad5db711f8973382f6cebd63cd519ddd08e1772649be75f64f4acc15f828dc0b305584b6dd2213194603c44e2964358d305aa97fb08568a0a955ad7a6f8d042754b4bbf2fb3414052719fd9841bef8360d1d3195c69414be882115c2c64fecdcbdaed3a2e943fdfef9a13520e41d32a787bcfe4f61e2b378d35aa70784a772cf8ebcaaeb105e4627516db2ababfcb8c11f224c3a48c86160d34d0ee59f02c31648ae4b0309b378f0bf63266967dcfb4f1cc1902f613c6d0d48915a9cf28a52b106544cde1b38ff2e2a1275fd0d3899ce7f7c6653c9017f7ac4aaa35bcb2811a8f9dbb56746b45475350e7c13d42abb5692377da7a4045ee644ce00f8699e3251d75621c82cd659ea3add277affe3ff792f7d24a3d0979ef82cfc0d409697ae2e8598854a8327f46974c901d309dc6dbe31913c59d821aa50c0fe95cc822e8f07bbb00e9a09bc9a570b9778d29308740bc336a41258d209c206f87a709aa43415da0096f7d177e509a7d625645fb098ccc45367d82235e952670ac5f82f8ced3f59fd9ee20ac75be609cc832417e807ddc40630cba4c91e0785edcb5f20b9e6dedb1ec172cd16fc034f410e9ce375ea855144aa3076317f649cf4efe4d7abf244984c4e", 0x1000}, 0x1006)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000200)={0xf439})
setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000340), 0x4)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpeername$llc(0xffffffffffffffff, &(0x7f0000000300)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000380)=0x10)
mknodat(r0, &(0x7f00000007c0)='./file1\x00', 0x104, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000640)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="1a000000a16e2fb5023d489d41f389f095c2b16b4acf5096d6a000000000"], &(0x7f0000000680)=0x22)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000006c0)={r2, @in={{0x2, 0x4e23, @multicast1}}, 0x21d4000000, 0x1, 0xfff000000000000, 0x4, 0x10}, &(0x7f0000000780)=0x98)
sendfile(r1, r1, &(0x7f00000000c0)=0x10, 0x8080fffffffe)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
tkill(0x0, 0x18)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, &(0x7f0000001180)={0x0, 0x0, 0x2080, {0x0, 0x6000}, [], "d07ee5115b8ae83623a4057635ff839665dc71032fe5bd7f4cfeb5de0e66f292625b3c83ba87c800e738a125263d6bd6160d8a90b160a25b8e6f4205d104ecca27734a655ab6b937108e5e87aca4e1b5529c6394c440f60f4ccf972c0c286fde28b7feceec47d977a08a7f8a193c772ccf4e1aebd71a2423bbf620f291eb5aca0c746e9eb0958cd608d4e6da2d96ea1427c4176c30981b69008a5f3283355bf825ea8e31af3b9f3b13875273d3eca307189e3b02a660effcbebfa31c5cadabe1a3a8e301cde0fea0c98c92bbdf6504141cb8fba7af0b3191285b6d2e33a90b41dc081fb289688faf8d40e12ba51d93ffaddd57ef0a578c3052390ab5e43df11af893f5c573a7e1a792b38edea041a28a7b72690e07d68877d73cda83e439e23135e4b2f80a26d86155bc17052886f12ba5dfa6593f761290bff5cd6141e391b09544b986514347ed148ba344799ce56dd92ea99c9222bffe399dc436eaf3d2fb2eec4495f169e2d412a5e645af48245c39d059460cca16a6cb085adae5b33b576ba001a2ae21335708820d6e59c36296bb3b1ae41e00ced746e1bb10ab20dce8401ad2c8da2157c7437e24031e28a67c4c51b393673f54ee12c499edc99ea48f4821e83aba99eb8a1070ef27e24e974fd5eae386c144fa65902415923d9b58506dec2ae86c95ed9229438ac62c8165d54f74b6960dfc02ae09607a83e43bfdfde70a50a7a4c68cf9c16b8707ac2d559faec9b77e85c6db3da4cc32525e7ce7bd5514f29883baf374eca8302dba967bca0fec783a01266e03c947026ace1ea653aa3bb39c99bb3ec87d984c0db3e9a80eb3248e43dba6b64c228e2ef93c384a06d6259804277a59e2a23f13f9366e8a38d7a0f0737aafe82fd3c784f5aca1da86b8765313ced4cafdde6d2e811750895264f530b202517dc2c64b87de72458e8a0a05a1759bd837de65a46968b48cd52f85a4af9709d031a396dbaa302b8d07cf334a209fda41b6f478924eb32941cb74de620dc054dfbda780316280133c18a3c34388931c4e1b023977ff432928af801584585b8187feed1c89750efc887a8abfdda565d1ac3815365cd44e708743169c220df70794c34ab96588e4b4580ef84792ca845e8466a4ca368712b86390047550bba1a4b54c1ccf5ad664d6c6d757d32f9e02a391d5fc43aa73a787621d5330012abef425eb9002874d314aa504a1a1a9ea01ebbc4e49ffb06cce3adec2c6783f33a0dbaff1301f7dc2f733189fbf1d8a98fa9a53103deceacdac7b9ecc80665fcf938ae1658af2abce7065a9001f961e7c81f54a3f924d698f017b57b367b9b3a233985ad7707b2adb535c8788031cc939a100eba443487d205a784fea409f8c912c6af0e781fdd36c336665993614df05bce28836c6298d9fbc4476d2d4dede27a794ea2561e4f587aa630510f09ae84d327dd84e416c408d9336a304c7dc73710da4259a4adacf499eed14178c38845cc891f31ed4bba88c6a324ba7e4e32b198cc959e9f6c9dfc9c5ad10b3fef0a03828379147765f5a2103e63b9b27cc89c5abfea53fdf5dbe2e57e3845f055e81a9cf85801fadfc898efa5ea044b36a592770c7c6f9f3153103cb4a229c18da6bd8b75bce23ded850aa7d8dafe2afab95c59a200856da85ee549cca22f176bb1afb694ec8aae2223fb982590eb7b44324625728ac9661207c63cc3ac65e898c51b8c9aef23c7aaf8f2411c1e6bf5fa30c3db451e91b780bcc73cdfb53d6a2b6f3a0600135eec6ee2b558484f0b7fe2c4592080e604afc11b16c1102d200dcd98054c280ccc98b054d5d3c37383595944a7f5603ae7be51d1671b8213d723812fc134c4e5a1a13dd288272e0b889f5ee4544b1a74f9a9e061e299fa64bef6a276cbf35dae45c236dc823f2ed5d90c98248fbbaaf357f63ffd5681e8c60c65b0471ee975736bb753b320d9edf279afb276b78b06349cbd812846e43526d998b4535de85f42e6ac32a9d44bb2edb261168960c7c6ca7ebf239aeb480436507b5de4997682bf6059a84f896dcfee8752278e5d9f08e3a59ac6a707103275eaf595d2e264d1477f595128d4a9daafd8cd7c9c0f19378a0225cf77286572960a5dcea3c07d70861270862d979ee6bc8d43c0186862b4166bfe172bd9cba2d85104e1ca9c788524df29866a0b3e768b63ab98f7cb3ec1d573c44b5e1a0b9c4bf3c525fcdec8042a8f2c4623e71ea080c7e12c5a3297d3c35dc17e74a5ce9d779ef9dd5f3022739dd15c42ca5db6e16781fce484f13531f00454018f57386f8fd4d2bb2d07b7992fe77eca48d689fc29028a2ce757e92bdf281954484d0fbb3f6b3d28084330aa4811e87819feea18ef9517cb75fc1a7dede2534a3f362f2cbe2d917b2a1be430eb31d4a4d5bb29bbcde8cd33fa4f4950d6ad66259b34f7a615dedd3a321b45e70ade75635f86acfa46b111ab2859eed140e6a0bc7155895c046156742a1774c619b7ffbada1ef14070c0f5171afd728e05f3cacf6b77543105d3e8f57fdefd4f3eb49e1212b3ff6c9e53954727f01ef35e9ae1314c96cedaec73fc70b484562de5ad1ecd3d9f262a0841fe05f9d823d6a5e20fd90d50b6c3edfae340565042bb22bfccb433dcee0da8e771ce268fc108784d9267599b6de411655f94e9c12931fe88c4b8e7632aabf2d93e17632277f270ee3940316468adc35c93a9fe2c1cdedd7055ebec7f7b0b43deba218c536da593e2024a5aa3f94ec7d6379e876949c8b3a0193fdc6e5504f5cab5c60ad5b6e798e171d1fb67a3efb823a91452d3b4ccbc9e0119467522ea2fc59153f1cd218a83c86fadaa43bbc3d3df7574f910a921c7fd195a90cd08671e7587dfd4f1ee4f44c8eb8aa6122337a0fc2ee9a0918021ee6fac1a58d93732b867fb67530ee7e0f4d97b352922f6754783f978299cd15672a7fc0a05f6717ea3a9e0988fcdbbe0201b6c85e5a311cc34560091d66758a9f916683d70ac47734121cb0bb8b914592720d6e88dff8fc65ebdc93c5aaf04e5e791c40c728811f947bd0e47602892feb5c2d412c2f2ff66afb7ff3af62b26a271ad246d374004e965a478edec95ffe03c9eeeda81ab1ce29a3dac1961bec70b86e024dc98119550d0c4bacc9fcc9b49cd07b1988704ddd4d9c875d2ddb27ee6cf17abbaa88553cce24240807c4c0f93e4d5e25966562062556cfd99973277699c7c3079ac945cab58fb9aeb61038e97041b375880cfe9c684aff0a1fbc922d971297db145cfdde1206e301928f9e256df4495374f408f5d1195923d82a8f5e2cf7a3cdacbc62d3d36692f11c2086e123d23647d6f9f5285effa2e0ab00493d5981fd636a4e6f3929d297d2b9f48e55e9db3e5c3a4c4ed5d473a273aeab608531db532e9ac8d5c1e29f404f13c69925380c8c310934152fe6d442db2dbb646889bc48011b1f91d07a89dcde90329f1cc84718631cdfe03e2e458f4cf4e2f4122aff94322a77fb8b5da1c0bd29922c73f4919578e6805f5a6c62069949db8fe99c281b0990ba1b0c0be17efe8f545a4ffc50857dd1f0133171985ec4eac992add043ab1cec8d16174311f8e89ed04e80b5baeb69b2da5e32471908a2254bacc42372d4b03c6e5c4df914a75fb87a2a0cbbae2fb7918e9af9614c98282fcedb6aef4d06debbc623aaf22a2e993fab42389ab2f27e72e8789f11cbbde18327b3a360f567df53a67f660fb77d9f2fcae43e8ae73aa7c58c81e948ebc132dbd1f7ad3be39ce3eacebf795b542a18a49c296fd2c98fa6c1c92f29392136c2e8e0dc0150b7cd2d91714b006985ddcbd80879676a3f85a75c4d3b5415db93f94505bc3eae2ecbef6de15615514af54bd885288684376e1d11227360773a35856719e18aec11d15ca0679ff4d53c477c9cd30a7a45ca6a4838c0b085078bd42e6042be8269ce9759f1d23fa98cb8263c8d4ac89577bf3154369e5b40bb1ed28f048a4006efb707b5eacb2f6b3e93c6d19eeeff49949e8b5d21894caaea8172d43bdf6997fd356ada3fe6ca691d86549fedefc719b74d739c431ecd4800c104c80c6621dcff5eb98c47b7b32e2fca7974f2bb1024e4146bf0ec5143e8b10fc29c5bc2f77b5021c34e04c26b93f02bed53c17af765a2853710d7f2c49192b577024233fb566776973c62239d038fcc1353e36fc200d386fea3268699aaff0c6589cb2245d3e967a3eff5cc866527adad4ceed45ba619ec8b053bbbb62b88f3bea4f6380a5a62d86608e5e6e355ffb78a484c013f19977943db91b69686c818187438003b93378ecc8667c9902b0ee36a6560005e87ca8132b338d2116dee1c051a1f815df2950cf15bcb3129b9e17bdcfb2130fe3597852fed354a259cce452d10ad2ed89b71b0a71c173c95578c687f0129952e65e783b33bcb53183c017b4a3f687f9d985d6369602a59351059f9a9a3985ae7d796eac76c66a6eafa48386d9fbf9f7f3496b8c5a75f489e3dfd596e7a1786ceb22a80d855dc9ebbcce089541d229de4e6b3a963f2d7fa9cb6bcc14eb6ad856b950859f40925dbc3aece4dad967b971223f63a66514aa6eda9617cab9553af61cfbb230f687c77b5cf51e8df891de582978ab5cf76d4fb35127fb20b624020a8dc23f27e27d215101c773679722929028fd164a7d44cddb6000ba6e3f17cb268a5d3bc3528d3a31ea506a2ddaf6a1d3e0cb695719f958fe762b8e467dd9f4808e22a0329037d3e92a1f31600441503bbea4769e1d055d53efbd915c2c9e3b7a91e66dcf9e0dcc8c19de36096df44e81898347fdca40e0afca5f428b8d78a301415588eb7a0fe859af02f2c88ad2ed960d68e9ea0b1379611298e0f0a0c8dbee814d32215e631abf288be6f2ea95a801dcce8945a183ca708d8523528410deab79c332646a610a4439d77c0895a1dcf626bf3c2e53cc1d809f27948c2a0528cbbf737612b52a28e8f9eb8241907574a2ab1f17f72132be70ba6fa3e3ca004144a241cc2c6a668988cc8c8f7b54e963b760f53bb2ee14b7018a0e98a8a5de2eb29d516d008ce5be587b60c712fae13c286510d77ac2bf45a084552b4eecb84c5c358f9419aac5b4cba705576885e15aaa26bbb910c0fea609492587d5f4d45551c52648a457387eb5b0614f189faca1f4be1ac326260a96cf3d0814dc5f6dfa36fe219663315771f78ebc1f942d859e723aa214aea82d2283f7b6b0b27aade2c0ef85bbe8bd5fb5d32df6ebb1fb73b665a5ac57a3e2d23c6037ef03d71573f89e6054f9bd0256c55e30a549c7490c0ab8215ff9d86700045b59c97216421b504a6f956bb2e4ce2abd3522ae7e78140d1c051affd088a9b41cb8df7269e318d26fd5532cad44eb2e7b3eb2f4e5c5f3ee8fafdce7fb49da1054e498917ae63d401d17f6948c454bc0e1fe6ee962106f4f50e1f107d215275488ee933b806825e759241741ce028a2aa29592e323e0bb0065c4e0ec8b76fa8905e3a2261d9c97ebe87c65d39b9df25fa7d0cc9d2f0887648e5eeb70c5f91503dec67adf8e206ad32c51f9ee25b3503c712fa725ffd30131eb026778b06c8a45e8131d029d7e22062ca4dad4b4d67c164c932926c4f3dad991756623d8fe1ab39590bf53085036fe484c137be5a1af5e464e6df871db54057211a842c40de3069fad8320d74ffc1d5c0dba4b63d84f69a36e5c820cf92fa15db3597f66c66e3f4d4616134f3754029e69374c5e439358eca89fc25cff9b1abf2e5e98ce310f6bbbf052058906949f5852e241425c542e5a3c5091272cb", "c5414f84852cc601992fb0377392b0ec46813bd0c4e104e6470d4cc05ecd892683c0e62f0b0fae5124986bd24220fb2b7810d46e200735592731d8af6f05f5ceda818c1b044f3e9b67965430d3739f1efcbec0daba77d8f4f9d8dca7f6c93383d2964a0e4f900c0d65ae602a81f5d777a967123761145ecfd7a75987ed8cc2cd85dfba5b37c855f721b0f1b99593caec7ce1a7b016cc06406dfd7f2b5022bac631f3991e0486e9b4e634a57efd59b0393b81b841b7fda854bcd274e5cee7e47fe2258e380fac3516a1f0f0caaebf090d37f323cc68c415d4431d80ec2edb9b83ab0eb2f30700390dbbc76e7d0e8398b14281b9b24f66d9c514a295e95014cc0b84cbaa84260bf8823ae76e3427d0d930c280709b6731ff192b801632774453029c438ac56b06ac92de6dac7d4d85cade584d9535e1f2c2998173f4ca112b1bf9f9f7c5721025557ee33edf3b8370d674372245e1d8126e258afdb85a24c881bf2e7ae0124f0306c127b1df5f056c5b74f8ee7672b0fab9653b97ec6cdb88512685711f81e0f27399f138802306ab13882bbf989980324662c0f3a1792fde78b8a48841390154b96eed65e086d882e8da64134ecf22cc99e3274532d5921c09d6b0c68780e5167fd925e5a9570530b1322d2e72f6f9747568a80d402e7747d6607075830477a21d21ca74a3845b135f5cbb6a69cde9eb6520ec42e524bd65a4b3366ec198e2b860b2f7211694aa25d4a7af3a092f7ac141dd4b5ab7012f3dab0ec7b9edd77e5c05617a60748b73a02be7766127c4fbfad0368e043da62ff978afc7e530a62b9db2c8b9d9035e1306b0491d0e1d8bb5f5c91b88f6b0ab6dbadd9cb686a7cb0d9e1307543a352bedd5b4c7406a4aa4f454ea4dcf74713e2d8e93de35df1e81825f4bddfea66a2e8cd7b3ca375ae04088154b9acbc9e8ef28fb7aee09b8da9ce9bfceadf9142374eccffc74766463fcb0d948b247ca0dd74f0b06ba70ae219e5f2ed9fe92886fb4ca6a93b23ec3fee89444e556817f6c96e3c8fe3611e789aabf4f6b971899c6d6c242345341172699d17ee28b1f499ff3a616d9904f54896e53d2a04b5592c0e27d6e9fe034eeb079958b0d1d846c07e47b8fa5b7cc3e7219dbb0d7e2ce3b2565c0394be202ea85559b9431497ffb4ca2660e24d7f629552fc435078bfdfd814c29c8abbb308197800c0562c76a4ec25472df123415c8924496ae770303f62ad87b47eaa01c27220ffc0db73f886a6dad7041d8510bca30b6aba0e6c8bb7cf2bfc3f76ceb2ccb14007444f8cc51f3717b5aa8d0adc1fccdf166de932fd9ab056c60fe70b2104f9ab2af58e458abb16f483d6e8f2bee5677b3ffb79a7063262a1243aa80fea9e621d298189415957ef44b3c1c9019235e44dedb07ddd78e02a27342f7502af6aa810add05b12c8bba13f6b43afad8db825027ed8aecd0f1ffd078768ff03da49e23ab3aecb6c890876753fe86444fa6bb6e958f156533022ec40c142dc2d2e53f346c8d51187ff00e6a9dad9799bb5885effdf7b9b6fbbd227fa8b6c66adf4160f63e1b2a55f4cde2213fb2cd7be129f2197a386cb75ae980e36d794786c16f1ef70d05d78bc25ebaf75a152755b25909fea16b026e32a0fcf5e04d9b284fb3338f2bb07bd675cdf82222b93ca733d15d71409d270cb2a5545184820af1eebbdf8783e62ffa1b25895673263e9a2739b71aa751c35f3893e1dc5c1ef235d09539fb6b07e9046ae4d56557a0d689b6dec868a331e3f693bcffad8122f0e6c773049ecdf326a1a9a177f2ca6fbde55ae3d0466ac9acb3aa40af2e00c5b0af713d3f7e0100363c349afed61f847c4a60ecc63c82da14eb4850003c32bd92398212a5a402da756be7b26fc5a7d51363d4b96fe9f3bbf9e83119b7e42cdfe1eadbd27e1fc07bda44d5455c1626be9056b934cbce4a11bc75aa868ec59ead51aeb0cfd96baf06468a3cc7f0645ffd1ffe52ffe137d3bddcba59fe831fb893600a589ddf5f9a369d4bee2dec9f5cee72721f7808625361b807d4724f444bea64f7d8b569dd7d4500ee770168a8c363943f06b74e231e315e33fd125061d2ba11dfb74e5bc617b50902e8a3018e4c9ef643419ac5efa70ceeb2c0e6d795294e0cc2b581f3c9dde72aaf47862d7b0829f39ea8c441f504ac87557a54a6e353c9df6ff6a97d83f5c2ae055f5caff86c6e54db9ec8b4f27db89ba6a05ac5101aca047bf4470d99d49b6f2a80c7444b794e4eab5de057837f0ab84cfae955e2079f253d597e3b7ac7f96d2574eb2cad9967d9bac65d23a50c4a68aa36d515d48cb5aecefb5857760937c7840632eee1c425f2a0556c3e6ffbc46b798c6a8bfd798cbff1e492344ec525d65cab686920cc4f2d1b62de8cdc5653ec980810ac9456225952b47f6f467d7eb6acd5b7938ef619654521cacee416eafd5ad7f7e4d5220aea56ae25af5c28f5bd2191b80aaa76f910c439c14dfd3219233ba2e499e2dce8c645f6742af1a022e3637fb808f94e65f6409412f3336604f4dc559cd8b2fd121be25a884cc5dc34a6a37b04aa190a916407a8aec424d4b922e79840380c165ea42470d7c320f967bd068b76c01cb0f053bb59bcb0b0cbb79102e78075c66d6935151f617f2477a6ac61ed71dc1f51c58580202ac5a54473ac1866231a2c7349164bf705dc24a642879c4534ac355808ff0ebac194d9511e2210d4066e209f565e74b3fa1041497030532bfc2f32d28df094ab537c270abe0e0775624d96ffae3908ede0fd4c583198c1de6526d352e67913867f4db95739f36133637d323c47c71615fb367eea5c743921c75c43d241093d55905c831a05b0172014d7c23ed60368611820e733cf6512698f84f5d14f5ae5befed67e52582ab7d6cefd53e4b25ccef5fdf0707966f36cddbd459b1692522299a9ab6af63a67a4b5cb667cd31b711c560475dbd9debb0a8a9ace85aa0da1e5bf36c76b2ce8197dec620be96bbdb3083d4c868d98f567d98915fb7def6108deda605784d1fffc26b594542fe931347b2a9eadba67f2780b74151b869ac725b513acf75add42e928f70a45c6ff5d83f356c85b6874c049a3d71952e76fed01bb550b7e904b02bd2a3c81de37d2f8ca4a12e6cd432077e482f2a10fe6fdd968006611860997c1dbce97f33ab38801b4746bddf657f11fbefa93214541572ee81c82546a324256d601a3acc5d6cf9233edcf89de22a8f0615b7f8935a4116cf26546edf5773b1f686e231524da182aa10e652d4554fc0905ff6f6a5df46d4af87d99c4e1065b77c1ca64c29267a600e801474905d460b45cf85cbf76dd75e4dfaadda402a7f5fd195eef247caa6d71529759e927688d0f4c9836f55c594e61fd471b3080ec928dd2bd7661c7f9900b436266262633b877a2772b60ae5ec04e38dd2aeec382738ad9114bac2232e43fec968dd7cdf1c19a48749eb727f6b75218ddb00678262006c330244ddfc051a403201dd52ff637f763aa9b18a030fc5778eb74d78b11b7cd8f4aa50dcd82301425600642352d4c1f5d2103432893bb880f6f36ffb74776142f92010241e497b6a39c169295b4a272a902fdd3df9763c026de414bb1e9e1b6f7d6becc2035524b74e046433a4da8d3e146d34ae977c0913d288eb3e79c8ef06a3862ec9c993b34600e79d042cb63d0b0e292c00665a9b03e3e91a3cc20da11cb7c0d3481b5b4794c40c3fe8b35775a1082ee731a4df9c857119630687ac1b7c722673348400cab30f3440ba1fa5385f9b07abbfddd8be22ddd0b11911c6e201c584391dc817a316a8fe29fc99d602f9564ab1a32cd3f8624accc5542f9dadb1835d7aaa193b36a5b562a3693111b88e04c451fcacf215983dd81745a01f5331e183ff0488a6130d3a2892292f30430d80460c194684a55ca380dfd9c136f3647552c480928f03f7c653791682c08bfb707ac53e9b1d29972f9a79523e1b65f9de583db0ab18f2e0a39c40e8fd260c538ea78cdb31e0fba4bdaf1cd4dd10e84a2783a0efd72787506a805840ad8bb4ceafe59a82ef4c82450e262e302852139d1548e5797d6f7dc9d0dc870c574103b6d4a0642d89321a6df932eb875c755e0c93398124e32779bd7bc3edb846484c6b7378dc427b68a0529cab72612fc7115505d720d23a4de74e3742611e6f1d1ca187818ba6e526659dc4833e447bf9b7a8e848928c59f3e921e7e96f4bdd00926744e2a3404eff5b1b27786aa23259fee4557ad0c195ada64bce904a7a7127898ab4979ed4e08d89a0efd914ca5067dde4224b083f378a737ec5710daef5eaeb8abe60d533ec17a091c2d6cb0b78933cbefdc548b133a56d5ba8fcfd78b5ad91a0a38fe240b0609081a7e115020469ff010def84650e333341b511d27fa9af16ca5a5bc63a1b8fa88e43da8bdcc80edebdfeb009b8dc5aa6bc16774f898a5f7ca3bce276eeffb961dbade587959a62a08122b1727772ade968625d768061e9b36279d7d818a0ec4b5c3656f26771354effe1a24295d63eaea13a29afaf275cd21f7e21e7973cc541cb27518f232c0029c4726ad9a6f22ccb29a9f46bf19bf19abfd7df8a375be6795a3b4aefe6f7e88d149db827374109b25a4f68227a477aa989ec012abeaa53c0742c8fa96c4163295f1eedb556fc93a4329f09c5ae906361243ee3fe25032ffcce4b8ac52d4c93ac6ed8291aee7f12cd6604663ffc2d311131835fb1e5b3594d9b33b0429d8818df7334a2946ae6d37dcaba3a1a444247778f4719f8caf9a39fd6c284fba3a6ad039c2d1eec68b92f877ee1cce10ead53fa5f28c3fea4d605f1c6568fc98d94f0595b0beaa32207e29a0577fede84cba6c62f38bf8cb4586e52a7077f3243a15a23daf61ab7af40384ca5dc9ea7aff335f3fed58c2521d25883bcc76869c7f13af9e75863ab64f6aa8f1297be6de6642fb70e74e68852d90c9ab46c957bc866e9fe3de969046d6ed5a3e52e28f3363f3453f08d69faa29fe16c4ef5c1d9524158cfaf611ce354fc819207c68dae18796e04b0e09a849a8d523178b5dd5e4198480c597cc1604828ec51d4b7bad6a23def0ae1517b6959edca3de4de6f1872461c2576ac6411579359a50c2b8e3ac3c51193941ac37774f870746da3cf046aac103ba9da5f4920556d125557d033f18e8227b1fcf252c87069c14a45acd86991da02f8147175225a33519ac344088f2b26910cdafe2b6392987431f68cf0d2fecab7d40ebd149af79ba007c8e9eeebe2b8147e36bc54d32ee8b69080687b6faec1e3f2aeef45017c89149a2416f1f4177deeb6d9df429b1e58863d082f54085914b0e9bff75e0af0c274fd11d315dda22a5c6805b181a559aa21da4c1080746b7e244592d00fc0e13e929668a560f0bf23784dd158a4102a4e4cc95945a0ca18a322871bba4186c7488bdb6d21cefa333307e4290708cc2e92469d1fa791de9abaf3a89988a2ba6390147d5d00e96ffcffa60187d712bbab53ddc19bd4ea8c26ee60b281c02a7418acb31377797da4de1d446a8dc8844c50423b6de01d0d70952af10feb17e0c1eb3dcfc5b085a8f5aab31b9647d657388ba7ce955b05d190980aa9c5af7f69123710632e7c00c1332a665a0eee07780e3e8762729cb48d9588f644319d13251df2a667a85d716718b3a9110cb6ad941b076e5f7b29fd9486e470c8fa918cf15a8db86dfe3bd6a41faf1f43e9994cabb66953798c7c4416b727c5f55282bd50c1dda6500e78e3c073ba6f6d09c1c7f1e22974eb5a0ed26"})

13:33:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x40, 0x0)
r4 = semget$private(0x0, 0x6, 0x400)
semctl$GETNCNT(r4, 0x0, 0xe, &(0x7f0000000140)=""/100)
ioctl$TIOCGPTPEER(r3, 0x5441, 0x8)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:49 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$inet(0x2, 0x0, 0x400, &(0x7f0000002b80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setresuid(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='attr/exec\x00')
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
clock_adjtime(0x0, &(0x7f0000000440)={0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x101, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x1})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x10001}, 0x8)
keyctl$session_to_parent(0x12)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x0, 0xfffffffffffffffb, 0x9a, 0x4, @buffer={0x0, 0x65, &(0x7f0000000200)=""/101}, &(0x7f0000000280)="66fe0a9deee2a7f7b797abc0c83e803b3430af796c95236c69f44770a5a583ff3b711a424fbf02c06489c64173ce87d515f58ca1b54dbfce60154b61cb288db9ad714f9afe8ed036eff7d62a1adec46bab4396622a994d61df8a87e30a80741ecf7cd85ac5cec93aff4ad14b88b839c282fb406789444719dad3aeaa9397e223b0031796f35f232b34b46b4995c36db16fe9eb44fe0e2b82b8a9", &(0x7f0000000340)=""/10, 0x0, 0x20, 0x0, &(0x7f0000000380)})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x1, 0x3ff, 0xff, 0x0, 0x0, <r3=>0x0}, &(0x7f0000000100)=0x20)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x1}, 0x8)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
listen(r0, 0x1000)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

13:33:49 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x20000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:49 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x19)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000240), 0xc, &(0x7f0000000080)={&(0x7f0000000140)=@bridge_setlink={0x20, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r2}}, 0x20}}, 0x0)

[  779.586772] EPT pointer = 0x00000001d382801e
[  779.664045] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  779.697331] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  779.699546] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:49 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  779.818771] *** Guest State ***
13:33:49 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x90000, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x29f)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xaaaaaaaaaaaacc9, &(0x7f0000000140), 0x0, &(0x7f0000000200)={[{@nls={'nls', 0x3d, 'cp874'}}, {@nls={'nls', 0x3d, 'iso8859-14'}}]})
r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x103080)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f00000000c0))

[  779.840159] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  779.886993] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  779.901614] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  779.920791] CR3 = 0x0000000000000000
13:33:50 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:50 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3f000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  779.933158] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  779.944591] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  779.966794] RFLAGS=0x00000002         DR7 = 0x0000000000000400
13:33:50 executing program 3:
perf_event_open(&(0x7f0000000d40)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x3ec, &(0x7f0000000000)=<r0=>0x0)
io_getevents(r0, 0x80000001, 0x4, &(0x7f0000000040)=[{}, {}, {}, {}], 0x0)
io_getevents(r0, 0x7, 0x7, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f00000000c0))

[  780.026223] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  780.052384] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  780.102841] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  780.115046] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.142081] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:50 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  780.153759] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.182140] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:50 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x50000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  780.225172] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.258055] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.283559] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  780.292082] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  780.301239] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  780.310666] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  780.319136] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  780.331664] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  780.341627] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  780.379790] Interruptibility = 00000001  ActivityState = 00000000
[  780.397689] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  780.410216] *** Host State ***
[  780.414026] RIP = 0xffffffff8120269c  RSP = 0xffff8801d14ef390
[  780.420509] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  780.426997] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  780.434815] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  780.440854] CR0=0000000080050033 CR3=00000001bbea4000 CR4=00000000001426f0
[  780.448472] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  780.455221] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  780.461678] *** Control State ***
[  780.465148] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  780.471911] EntryControls=0000d1ff ExitControls=002fefff
[  780.477581] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  780.484530] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  780.491355] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  780.498117]         reason=80000021 qualification=0000000000000000
[  780.498127] IDTVectoring: info=00000000 errcode=00000000
[  780.498136] TSC Offset = 0xfffffe5c060d9abc
[  780.498146] EPT pointer = 0x0000000187fa101e
13:33:50 executing program 5:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, <r1=>0x0})
process_vm_readv(r1, &(0x7f0000000000)=[{&(0x7f0000003640)=""/4096, 0x1774}], 0xa, &(0x7f0000003600)=[{&(0x7f0000003580)=""/121, 0x79}], 0x1bd, 0x0)

13:33:50 executing program 3:
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000080)=<r2=>0x0)
io_submit(r2, 0x30b, &(0x7f0000001700)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080), 0x10}])
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000280)='\'', 0x1}], 0x1)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
tee(r3, r1, 0x8, 0x0)

13:33:50 executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vcan0\x00'})
read(r0, &(0x7f0000000080)=""/163, 0xa3)

13:33:50 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000a0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:50 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_INTERRUPT_CPU(r2, 0x4010ae94, &(0x7f0000000040)={0xdf, 0x4, 0x5})

[  780.725480] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  780.740272] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:50 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  780.774118] *** Guest State ***
[  780.777848] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  780.809033] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:33:50 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2d00]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:50 executing program 5:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x3fd)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0)
ioctl$TIOCMBIS(r0, 0x5416, &(0x7f00000004c0)=0x9)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000100)=<r3=>0x0)
ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000280)=r3)
r4 = syz_open_dev$dspn(&(0x7f0000000500)='/dev/dsp#\x00', 0xaa8, 0x44e080)
mq_open(&(0x7f0000000080)='bdevuser\x00', 0x0, 0x40, &(0x7f0000000340)={0x75d8374e, 0x100000000, 0x8a2, 0x4, 0x1, 0x6, 0x6, 0x3})
openat$cgroup_procs(r4, &(0x7f0000000580)="6367726f75702e70726f63730086a45914c489a981a33436d03067ddbba870f474eb6ef1662bece1710c65fe5f8b3f6a4fde4c092b153f1b77e6d35b8f5bc1e0576906b21783467ddb3fc1b764a11e8509a948b4f4f149376972c80faffc19089d9492bdcc99b5c40bed73afdc596f6675f88945416c799a624124331ce91376f8aa569383569b5470056151a8c08ade8cb9cb9735de47ab6a300a42aab29c114ac31c1554651477b9556f2db3d8cbaf050115f2aff71dce5276cab94ead8ccebc3507af283567ea5ffd05e157412bef8846790d508717265396c8837c7fd28e6d3dc654d6a5b41b35616b6800000000000000000000", 0x2, 0x0)
unshare(0x40000000)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000040)={'tunl0\x00', @ifru_names='bridge0\x00'})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r5, 0x80dc5521, &(0x7f00000001c0)=""/153)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000540)={0xf000, 0x3000, 0x7, 0xfffffffffffff800, 0x8954})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0)={0x2, 0x0, 0x2000}, 0x4)
getsockopt$IP_VS_SO_GET_SERVICES(r5, 0x0, 0x482, &(0x7f00000006c0)=""/186, &(0x7f0000000780)=0xba)
pipe2(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
clock_gettime(0x3ffffff, &(0x7f00000003c0))
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = geteuid()
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
fchownat(r6, &(0x7f0000000380)='./file0\x00', r7, r8, 0xc00)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000300)={0x7, r6, 0x1})
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)
r9 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0)
ioctl$BLKTRACESTART(r9, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r9, 0x2287, &(0x7f0000000000)={[], 0x0, 0x100, 0x279d})
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000680)=0xffffffffffffffe0, 0x1)

[  780.825026] CR3 = 0x0000000000000000
[  780.830529] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  780.836880] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  780.843155] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  780.856703] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:33:50 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
r2 = dup2(r1, r1)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x1}}, 0x44801)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000002c0), &(0x7f0000000440)=0x4)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[@ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="a693f9714864fc33948eba9a50340442897ec1c9a73466b49b708d27f8a986ad5970cc06408fa7452be3905c9800770f93640cf50d49e95b97f95618d583b222e5cc65fa9c2fbbfa57da921cfea5df4967492719f9124c8ffc19c08e14cb90c495ca82a74b371afdf79f360b5c11ea3a0a6ec553f2302586df394da63601cf39902b488df8e13c1365532d9bc1c06429669c3e4a9c9747916b57c09c38b6308d7d6de83be847e95f6dc2f4a28331202ca62b5e8945e488e92c445fbe88d9b84c4982b93de8e0f1ecb30a5a489a112a6aba9851b0cc616eba6ae03202950187f4f3d63961784938317877fa20fc6141cf58eff6a398f41fba"]]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x40002)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000380), 0xfdf5)
sendto$inet(r1, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000000000, @empty, [0x0, 0x3e8]}, 0x0)
sendfile(r0, r2, &(0x7f0000000280)=0x4505, 0x5)
ustat(0x80000000, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2f, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27)
ioctl$sock_SIOCADDDLCI(r2, 0x8980, &(0x7f0000000200)={'veth1\x00', 0x5})
socket$inet(0x2, 0x7, 0x85)
clock_gettime(0x0, &(0x7f0000000240))
setsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000300), 0x8)

[  780.890113] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.916312] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.944292] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.963538] IPVS: ftp: loaded support on port[0] = 21
[  780.977397] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.989311] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  780.998013] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  781.006517] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  781.014855] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  781.023601] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  781.023614] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  781.041041] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  781.064077] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  781.073114] Interruptibility = 00000001  ActivityState = 00000000
[  781.092990] *** Host State ***
[  781.110766] RIP = 0xffffffff8120269c  RSP = 0xffff88018a777390
[  781.133071] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:33:51 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x11]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  781.172848] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  781.194857] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  781.206249] CR0=0000000080050033 CR3=00000001bf6d0000 CR4=00000000001426e0
[  781.225966] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  781.236469] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  781.255971] *** Control State ***
[  781.266223] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  781.286497] EntryControls=0000d1ff ExitControls=002fefff
[  781.292104] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  781.317040] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
13:33:51 executing program 3:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000280)={'veth1_to_bridge\x00', &(0x7f0000000440)=@ethtool_test={0x16}})
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe)
mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x20010, r0, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x7709, &(0x7f00000011c0)='\x00')

[  781.336235] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  781.351907]         reason=80000021 qualification=0000000000000000
[  781.365913] IDTVectoring: info=00000000 errcode=00000000
[  781.389630] IPVS: ftp: loaded support on port[0] = 21
13:33:51 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
epoll_create(0xfffffffffffffffb)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4)
sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x8000000000003, @mcast2}, 0x1c)

[  781.430328] TSC Offset = 0xfffffe5b7d24fece
[  781.436550] EPT pointer = 0x00000001c78c101e
[  781.480656] *** Guest State ***
13:33:51 executing program 5:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000020000f8ab1414bb000000000000000000000000000000000000000000000000000000000040000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004d299c5d412dab000000000000000000000000000000000000000000000000000000000000"], 0x90)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x8000)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2)

[  781.501039] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  781.516187] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  781.544983] CR3 = 0x0000000000000000
[  781.589592] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  781.600928] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  781.610485] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  781.617610] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  781.627942] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  781.637348] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  781.645570] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  781.653881] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  781.664370] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  781.672743] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  781.682321] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  781.690891] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  781.702873] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  781.711159] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  781.717898] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  781.725569] Interruptibility = 00000001  ActivityState = 00000000
[  781.732073] *** Host State ***
[  781.735470] RIP = 0xffffffff8120269c  RSP = 0xffff8801ce49f390
[  781.741822] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  781.754047] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  781.762162] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  781.768192] CR0=0000000080050033 CR3=00000001bf6d0000 CR4=00000000001426e0
[  781.775223] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  781.782056] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  781.788183] *** Control State ***
[  781.791663] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  781.798927] EntryControls=0000d1ff ExitControls=002fefff
[  781.804519] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  781.811600] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  781.818473] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  781.825080]         reason=80000021 qualification=0000000000000000
[  781.825089] IDTVectoring: info=00000000 errcode=00000000
[  781.825097] TSC Offset = 0xfffffe5b7d24fece
[  781.825108] EPT pointer = 0x00000001c78c101e
13:33:52 executing program 3:
r0 = socket$inet6(0xa, 0x802, 0xfffe000000000000)
sendto$inet6(r0, &(0x7f0000000700)="dfe278d84f047e1808a3a992ddc3897e9a0e72c21d071d767c92f5a76aabd0152fcbd05c4db7f4e5e729497dfc375f1a021a5b1fd8ea7d7047775b8daf66303ddae94f4cc9d10f0e4bd21802c30927bf91de19baad5d68d29e6c0265b15278bc3a26defe99b129cae1e0377939e119e495cb84900b82d2c0689fd8d30bcd08437ed371f99c2b1cb8434a8ed7a106d463883ccdd36f76022dd29c59311fd01f26dc7cb7bb2578798d919b871cbb90dda4fccbca8d521c0c9c95c6278cad91c144f5079d7aa44b35c54465cb314586eae1b2afb0d94912bea757906d494c2e049598bae15d4a1b6892ed414e4ca5448a7e457350859333529825a60e93889fece46d4917cb7b429852148679694cbbb5d71bd8c81da130daf7387dc095c6ea85a19f5c62434a0b42723ae95420971a2edaa24f04e1c558013be5b08d1903dd2aa5b55ff876b7df8ad497a163fc1667bf677560acc9bdc58fd2190ceb7ee16969f2b7924651b5256b83fa8cee4a85b601371092d883db7c63cc060f80cc96a47d90dfc06ebf61665b68ab6c40e701325f2ad65b98bbc038fc1f70c5cec0ef6de84b30f331304e18333bf6018ab00b454771618a74cdcb90bae013843a586b8da3f26fc134faea8f02f500ccfc8d8e056bfe8154a816b1c836d2f0345fe72801be88a7bf12b5b70f3fca631f4f27ade17670201ca78090a2ce78f7660b62d6b1ae74b433a537ec8972cd75ed3aef141e6e274274ceed44bdcd0bdfb649d39a860042261fc9ab949991711eac9264633a7f15ff272779b3015c402e43e63fa3cbb3baaffe971b739673c5313ef74a7c2a480a7302734a607e1cd559189f4aee38fbcd3bde9776c29fc8426b18bb0029546358d39ce716f03359f656cb3103e1ef253bd061d7a3e006f9f04e326f391426a8618dcf4747f189c892ca162d7a2949aedf8eb6ead2a7f8673c03830282983f880d7ff55b9bc04afd7439857238bef451407dbd506b94d8a0085a9649e9d2f24d4442ce81791d7f0b00eefc6547c57493812cb93d1166bd506ff8cd0852edd7d8ccf90a2f5f137e82c7f2b356ab3f7fc0f854f82608949d79e780d563642ee0ee73397a83117059d2b30f4dc169f98474d01200cd765918dde6c075b3444d46c0859a7d921469c7ffa6a1caac885a8f285fe70c48233d29061f13b216ac406247a68aa3c516fac4cacbd78a303377130cd92ba8331614365765b2c80cb717626c9f6e9b45d6d16b10ca7325316e8107c2b57d630b46fb8369905a2e9b75e0a3b0972634b46e44430310580e9ae49ac0f065261ca26053dc08aafb3308e40d709a6404fa39e45e9643edf205ba121470c36389e3c161ab41179418b71652f92cb4b3a6d925fcd7d5c0a13ab9c020446aae0e7d3eedf23fec3ffa6ed748953bf8a5e19960f43313f16e5bb43f3e6adc62a5a45db3ea43e44ed6ee5596a6c66c747aab8757ee26d5912a07edecd4e4b9d6f6a03c6f4d7445d041fab5cdd668280b392be052ca3095a8408ac836e6d361f5c7512768f6897b7529d658503f61bcffc714e95adabd1178191b3d82d959200e508c6358af53b7684d2cab8ed404cdfd134e004a71deaaaec8c9835e5a711b51e1829f96c2be8ad2c851f8b70c70114cbb7d647cfb26ba91f62ec29925e6f10aebbb0a28a7ffcfc360d86a70ade4d3d2bbbea005b41823f2a54b1513ee080e62d3f337a0e250d592ef3a43be37bef30496fe34eb2eb7b038bf1a8ad837c18cd9745e937d7c0503d1c50ed4a9f3d446eccc3cddc586df7c077e09119b5172dee9d6349783329c2c7a2d71dfb7c2d7aa656f2599b84fab8ee1c21073c7cf64babeb4f768d8c283ff7599849e36d5a7d7071b396fbde96af351d02ff61b159bddbb8d66e51d6431eee6173857d089d4ab3ac1c05b57c80a08fe3d1c89aefb7fe07df71b0d0f636e5b8a609af0a1e708390f828907e7691fad891c5d7a6cf7cd8842ce264ecdc1caf78795883e37a3a8b7dbd67cff31ab2c868a79691cfed0e6b153fb66de", 0x5a1, 0x8000, &(0x7f00000005c0)={0xa, 0x3, 0x0, @remote}, 0x1c)
r1 = socket$inet6(0xa, 0xfffffffffffe, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200000, 0x0)
setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000040)={0x3, 0x43d50192, 0x3ff, 0x20}, 0x10)
ioctl(r1, 0x8912, &(0x7f0000000080)="153f6234488dea5d666070")
write(r0, &(0x7f00000003c0)="679294a82c94a09830a9d437", 0xc)

13:33:52 executing program 0:
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'sit0\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="1b000000000000001edaaea25b8ab856e52adfef44022e1ede4bc4263561792b2fec6a01fffffffffc89"]})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="5fb88c750196077aa3214bebc13f7d74ad4d9320611cf5a33f2a3f09e1c926359dcfe20001c781cb67f79cb0c6f5f4bf8ed60dce2176c22a20b22b9b24172b5569ec67906e7df93b05b19ba5360f2eab62812070fc181a2483366595113b240804d882a7dcd7ac4ba53e06d02558968b978122716d1823dcc7d40155c1bc1e8433f5ba15f5ee48c0ca941fce872e497d1377e2a5bde956f003caaf58c7520f82d7346c266e8ea70dab3bb7af6d78602a31ab8d232b07f6e3ef524b552ed88a1b1c02bc89f4f671855d40a2c1c173d4bb121bc86270c32d39c4c0d09a29b8983169914d8df86417a802b772bb638f72ccdcbb46267b5751816c77b6739f484292d5ca5e1bc4efee06f4e07e6a795faee2af27a8f21298055806494ee0e961cd5bd077bd7756f9e39dd3abdbe5c598cc5cbd44c5c319af923fbc4731545ff134749c2f42ee8454bf33ef309a6323dc847676d5be2fcb9abc717fc1e29396943ec0e264a80d64ca66ef2c42a57112a8a146097d9f4256ef6e6fd73be26e9a5f79b21dae42066d9cf4441021d64a2d6fd61c7ea709948d4be380e0fa4b76dff6aeef45", 0x1a1, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
clock_getres(0x7, &(0x7f0000000200))
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ifreq(r0, 0x89f1, &(0x7f00000001c0)={"736974300000000000000200", @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"})

13:33:52 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:52 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
pread64(r4, &(0x7f0000005000)=""/4096, 0xb8, 0x0)
ioctl$UI_DEV_CREATE(r2, 0x5501)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:33:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x4, 0x800)
epoll_pwait(r3, &(0x7f0000000140)=[{}], 0x1, 0x80000000, &(0x7f0000000180), 0x8)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r3, 0x800442d4, &(0x7f00000001c0)=0xfffffffffffffe00)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:52 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xdc7f000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  782.907902] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:53 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt(r0, 0x5, 0x5, &(0x7f0000000140)=""/149, &(0x7f0000000080)=0x95)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x10100, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f00000003c0)=ANY=[@ANYBLOB="7379000000000000000000000000000000000000000000000000db00000000000000000000000000000000000000000003000000000000000085e582183d67d84b0933c907721e1fce09bf1f7418d2840bbf3c4cc3bc5c7a416b90f512cf3e41000000000000a3610facafae9265b36fe483f60a000000000000000000000000000000000000"], 0x48)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
write(r3, &(0x7f00000000c0)="8d", 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
read(r3, &(0x7f0000000100)=""/52, 0x34)

[  782.959573] *** Guest State ***
[  782.971340] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  782.990803] hfs: part requires an argument
13:33:53 executing program 0:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=ANY=[@ANYBLOB="801aba8c54548347ca3c41d6bd5ffa3e932aa55de8d3fbf6eebb96d643db169ac4c8385bef4f"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='hugetlbfs\x00', 0x0, &(0x7f00000001c0))
mknod$loop(&(0x7f00000000c0)='./file0/file0\x00', 0x2004, 0xffffffffffffffff)

[  783.004968] audit: type=1804 audit(1539869633.026:107): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
[  783.007185] hfs: unable to parse mount options
[  783.048251] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:33:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4002000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  783.096944] CR3 = 0x0000000000000000
[  783.102531] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  783.119115] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  783.156732] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  783.165084] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  783.192933] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:53 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
fcntl$setstatus(r0, 0x4, 0x443f8)
r1 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)

[  783.210144] IPVS: ftp: loaded support on port[0] = 21
[  783.227525] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  783.244007] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:33:53 executing program 0:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f00000002c0)={0x5, 0x10, 0xc7, {&(0x7f0000000600)}}, 0x18)
socket$inet6(0xa, 0x2, 0x1000)

[  783.258756] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  783.290069] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  783.307507] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  783.330952] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  783.340633] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  783.363310] audit: type=1804 audit(1539869633.386:108): pid=8888 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
13:33:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x18870500]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  783.413248] audit: type=1804 audit(1539869633.416:109): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
[  783.436687] audit: type=1804 audit(1539869633.416:110): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
13:33:53 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
r2 = dup2(r1, r1)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="2fea318181fd8cd20f40eec2403dc1d2b6a604ad17a26a7d99217fcbc7c1e459846da0fd6ee6214a0f9080d574da681c5d1517f7525dd71bbf46da8436286fba67d2daaa3ec98bc2e1d47ff59734b8f1348d94c6f4b9169fd70432560b6675491f8ef07284e2939b3703261a7e7384553045a194b589709eb95dd049e1dc5944952e870ce6a432d86734f0fc7905c8eab3fb0000000000"], 0x1}}, 0x44801)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[@ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="a693f9714864fc33948eba9a50340442897ec1c9a73466b49b708d27f8a986ad5970cc06408fa7452be3905c9800770f93640cf50d49e95b97f95618d583b222e5cc65fa9c2fbbfa57da921cfea5df4967492719f9124c8ffc19c08e14cb90c495ca82a74b371afdf79f360b5c11ea3a0a6ec553f2302586dfcf3990"]]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x40002)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000600)='/dev/ashmem\x00', 0x2, 0x0)
sendto$inet(r1, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000000000, @empty, [0x0, 0x3e8, 0x0, 0x0, 0x5000000]}, 0x0)
ustat(0x80000000, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8)
fcntl$getownex(r1, 0x10, &(0x7f0000000280))
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2f, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000440)=""/201, 0xc9}, {&(0x7f00000002c0)=""/52, 0x34}], 0x2)
socket$inet(0x2, 0x7, 0x85)
clock_gettime(0x0, &(0x7f0000000240))
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000300), 0x10)

[  783.465711] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  783.493153] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  783.507398] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  783.514036] audit: type=1804 audit(1539869633.416:111): pid=8923 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
[  783.543554] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:33:53 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
pread64(r4, &(0x7f0000005000)=""/4096, 0xb8, 0x0)
ioctl$UI_DEV_CREATE(r2, 0x5501)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  783.586787] Interruptibility = 00000001  ActivityState = 00000000
[  783.603907] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  783.611580] *** Host State ***
[  783.625604] audit: type=1804 audit(1539869633.416:112): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1063/bus" dev="sda1" ino=17542 res=1
[  783.652674] RIP = 0xffffffff8120269c  RSP = 0xffff880183cbf390
[  783.659165] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  783.674594] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
13:33:53 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes-aesni)\x00'}, 0xffffffffffffff64)
bind(0xffffffffffffffff, &(0x7f0000000040)=@un=@file={0x1, './file0\x00'}, 0x80)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x20000, 0x0)
ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0)
r2 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
socketpair(0x0, 0x3, 0x1000, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x5, &(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x13f, 0xf}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r3, &(0x7f0000000240)={0xb, 0x10, 0xfa00, {&(0x7f0000000100), r4, 0x200}}, 0x18)
ioctl$KDSETLED(r1, 0x4b32, 0x7fff)

[  783.740569] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
13:33:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x10000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  783.821746] CR0=0000000080050033 CR3=00000001c318f000 CR4=00000000001426f0
[  783.870864] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  783.891204] hfs: part requires an argument
[  783.895474] hfs: unable to parse mount options
[  783.917375] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  783.926152] audit: type=1804 audit(1539869633.946:113): pid=8947 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1064/bus" dev="sda1" ino=17502 res=1
[  783.986209] *** Control State ***
[  783.989824] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  784.009925] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  784.023395] EntryControls=0000d1ff ExitControls=002fefff
[  784.046105] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  784.071861] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  784.086443] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  784.100303]         reason=80000021 qualification=0000000000000000
[  784.120770] IDTVectoring: info=00000000 errcode=00000000
[  784.137096] TSC Offset = 0xfffffe5a57d3ccad
[  784.145103] EPT pointer = 0x000000017f0c701e
[  784.166828] device bridge_slave_1 left promiscuous mode
[  784.172457] bridge0: port 2(bridge_slave_1) entered disabled state
[  784.203909] device bridge_slave_0 left promiscuous mode
[  784.240970] bridge0: port 1(bridge_slave_0) entered disabled state
[  784.349474] team0 (unregistering): Port device team_slave_1 removed
[  784.362180] team0 (unregistering): Port device team_slave_0 removed
[  784.376586] bond0 (unregistering): Releasing backup interface bond_slave_1
[  784.393004] bond0 (unregistering): Releasing backup interface bond_slave_0
[  784.438762] bond0 (unregistering): Released all slaves
[  785.358757] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.365238] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.373384] device bridge_slave_0 entered promiscuous mode
[  785.423070] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.429646] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.437520] device bridge_slave_1 entered promiscuous mode
[  785.488022] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  785.534644] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  785.679202] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  785.729126] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  785.959863] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  785.969142] team0: Port device team_slave_0 added
[  786.016424] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  786.023858] team0: Port device team_slave_1 added
[  786.069825] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  786.099140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  786.129290] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  786.136503] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  786.144460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  786.174131] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  786.181664] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  786.190333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  786.457306] bridge0: port 2(bridge_slave_1) entered blocking state
[  786.463665] bridge0: port 2(bridge_slave_1) entered forwarding state
[  786.470341] bridge0: port 1(bridge_slave_0) entered blocking state
[  786.476712] bridge0: port 1(bridge_slave_0) entered forwarding state
[  786.484103] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  786.495985] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  787.466488] 8021q: adding VLAN 0 to HW filter on device bond0
[  787.561541] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  787.656286] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  787.662430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  787.670558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  787.761836] 8021q: adding VLAN 0 to HW filter on device team0
13:33:58 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:58 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfec0]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:58 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x414041, 0x0)
bind$bt_sco(r0, &(0x7f0000000080)={0x1f, {0x10000, 0x54a, 0xffffffffffff4ec7, 0x41, 0x81, 0xfffffffffffffff9}}, 0x8)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f00000000c0)={0x4})

13:33:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80, 0x0)
sendto(r3, &(0x7f0000000140)="51e42a5bdb136c0c3939c46bbb30c21c1bef13522b368584d945ab6755a24812031a7ceb8e0dd588bb4247decec96058ed439a4a5c1770a4406d22618ad061bd24fb0fb66a22dbe5134cfe0425914ff90a275c231c32109c57095d29098cbb031d69c147133f626515588b4feb16718a90b831b32486ec2e1a14", 0x7a, 0x80, &(0x7f00000001c0)=@ipx={0x4, 0xa634, 0x401, "50ac911b4f82", 0x1ff}, 0x80)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$UI_DEV_DESTROY(r2, 0x5502)

13:33:58 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000040)='./file0\x00', 0x40000080)
inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c)
r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0)
ioctl$KVM_PPC_GET_SMMU_INFO(r2, 0x8250aea6, &(0x7f0000000300)=""/82)
ioctl$TUNGETFILTER(r2, 0x801054db, &(0x7f00000000c0)=""/14)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={<r3=>0xffffffffffffffff, r2, 0x0, 0xc, &(0x7f0000000180)="00000000003a13fc2dcbcb52", 0xffffffffffffffff}, 0x30)
r4 = getpid()
kcmp(r3, r4, 0x1, r0, r0)
r5 = dup2(r0, r2)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000001500)={{{@in=@broadcast, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast2}}, &(0x7f0000001600)=0xffffffcc)
setsockopt$packet_drop_memb(r5, 0x107, 0x2, &(0x7f0000000140)={r6, 0x1, 0x6, @dev={[], 0x10}}, 0x10)
fcntl$setpipe(r2, 0x407, 0x4)
ptrace$getenv(0x4201, 0x0, 0x0, &(0x7f0000000000))
statfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=""/4096)
syz_open_procfs(0x0, &(0x7f0000000080)="00000000003a13fc2dcbcb52")

13:33:58 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
pread64(r4, &(0x7f0000005000)=""/4096, 0xb8, 0x0)
ioctl$UI_DEV_CREATE(r2, 0x5501)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  788.340186] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:58 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000000c0)={0x0, r2})

13:33:58 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  788.457702] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  788.484934] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:58 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  788.531967] hfs: part requires an argument
13:33:58 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}], 0x1, 0x0)

13:33:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)

[  788.596509] hfs: unable to parse mount options
[  788.612845] audit: type=1804 audit(1539869638.636:114): pid=9255 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1065/bus" dev="sda1" ino=17555 res=1
13:33:58 executing program 3:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000000)="120000001600e70d017b19000000000000a1", 0x12, 0x0, 0x0, 0x0)

13:33:58 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8001a0ffffffff]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  788.707589] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:58 executing program 0:
io_submit(0x0, 0x0, &(0x7f0000000780))
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f00000007c0)={{0x5}, {0x6}})
r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x8003, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x4e24, 0xfffffffffffff800, @local, 0x9e3}], 0x1c)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt(r1, 0x0, 0x0, &(0x7f00000003c0), 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x0, 0x3ef, 0x8000000, 0x3f00000000001300, 0x0, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
close(0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0x80045301, &(0x7f0000000900))
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e22, @rand_addr}}, [0x0, 0x3, 0x10000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0xf15]}, &(0x7f0000000080)=0x100)
shutdown(r1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x89a0, &(0x7f0000000100)={@local, @empty, @loopback, 0x3})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000440))
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000200))
read(0xffffffffffffffff, &(0x7f0000000000)=""/55, 0x37)

13:33:58 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  788.750900] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  788.859813] *** Guest State ***
[  788.872873] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:33:58 executing program 3:
r0 = socket$inet6(0xa, 0x803, 0x2)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="0a5c2d023c126285718070")
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', @ifru_map})

[  788.908513] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  788.925967] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  788.946456] CR3 = 0x0000000000000000
[  788.949663] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:58 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4002]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  788.957192] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  789.023793] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  789.041163] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  789.049381] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  789.058187] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:59 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:59 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
pread64(r4, &(0x7f0000005000)=""/4096, 0xb8, 0x0)
ioctl$UI_DEV_CREATE(r2, 0x5501)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  789.067089] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  789.075328] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  789.132993] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  789.141159] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  789.167868] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:33:59 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  789.176451] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:33:59 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff0f]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:59 executing program 3:
add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={'syz'}, 0x0, 0x0, 0xfffffffffffffff9)
r0 = openat$vhci(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhci\x00', 0x4000, 0x0)
write$P9_RRENAMEAT(r0, &(0x7f0000000380)={0x7}, 0x7)
creat(&(0x7f0000000140)='./file0\x00', 0x60)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000002c0), 0x12)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x10a}}, 0x18)
pipe(&(0x7f0000000100))
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x280900, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getrusage(0xffffffffffffffff, &(0x7f0000000200))
r2 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
sendfile(r2, r2, &(0x7f0000b58000)=0x200000, 0xffff)
dup2(0xffffffffffffffff, r1)
syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0)

[  789.222132] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  789.277393] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  789.315491] hfs: part requires an argument
[  789.326071] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  789.344653] hfs: unable to parse mount options
[  789.359362] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  789.376363] audit: type=1804 audit(1539869639.396:115): pid=9315 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1066/bus" dev="sda1" ino=17569 res=1
[  789.376456] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  789.407324] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  789.420797] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  789.441511] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  789.469800] Interruptibility = 00000001  ActivityState = 00000000
[  789.510086] *** Host State ***
[  789.523455] RIP = 0xffffffff8120269c  RSP = 0xffff8801caf37390
[  789.542372] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  789.611067] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  789.656041] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  789.682413] CR0=0000000080050033 CR3=0000000185787000 CR4=00000000001426f0
[  789.728849] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  789.735720] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  789.754816] *** Control State ***
[  789.758922] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  789.765753] EntryControls=0000d1ff ExitControls=002fefff
[  789.771836] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
13:33:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:33:59 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:33:59 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x7d011080]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:33:59 executing program 0:
setxattr$trusted_overlay_opaque(&(0x7f0000000380)='./file0\x00', &(0x7f0000000480)='trusted.overlay.opaque\x00', &(0x7f0000000340)='y\x00', 0x2, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x100, 0x8)
ioctl$sock_bt_hci(r0, 0x400448e2, &(0x7f00000001c0)="c571c6abbd765879e0a23289c791e97908f031cbea1f35f9659c96ce8aeda27fd045eb099b9614abeeb8dcbdfe5e8757b7119aa8d69c4dcfd9642b887dc613922b64884b53ed65250976d253dc9287a05e8d71da4b705753e3e12d5a1012291261")
r1 = gettid()
getpgrp(r1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x80400, 0x0)
r3 = dup(r2)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x40044591)
r4 = inotify_init1(0x800)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000080)={0x0, <r5=>0x0})
ptrace$setopts(0x4206, r5, 0x0, 0x0)
ptrace(0x4207, r5)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r6 = openat(r3, &(0x7f00000000c0)='./file0\x00', 0x8804, 0x0)
clock_adjtime(0x1, &(0x7f0000000500)={0x4, 0x3ff, 0x0, 0x3f, 0x400000000, 0x2, 0x60, 0xfffffffffffffe01, 0x0, 0x1, 0x8, 0x0, 0x40, 0x7fffffff, 0x9, 0xff, 0xd9, 0x7162, 0x400, 0x400, 0x2, 0x1f, 0x0, 0x1, 0x4, 0x4})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={"79616d300001178b00", 0x8001})
ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f00000003c0)={0x5, &(0x7f0000000140)=[{}, {}, {}, {}, {<r7=>0x0}]})
ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000440)={r7, 0xb})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = inotify_init1(0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x8000, 0x0)
fcntl$setown(r8, 0x8, r5)
fcntl$getownex(r8, 0x10, &(0x7f00000006c0)={0x0, <r9=>0x0})
ptrace$setregset(0x4209, r9, 0x20000004, &(0x7f0000000040)={&(0x7f0000000040)})
getpgid(0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r10 = getpid()
sched_setattr(r10, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8000000200000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:33:59 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
pread64(r4, &(0x7f0000005000)=""/4096, 0xb8, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:33:59 executing program 3:

[  789.791077] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  789.804308] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  789.815517]         reason=80000021 qualification=0000000000000000
[  789.826018] IDTVectoring: info=00000000 errcode=00000000
[  789.831494] TSC Offset = 0xfffffe572e3aabaa
[  789.836171] EPT pointer = 0x00000001bee0401e
13:34:00 executing program 3:

13:34:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  789.918892] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  789.953029] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:00 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfc000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  790.030995] audit: type=1804 audit(1539869640.056:116): pid=9354 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1067/bus" dev="sda1" ino=17567 res=1
[  790.055989] hfs: part requires an argument
[  790.065653] *** Guest State ***
[  790.095572] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  790.106317] hfs: unable to parse mount options
[  790.112160] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:00 executing program 3:

[  790.163867] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  790.203440] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  790.232579] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:34:00 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xf5ffffff]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  790.316070] CR3 = 0x0000000000000000
[  790.320161] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  790.353696] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  790.408245] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  790.457391] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  790.492640] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  790.513521] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.526130] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.534134] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.542225] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.550267] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.559333] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  790.567452] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  790.575447] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  790.583694] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  790.592146] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  790.598788] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  790.606625] Interruptibility = 00000001  ActivityState = 00000000
[  790.613018] *** Host State ***
[  790.616449] RIP = 0xffffffff8120269c  RSP = 0xffff8801bd58f390
[  790.622612] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  790.629260] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  790.637264] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  790.643315] CR0=0000000080050033 CR3=00000001c5eab000 CR4=00000000001426e0
[  790.650585] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  790.657464] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  790.663676] *** Control State ***
[  790.667346] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  790.674172] EntryControls=0000d1ff ExitControls=002fefff
[  790.679846] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  790.688481] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  790.695312] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  790.702103]         reason=80000021 qualification=0000000000000000
[  790.708672] IDTVectoring: info=00000000 errcode=00000000
[  790.714278] TSC Offset = 0xfffffe568c8fdca6
[  790.718826] EPT pointer = 0x000000018a71401e
[  790.760661] *** Guest State ***
[  790.763985] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  790.782381] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  790.792351] CR3 = 0x0000000000000000
[  790.796643] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  790.802644] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  790.809005] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  790.815924] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  790.824235] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.832361] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.840575] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.849160] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.857594] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  790.865562] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  790.874232] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  790.882254] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  790.890298] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  790.898308] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  790.904726] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  790.912211] Interruptibility = 00000001  ActivityState = 00000000
[  790.918480] *** Host State ***
[  790.921665] RIP = 0xffffffff8120269c  RSP = 0xffff88018988f390
[  790.927691] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  790.934113] FSBase=00007f9b60ee1700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  790.942012] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  790.948467] CR0=0000000080050033 CR3=00000001c5eab000 CR4=00000000001426f0
[  790.955475] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  790.962208] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  790.968313] *** Control State ***
[  790.971760] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  790.978471] EntryControls=0000d1ff ExitControls=002fefff
[  790.983935] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  790.990899] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  790.997661] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  791.004225]         reason=80000021 qualification=0000000000000000
13:34:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:01 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x5)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:01 executing program 3:

13:34:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:01 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe803]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:01 executing program 0:

[  791.010582] IDTVectoring: info=00000000 errcode=00000000
[  791.016102] TSC Offset = 0xfffffe568c8fdca6
[  791.020883] EPT pointer = 0x000000018a71401e
13:34:01 executing program 3:

13:34:01 executing program 0:

[  791.123615] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:01 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  791.207601] audit: type=1804 audit(1539869641.236:117): pid=9400 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1068/bus" dev="sda1" ino=17585 res=1
[  791.232925] hfs: part requires an argument
[  791.250211] hfs: unable to parse mount options
13:34:01 executing program 0:

13:34:01 executing program 3:

[  791.335098] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  791.379754] *** Guest State ***
[  791.384289] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  791.390892] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  791.429724] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  791.451508] CR3 = 0x0000000000000000
[  791.456850] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  791.464630] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  791.471183] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  791.479509] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  791.493399] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  791.502581] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  791.510749] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  791.518789] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  791.526804] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  791.534761] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  791.542781] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  791.550808] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  791.558848] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  791.567050] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  791.573459] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  791.580974] Interruptibility = 00000001  ActivityState = 00000000
[  791.587266] *** Host State ***
[  791.590461] RIP = 0xffffffff8120269c  RSP = 0xffff88018988f390
[  791.596523] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  791.602946] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  791.611453] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  791.617436] CR0=0000000080050033 CR3=00000001c3fc9000 CR4=00000000001426e0
[  791.624469] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  791.631593] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  791.637709] *** Control State ***
[  791.641168] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  791.648253] EntryControls=0000d1ff ExitControls=002fefff
[  791.653700] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  791.660695] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  791.667450] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  791.674017]         reason=80000021 qualification=0000000000000000
13:34:01 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe3b0000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000a00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:01 executing program 0:

13:34:01 executing program 3:

[  791.680374] IDTVectoring: info=00000000 errcode=00000000
[  791.685879] TSC Offset = 0xfffffe55d8d0851f
[  791.690191] EPT pointer = 0x000000018842201e
13:34:01 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
fcntl$setflags(r0, 0x2, 0x1)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000140), 0x4)
ioctl$int_out(r1, 0x0, &(0x7f0000000180))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = memfd_create(&(0x7f00000001c0)='%vmnet1.vmnet0vboxnet0\')bdevvboxnet0\x00', 0x1)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r4, 0x800448d3, &(0x7f0000000200)={{0x8, 0x100000000, 0x2, 0x4, 0x4, 0x9}, 0x4a9, 0x3f, 0x4, 0x8d8f, 0x53f, "c6a896592a17d3af56c5ec4b3cdb388a5378c8169f464fba726904d376c6799262e6830fcc158101fe5307fd8ac5b7204b73c278ad7af91e42661cd325af8ce84445080d74b7dd51ed5d98ab5ef67d504941dea4e6f54947c6cade8a6ea455c5a345572db132135ce5ea60a82e90bc93686ca6e6a8f5820325ee8d8226dbd545"})

13:34:01 executing program 3:

13:34:01 executing program 0:

[  791.815447] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  791.835367] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  791.878018] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  791.928148] hfs: part requires an argument
[  791.938820] hfs: unable to parse mount options
[  791.949027] *** Guest State ***
[  791.952349] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:02 executing program 3:

[  791.966989] audit: type=1804 audit(1539869641.996:118): pid=9441 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1069/bus" dev="sda1" ino=17593 res=1
[  791.981485] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  792.001393] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:34:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:02 executing program 0:

[  792.030135] CR3 = 0x0000000000000000
[  792.037080] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  792.065161] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  792.096584] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  792.120290] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  792.139511] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  792.147759] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.158342] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  792.166760] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.175527] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.191800] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.200160] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.208675] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  792.217163] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  792.225317] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  792.233529] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  792.241733] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  792.248369] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  792.256201] Interruptibility = 00000001  ActivityState = 00000000
[  792.262747] *** Host State ***
[  792.266336] RIP = 0xffffffff8120269c  RSP = 0xffff880183ec7390
[  792.272473] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  792.280167] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  792.288382] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  792.294311] CR0=0000000080050033 CR3=00000001bec81000 CR4=00000000001426f0
[  792.301451] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  792.308460] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  792.314531] *** Control State ***
[  792.318086] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  792.324764] EntryControls=0000d1ff ExitControls=002fefff
[  792.330361] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  792.337442] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  792.344128] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  792.350867]         reason=80000021 qualification=0000000000000000
[  792.357248] IDTVectoring: info=00000000 errcode=00000000
[  792.362702] TSC Offset = 0xfffffe5585fedf7a
[  792.367252] EPT pointer = 0x00000001889f401e
[  792.376263] *** Guest State ***
[  792.379591] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  792.379608] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  792.379621] CR3 = 0x0000000000000000
[  792.399094] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  792.408360] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  792.414330] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  792.421068] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  792.429421] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.437502] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.445494] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.453687] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.461780] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  792.469871] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  792.477923] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  792.485999] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  792.493963] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  792.502036] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  792.508507] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  792.516023] Interruptibility = 00000001  ActivityState = 00000000
[  792.522283] *** Host State ***
[  792.525490] RIP = 0xffffffff8120269c  RSP = 0xffff8801bb1ef390
[  792.531733] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  792.538937] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  792.547033] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  792.552927] CR0=0000000080050033 CR3=00000001bec81000 CR4=00000000001426e0
[  792.560035] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  792.566798] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  792.572843] *** Control State ***
[  792.576365] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  792.583083] EntryControls=0000d1ff ExitControls=002fefff
[  792.588661] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
13:34:02 executing program 3:

13:34:02 executing program 0:

13:34:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:02 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x100000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:02 executing program 1:
socketpair(0xb, 0xa, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x8000, 0x0)
ioctl$sock_inet_SIOCGARP(r5, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @broadcast}, {0x306, @broadcast}, 0x2c, {0x2, 0x4e22, @loopback}, 'veth0_to_bridge\x00'})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
fcntl$getown(r1, 0x9)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000003c0))
r6 = getpgid(0x0)
r7 = syz_open_procfs(r6, &(0x7f0000000380)="6361d70000e6ffffff00a8302630be2e415f2e")
epoll_pwait(r7, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, 0x7, &(0x7f00000001c0)={0xfffffffffffff826}, 0x8)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
listen(r1, 0x5)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r5, 0x40405514, &(0x7f00000002c0)={0x8, 0x8bdaf66ba43cda62, 0x8, 0xfff, '\x00', 0x2})
fcntl$getown(r2, 0x9)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

[  792.595593] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  792.602324] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  792.609014]         reason=80000021 qualification=0000000000000000
[  792.615321] IDTVectoring: info=00000000 errcode=00000000
[  792.620809] TSC Offset = 0xfffffe5585fedf7a
[  792.625134] EPT pointer = 0x00000001889f401e
13:34:02 executing program 0:

13:34:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000002a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:02 executing program 3:

[  792.744354] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  792.778584] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  792.830742] hfs: part requires an argument
[  792.861852] hfs: unable to parse mount options
[  792.881763] *** Guest State ***
[  792.885079] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  792.896297] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:02 executing program 0:

[  792.905497] audit: type=1804 audit(1539869642.926:119): pid=9480 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir964824996/syzkaller.QOybxR/1070/bus" dev="sda1" ino=17590 res=1
13:34:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xa00]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:03 executing program 3:

[  792.956338] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  793.015400] CR3 = 0x0000000000000000
[  793.036316] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  793.044693] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  793.056074] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  793.062248] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  793.077833] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:03 executing program 0:

[  793.087267] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  793.087429] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.106791] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.122021] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:03 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x5, &(0x7f0000000680)=[{&(0x7f0000000740)="d4e7929dd9ae8d826b5e73ae441a1e637386d6d47cd88559f24ad1c3621934943504a3dc89ac1973a69444ac037cd57d14fe9f295fc2e1690ec0b13e6e454c4697ab01c51396f942052536e9c4678022bc587700ef4f3766272022b1e54b0a0a741f049d5b03171e7884bdcaaca918feda11ab3c2dfdd23d4b6988b88456ce866bdbfee8e5a594c89233b75c6bcce5e06f878880f8fe44ae87f1f0a075f00108524f25c3a0edcf89a6e2b7dfe2eeb2494f41e5035591b39255df97b5cdbc9d71af24dfc5112f29cb044e27601a8890467c5677f85e94ad89a7241eceec4dcb604a1ce3e6f1173410d4ca717a3efa45acaae8c27da66b24eb4f28b41584bd760e36549d60f8d242702f40448a4026568f13acb41dd4bf08a8d101cda02ff052973d0778d7fb5a9cf6802f03c814dd8c8480ef0409248556cf2687a64097d4166ab9c669ef789458a8b6ac86f5bdcd597a6119a9fdf6c30fe4aac41f549ae7fe0dede3b0ff14cd2a37b64ad5d2781ee4de94c05522ee5df0888781e9a25d82b6d2672337506e17a1ec043d7dc1c1bd71967dbe0f9ae4e94912c669e41371899ac6505279695b4d95b144319e69cdfdd8bec1a057d9da686020524aaadb819c259424a3307f3a895b4ad7cbf9802acb4af9c3f2db30ea6bf7129cdb11d9ed0dcf182201b5f469555855c5958bcbea7b0d29894bb3cd1f420fab9a84f480884d2f2ed880c05830a52a97cc909a0e98fe0f99ec6ed97eb87a7141be3c340c6cd0bba9e79f1c11cd24b1188467f900a3202d2d2ac34ccf53097b9c298e1ff9b470fdb2b29c81e44c6c022dcc6f03a63a2fd02fb2a6d80f4857b54332627fcfe1d2a32e62f3b682ab83467a421e73646fb84b7194c3b82dd79a271d82870e37ecadb31ae3379ddecf07d1971dcc2eec1f32ffcbd0074c96124f81afadb57cec070e0409427e842230de2b4e38fd53a87bf1ab561fc75368b993b3bcd166e384b5d7074cddc53eb2ddf287d8a5101456849a9bffa6cfdf5d7d0cc6a6b360847dd7f852b6d4c1dac1d57e34894653377ca6d2ed3e9faa82adf2ad03df46b63600bbeb846079ae0f53baeecbb58e5163d76f3b967e70be8416e9e3388076634568cb3670bebdcc34eaade1467590e59d4e95fd1638ff5f987ba67aad583da336e64d6f8178490daa3ee7871950669a095ef4f91ca89a741a28507158515581848863b03d07835007d1e18ac7e48476edc0f63862b6da16118b42b32c187c0fbea255c14f89780c9ab3877490a84d8550221578313309e840c16425d7f81fc30cc5c1369db99239f7c42b6bf8385c33ab39b960886522eb7c7ae640c2d5125851ed8f79ff9939cfc76836e4cb6907a6395ca299b69c0d33e72c0fce7b0e5a8eb271d83b6c0322de204e741ef9cae43121463a498fcf75e35bbfaa1f91faf32a67a80640983e911914ddfb875f4811e51f03fd94aa4501d088eabb1b0f1e00382de47494cfba22a03ebe9f452e0f4c70e46f33162f33b199fc1e56a5f4e350a1bf8a5b64153939b45302d0fed073eec86e20625b980ac4fddbc980f633b3d45b1b91ab2327f5285acd4bcd7a0824e2f0901d86734a29765ccebf4b53cc8620b8835990b1e14956f728deaff3ccb07f761062c382ee7a4dc4dceebc0310ba376c7f0492132be4cf8bcd8c2e6652a368226a47f49265505f6b483f1ce0af2a9adb038c0c5c8eea58d96e27fe2dba04f385bcc0a5dbea935df1fd9f025d014ef115de250955b49ad3aa12b734e16598db887bd1a4d8073c0a6f74339ef6cea780601d28543e52d14df9068c9dd66dc9f746d2e29ab296b806e482cd71ae4430aef569d4da05e1880b3f8265dc43f3b42e158eb17e0f94768a02febbcb66ebe26fd1edbb6886cd03f58b5bd29c8a2f3a37881e665c49a3b5e4bb6246afd4de172924c82a0ce6bb11b9d35096b74cacc10538328bcd42a297b4ac70b62f05fb7f8827585b53f73207f5aa477ca192c85c6cbe071856a7e9e1a8ee72ce595c4c0954b65c5dd144fb3887f702c375d554775440ca73feafbbc658eab31dfd86b8a725ecabcef83199e9a1673c2ac9e4c533a1879cf9c56e1369016964b0db2a453714b2281182f46463a0f7a5841492064fd34238f39e3b89be82146c76dc0bda845be74d3c07429199760234a09e962e2ada2c9ad688dca375bdca73edcc5fab80214933625b994bd088cd4cb9b13c184cd7e8510c6e91a1eebbf36c923357514d43e18767edeb12b654ab5072dac431cf1491172804f85542e7514b05f12e8522659e3024a6f58734cff8995dce0f1cf0fd4827c6bfb62cbce241bd0cb1c66aacf9321ca7209dfdc438f26b10fc5d1547ef6c978c72822be3a1f2c89e22957519fe2b48627c6ce02395fcf042cc2acf3ad1c2d6beb86a4fbf3563c083b9a98929d370d2769725a5e4212535819805ab9a98b5093141425b10467027887d966ae6ec24e12caba6b86a60294814a3a7dbc4ad2414eb94716fb1287de56188244c3dbb5347cb07ca1f594950a09add2faf42a7c52f42ce6d93f104bf4150814ec0c806deb9a63317c7fc4e2bf1721a87649f06de0ad83e462da8c2856c4f17b38a0a62b60e5b61222b7599ceaaa07398f02cd6beb32b3ff4281d25c9deee68a86bb13031b96b6657caa33beedde8db5ff87c683880cad63dad8d1951c60a0c133fcbe5671d02cba03e37fc64a79a4fa57b99c288e49bb6b41387c636ae3676e7408519dc2800123f86206efcc4652851d0aca11d91a4ac2021c4def842a016aa42f95e99ede2a5747c089386fa78cf666a8f6106fc9fb839bd599091dc6487948533c2f0115d29734950ba8eecc81a46f2d6a4f43c37d495886159d2f7a170efb02f7b0a82e62f90a9f6a82a405b37dd9ca17d86c6457bc2907843fd6d9e2195d7d42e529327736857345841e90b344682624fa2d77e154780c866b3dccd9c5fbe79522ef08ccda2a9cea0670a81e11d025e4c9aaaad96ebe0ae89054487ac4d1c4c1424fbba6ed18e9e1f596a7d8496d346deca0842480acc876dafdbaa4887df19c69b9bdc64220e365a660b7846245f17b436738c936d8ff92b68f6daf2a1f3be7a49f0d286c96b683216a988faa7b7541630042df867816e71b902b694ae74354bd142389a3354f0bd775611af339a3f41865fac98d1315e495192ac3f391364c27ead1d3cb6fdf54cfba2d8c19cdb74a0597c83df5456eb43832c0f5d905ff102ec57b9a4b5b81e5d4915c3cc402a82f251c93b507f50df5a69aefa05c1066f1250fd5d6b20a6b19e787e06a4cc306f8a3884d569cf789da480c967a19e2d6f8730cf8325cdb2e0f1afc7807478246c9e661984fd3c53d14b86c993a62e5bbeb19466b178b5442afe2aa021b65b90c4114366ca2801c2935d61a9ebcb455fd92497713c5a0f071bb35f22f632ad27e6f8d074d92292cad1bbc7b5222bd02ec1cdc292d5aebfe229c7d5096973e2cec97d2d7530c7afe79132110512316659e786cf9c6b84c20bbd5c4fa2de158c2bdc6dcb9c197647c06e4283816224effe80a65f892b4dd7092dc2f1ece251bad3d5eda71964d1503dc42cfa3118c00121f451c9598ec26675c5e707e955602d3c010e949103d9c5799616a0ea2c6e0e39891bdf346eafcd87e46554e17d61705167760eefb697287a37437bdc059a29fff25f9b95ad48b320332c9148e3ad9475d163c468a318ad2e0bb3e851386f25a79f77204c4914a733fcfc8ce2017042cfd84578d9e173082e87276cc8c1b78d30bf16a56bda337f351bd4476cde324da8af7cfc158784dad76dce902cbf55f1277914e85c427bcb606b39c649973f2e2e7b5c777028c08f6d6c2f0c5cb5b7902ee3ee79e8e301554d07ea9c8f89a805ad38b28f12e476514a786d38faeb66f5a6f17809a7013b857e1bd44dfbc8878407b2b719eb1d98ddd03495b9cbde8345794e1edd79a02e3db870dad5832cc07856382556f652f644d4e77fe9bd7d03d56387d350cc2b362eb6370e6db19a5f094d7b0f7b8ccd3fe12cd135f80020b774d413e5232b2b6c941ec633e5549ea2769ea04cdc1f75029f9e63b659a0a5740d8577beba7d0c58d0cb8c55c8ac1d789aa79af1405b9dc864868e65aa87e7c376b2e12842d644021abacc00a6726d8de7fcbbf79a7ad4a9ab1dd99b9dae0e7c5fbc2fdf4b7f3b5436bbc81c9510a0377a5dc5e02e6c5a7ecf9dacf10359efc59aede010c328e8de05b96b97cf2e131148544026544311e4c4e9ab6994875acf08dfd1cf24cb6cf37d6cfdd88f2e2c988ddb9ec1ede2ca9306563ae38a702798b646d47549ef9adc7b06980a9f223fc1510ff77c940d404f15ceeb82e0e7b5931a60dc08c1c17b140101313722c8d2092eb2d1536f694373f79df9bb90d0d68a5d89f4da99a7d9a4480eefc222da52db8b4ac2bbff87fd7baa584ac065fe149fc46bef69a66ae2db7764866aa0ae01d3b10e940b4fbe57d2d267e22c3ff41b2bb223c37925ae0b6b5049ece24628e85714dd28f018f86d6d7c51fd47dcab0d968dda5b578d48c287c9df496ae4815ca2f23120f348ef98e883416fb16dcd80c6df19d4e62d788102b2cc9939d304c93295733258e9a49cf10c8ce1d86091e5a042076ae5912f769019dfbdf2d673baa877b75bcee5ab5047cbea3a8e044f841dc007f0861e2f5e95f47190002c22af56c732a24ce571af2949e835a56754dacff034fd7065770f969d1db887116990ba4053126b1aa538cc5e7a6f6a310d2ec8af202bdafb70a5c9f1137147b758575a9110400ec6b63fb6757da4a88e015d9854d9689f349fb53a341a331f4491bf8cf6fc90455ff86126b05fe46f281db2d63639e1e4d87bf5868909764fdeda5424792d333e05f3edec97217ee4e367df5c2c28c24c1c4364028b4285e39b7a4e83342d273776024a62262c96a20a8af56a2869efdb71554768b30f96385e8a461a6d790b1542ca41e689403143c0bac840e4779c752e2ea7b6abd88c874acd1fcd9cfdfe056066d822aef37b5ba0e4ef1965a697a74d200086039407d09ea586ff7b85e81ef379ae2d32a16293591be74a43a7426675ce4fb4e3b57f05d37a662223305b52b4765bd37f48864d0f6c399899122236378799b5395c52fe995ea6bca34de118bcc504ab1f2bf6fcb7def10da0668589fd6092bbbd0e8743cbcdc2afa74c56fcad75efcb081f9d1406fa25daecd2045107da0d6328e1960638fb26e188078c514e1beeec2383c5071fb465b2ad6e08cce5df9836fb87e4a1bf36426aa6eee3c2d31abf0e5bd603eae1b01a12ee2496cea259dec2c6ac9736510c5da778bc743f99c9271ad0953cd62c79b6f83d30f330c34d36912f7523786ba812dd1d0d68b46e9c9c2308a82069335764aca8f8558b4d23eda201f85e5fddfd87e24a859adf96e50883c87246749d1e6b6618506c1597757b60faccda3698234d7cbe76002c0a11bf5b41c58edf96b91aa82a8e16ed812a0775b33d3a5cc0c914b04ff5e007e287ce64a073ea574d1e7b66c393d400481a5bf81caf2c231e6734b93f43b26bfaac8adca4f3b3ef98a69cb3e4a5bcbb74bd0c8ce8c1a7ae7d97b4652dff3e1ff73fa76bde974cc81366c3d601b3e188c2f4e4e00095ca7c5f760ef6c2ee7ccf8225960db49f2f72a21dce96440f8d18618954f3298ff5487ca13c100e7e69f6c6047f8e21aa1cbf5304e294e05aa14cba8e4fb12347e51ab1819e3026716ff924b13acdb3ae5a07df4b053e05e05a84f8d29e27668d8c", 0x1000, 0xff}, {&(0x7f0000000240)="8e988513cf989a69e9d367af4b3a600c34de4ebc935faba4ffe339d9e02365aee0d85b04a12b0f9af1606332f45aeb2f5bb2c86a34ce4cd8adb687b7a6289377535a4db5692f98db41b0e37957e69c2e28e20dd2f8a74389fcd41df6ecacb1c779f6488e997f43863f06b1786082a927394a616e9223f88769fec9c0e43ff77031cf918cd56f0fb61ab72f4e77503675a691f4e0c83196e526b9226624e3cb9e4dc69f040cf791825a5184af5c48777a2f15e1531c3ce3fa4065cc76e29a0c3b8e50555d12c6a3fc42a17b", 0xcb, 0x1000}, {&(0x7f0000000380)="70b8b054ba7ae56a9c6cacf068a97b7234e94e04cf16334b9e2f3d55d8bce83555984f193d21b6ac2ce9a22d9fb7e1f9fe69786e6bfe93cabd709ed3256c5a4cc067ceec75477ae06cbf79f9d65cf81f52d035d81eb6dc760ad45428fc16698b79c4a47b43033d81405c0f59cbf7d5d11354378030116230b0fbb4e09a41fc4fadc78f75d8c8922efff2c633133166d6453e1ce1a8683b354758c1483df457425a74b5dba98d82", 0xa7, 0x3}, {&(0x7f0000000440)="a6a23320038f4084a7f34efb2d789b384544c910cbcf802e677f44575818fd75f59453b388e403a11fe6f9f9e314b8a9bfbcb4381ab0e98f0ac4f20fb37227baf18546cf2b7ba1dc18b01b9f5580f89add3d1fb9752193f707a9292133c8b0773f463ebc80c4ba7e51e71e7ef46fe44d897b08fe65ae7bdd0df53a1bfebf7b6eca9cd5840af2370cb8fabcba0204b7f4aa0b88f3b2f40fa80fa248276665d7a4fa7cf6dc2622f057dc5a3a0d0c3488250d1c6637eae759bce602e77acd79d936e41d3ad4cb83c7494243629ae0072c691f3b5f9f0f1b010cab3c00e0c742791f55cce7483178493f77de685ffffb1162edf935f0e31cc4e1", 0xf8, 0x63}, {&(0x7f0000000580)="f86e6a0fa73b0dbf76cad99009660263da7180f9b045c83b4e1be17281d2e8edaf7461eb0c8064a8be66e18580fb0b48ee3c973c85b820980c92abc15c0a0137593bf8be5ab69b076b469c37edbd882883a93f56957a6a9cfcf0131087508927b2ad2e708fd8c3457ef95f97da59a5570877d4a2a67ddce475caea1c4236835296739980c0ffff8d6a3eb1952ed45dc2e6d8b97f4a5703839b94c8f690550c51bdd22bf0f4958bd2f2b6199837393f4c6b34a730e19cd6c278c7e7fd75dd04984105b53cbafe8c08843125cfa635c16c39b58aee09a57df56f2d05c87fbe0e631da5d70d7b1a95d668ad9eb4ecaed36b1533b534a6c0c31f", 0xf8}], 0x80, &(0x7f0000001740)={[{@creator={'creator', 0x3d, "a1584cef"}}, {@part={'part', 0x3d, 0x80000000}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@dir_umask={'dir_umask', 0x3d, 0x395}}, {@codepage={'codepage', 0x3d, 'cp950'}}]})
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  793.135054] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.152172] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.176167] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:34:03 executing program 3:

[  793.224202] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  793.242013] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  793.256455] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  793.279990] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  793.292936] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  793.304489] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  793.321853] Interruptibility = 00000001  ActivityState = 00000000
[  793.330951] *** Host State ***
[  793.334363] RIP = 0xffffffff8120269c  RSP = 0xffff880185007390
[  793.341050] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  793.348024] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  793.356568] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  793.362687] CR0=0000000080050033 CR3=000000017f651000 CR4=00000000001426f0
[  793.370290] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  793.377674] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  793.384220] hfs: part requires an argument
[  793.385281] *** Control State ***
[  793.393084] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  793.400313] EntryControls=0000d1ff ExitControls=002fefff
[  793.402977] hfs: unable to parse mount options
[  793.411238] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  793.418733] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  793.425684] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  793.433256]         reason=80000021 qualification=0000000000000000
[  793.439996] IDTVectoring: info=00000000 errcode=00000000
[  793.445521] TSC Offset = 0xfffffe5506e6e07c
[  793.450322] EPT pointer = 0x00000001d21df01e
13:34:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r3=>0xffffffffffffff9c})
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000140)={0x10000000, 0x2, 0x9})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:03 executing program 0:

13:34:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1f4]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000008000a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:03 executing program 3:

13:34:03 executing program 0:

[  793.580554] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:03 executing program 3:

13:34:03 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3000007, 0x11, r3, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000001a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:03 executing program 0:

[  793.728140] *** Guest State ***
[  793.731466] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:03 executing program 3:

[  793.797163] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  793.808305] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  793.835882] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  793.837933] CR3 = 0x0000000000000000
[  793.875594] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  793.898302] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  793.910330] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  793.931674] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  793.960171] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.978736] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  793.995878] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.015910] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.023977] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.032882] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  794.041382] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  794.049960] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  794.058517] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  794.067363] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  794.073994] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  794.081987] Interruptibility = 00000001  ActivityState = 00000000
[  794.088700] *** Host State ***
[  794.092124] RIP = 0xffffffff8120269c  RSP = 0xffff880189bbf390
[  794.121677] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  794.136394] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  794.153023] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  794.159446] CR0=0000000080050033 CR3=00000001bd7b2000 CR4=00000000001426f0
[  794.166911] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  794.173736] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  794.180223] *** Control State ***
[  794.183827] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  794.190944] EntryControls=0000d1ff ExitControls=002fefff
[  794.197293] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  794.204528] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  794.211675] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  794.218718]         reason=80000021 qualification=0000000000000000
[  794.225181] IDTVectoring: info=00000000 errcode=00000000
[  794.231168] TSC Offset = 0xfffffe5493c7a55c
[  794.235635] EPT pointer = 0x0000000181baa01e
[  794.253940] *** Guest State ***
[  794.258666] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  794.267619] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  794.276521] CR3 = 0x0000000000000000
[  794.280224] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  794.286229] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  794.292229] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  794.298957] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  794.306977] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.314964] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.322993] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.331006] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.339022] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  794.347040] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  794.355003] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  794.363142] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  794.371214] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  794.379316] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  794.385723] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  794.394047] Interruptibility = 00000001  ActivityState = 00000000
[  794.400427] *** Host State ***
[  794.403631] RIP = 0xffffffff8120269c  RSP = 0xffff8801cb9d7390
[  794.409678] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  794.416124] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  794.423905] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  794.429865] CR0=0000000080050033 CR3=00000001bd7b2000 CR4=00000000001426e0
[  794.436938] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  794.443609] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  794.449820] *** Control State ***
[  794.453284] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  794.459992] EntryControls=0000d1ff ExitControls=002fefff
[  794.465458] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  794.472436] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  794.479166] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:34:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x125000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x1, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000001c0)=0x4, 0x4)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x4000, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000140)={r5, 0x5, 0x1, "f147c00f2dfdb56685"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:04 executing program 0:

13:34:04 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:04 executing program 3:

13:34:04 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1800]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:04 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
open(&(0x7f0000000140)='./bus\x00', 0x141442, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  794.485742]         reason=80000021 qualification=0000000000000000
[  794.492133] IDTVectoring: info=00000000 errcode=00000000
[  794.497621] TSC Offset = 0xfffffe5493c7a55c
[  794.501939] EPT pointer = 0x0000000181baa01e
13:34:04 executing program 0:

13:34:04 executing program 3:

[  794.577704] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  794.601353] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:04 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000ffffffffa00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r3 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000003280)={0x0, 0x7, 0x6, 0x4, 0x9}, 0x14)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:04 executing program 0:

13:34:04 executing program 3:

13:34:04 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffb8]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:04 executing program 0:

13:34:04 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-aesni\x00'}, 0x58)

13:34:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x0, 0x0, @pic={0xf7}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x1, 0x0, @pic={0x0, 0x576}})

[  794.937284] *** Guest State ***
[  794.940650] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:05 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x600000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  795.038128] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  795.056020] CR3 = 0x0000000000000000
[  795.066230] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  795.094959] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  795.106930] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  795.125948] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  795.135027] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  795.143800] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  795.155742] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  795.176134] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  795.194973] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  795.206007] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  795.214228] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  795.222801] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  795.231433] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  795.239931] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
13:34:05 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
recvmmsg(r1, &(0x7f0000003a00)=[{{&(0x7f00000005c0)=@ax25, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/171, 0xab}], 0x1, &(0x7f0000000100)=""/40, 0xffffffffffffff88}}], 0x47d, 0x0, &(0x7f0000003b40)={0x0, 0x1c9c380})

13:34:05 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80003, 0x800000000000006)
ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000000))

[  795.266303] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  795.272732] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  795.341827] Interruptibility = 00000001  ActivityState = 00000000
[  795.388758] *** Host State ***
[  795.395926] RIP = 0xffffffff8120269c  RSP = 0xffff880180647390
[  795.401930] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  795.446041] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  795.453865] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  795.466903] CR0=0000000080050033 CR3=00000001b7734000 CR4=00000000001426e0
[  795.473937] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  795.482193] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  795.489608] *** Control State ***
[  795.493083] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  795.499886] EntryControls=0000d1ff ExitControls=002fefff
[  795.505355] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  795.513058] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  795.519810] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  795.537899]         reason=80000021 qualification=0000000000000000
[  795.544238] IDTVectoring: info=00000000 errcode=00000000
[  795.549875] TSC Offset = 0xfffffe53ec86bd04
[  795.554218] EPT pointer = 0x000000017fd8901e
13:34:05 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000ffffffffa0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:05 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000140)={0x2, {{0x2, 0x4e24, @local}}}, 0x88)

13:34:05 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8dffffff00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:05 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000140)=@add_del={0x2, &(0x7f0000000040)='syzkaller1\x00'})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000080)="66b8060000000f23c00f21f86635010003000f23f80f0d3d0f225ebaf80c66b87d0b428f66efbafc0cb000ee0f017603fe4c19b800008ee80f01bb00000fa00f08", 0x41}], 0x0, 0x0, &(0x7f0000000280), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
recvmmsg(r1, &(0x7f0000003a00)=[{{&(0x7f00000005c0)=@ax25, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/171, 0xab}], 0x1, &(0x7f0000000100)=""/40, 0xffffffffffffff88}}], 0x47d, 0x0, &(0x7f0000003b40)={0x0, 0x1c9c380})

13:34:05 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  795.753231] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
recvmmsg(r1, &(0x7f0000003a00)=[{{&(0x7f00000005c0)=@ax25, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/171, 0xab}], 0x1, &(0x7f0000000100)=""/40, 0xffffffffffffff88}}], 0x47d, 0x0, &(0x7f0000003b40)={0x0, 0x1c9c380})

[  795.829830] *** Guest State ***
[  795.835993] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  795.866590] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  795.875457] CR3 = 0x0000000000000000
13:34:05 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8dffffff]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:06 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  795.956671] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  795.962727] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  795.987307] device bridge_slave_1 left promiscuous mode
[  795.995582] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  795.999308] bridge0: port 2(bridge_slave_1) entered disabled state
[  796.027592] IPVS: ftp: loaded support on port[0] = 21
[  796.035014] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  796.046182] device bridge_slave_0 left promiscuous mode
[  796.052012] bridge0: port 1(bridge_slave_0) entered disabled state
13:34:06 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
recvmmsg(r1, &(0x7f0000003a00)=[{{&(0x7f00000005c0)=@ax25, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/171, 0xab}], 0x1, &(0x7f0000000100)=""/40, 0xffffffffffffff88}}], 0x47d, 0x0, &(0x7f0000003b40)={0x0, 0x1c9c380})

[  796.071891] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  796.106088] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  796.116174] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  796.149154] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  796.169900] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  796.178874] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  796.189329] team0 (unregistering): Port device team_slave_1 removed
[  796.203189] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  796.213193] team0 (unregistering): Port device team_slave_0 removed
[  796.220043] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  796.236337] bond0 (unregistering): Releasing backup interface bond_slave_1
[  796.243653] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  796.256940] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  796.267559] bond0 (unregistering): Releasing backup interface bond_slave_0
[  796.274853] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  796.288719] Interruptibility = 00000001  ActivityState = 00000000
[  796.303060] *** Host State ***
[  796.311618] RIP = 0xffffffff8120269c  RSP = 0xffff8801be25f390
[  796.324940] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  796.337708] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  796.345596] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  796.345620] CR0=0000000080050033 CR3=00000001c416c000 CR4=00000000001426f0
[  796.367561] bond0 (unregistering): Released all slaves
13:34:06 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  796.393746] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
13:34:06 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  796.467619] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  796.494212] *** Control State ***
[  796.508391] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  796.563196] EntryControls=0000d1ff ExitControls=002fefff
[  796.598842] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  796.600335] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  796.632714] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  796.654888] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  796.693848]         reason=80000021 qualification=0000000000000000
[  796.716422] IDTVectoring: info=00000000 errcode=00000000
[  796.729701] TSC Offset = 0xfffffe536fccbd77
[  796.741003] EPT pointer = 0x00000001cd00501e
[  797.550483] bridge0: port 1(bridge_slave_0) entered blocking state
[  797.557308] bridge0: port 1(bridge_slave_0) entered disabled state
[  797.564735] device bridge_slave_0 entered promiscuous mode
[  797.614960] bridge0: port 2(bridge_slave_1) entered blocking state
[  797.621784] bridge0: port 2(bridge_slave_1) entered disabled state
[  797.630667] device bridge_slave_1 entered promiscuous mode
[  797.677145] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  797.724012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  797.872732] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  797.923561] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  798.156584] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  798.164035] team0: Port device team_slave_0 added
[  798.199065] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  798.206869] team0: Port device team_slave_1 added
[  798.234466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  798.264323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  798.292841] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  798.300053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  798.308293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  798.333156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  798.603461] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.609885] bridge0: port 2(bridge_slave_1) entered forwarding state
[  798.616623] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.622976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  798.630750] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  799.496160] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  799.602953] 8021q: adding VLAN 0 to HW filter on device bond0
[  799.696852] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  799.790007] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  799.796330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  799.803308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  799.898433] 8021q: adding VLAN 0 to HW filter on device team0
13:34:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:10 executing program 3:
recvmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000007c0)=""/136, 0x88}], 0x1, &(0x7f0000000900)=""/47, 0x2f}, 0x6}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000a40)=""/103, 0x67}, {&(0x7f0000000ac0)=""/175, 0xaf}], 0x2, &(0x7f0000000bc0)=""/189, 0xbd, 0xffffffffffffff7f}, 0x435}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000c80)=""/231, 0xe7}, {&(0x7f0000000d80)=""/84, 0x54}], 0x2, &(0x7f0000000e40)=""/63, 0x3f, 0xeb6}, 0x7}, {{&(0x7f00000012c0)=@l2, 0x80, &(0x7f0000001340), 0x0, 0x0, 0x0, 0x6}, 0xfffffffffffffffa}, {{&(0x7f00000023c0)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000025c0)=[{&(0x7f0000002440)=""/186, 0xba}, {&(0x7f0000002500)=""/21, 0x15}], 0x2, &(0x7f0000002600)=""/4096, 0x1000}, 0x4}, {{&(0x7f0000003600)=@l2, 0x80, &(0x7f0000003780), 0x0, &(0x7f00000037c0)=""/220, 0xdc, 0x100}, 0xb}], 0x6, 0x102, &(0x7f0000003b00))
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0xfffffffffffffecd)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000))
sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)}}, 0x20)

13:34:10 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xa000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:10 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:10 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
ftruncate(0xffffffffffffffff, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:10 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f00000003c0)='/dev/snd/seq\x00', 0x0, 0x80000)
fcntl$getownex(r0, 0x10, &(0x7f0000000440))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_PPC_GET_SMMU_INFO(r2, 0x8250aea6, &(0x7f0000000140)=""/223)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000feb000/0x1000)=nil, 0x1000, 0x2, 0x10, r2, 0x0)
write(r3, &(0x7f0000000300)="9491dc42eed8a4a9f5ee9227d99065d13fd9e010b2d2fb850c7d5ed9e9dfc4f254b78103b774f99d5900e1aac5f8405f26fa7c321db8f6142871ff239974909f7b9161b6c77cb3e8ae714643818914bf86f0b812844f3ebc27df1c176853e4296935e8e34df86c80f70ce37f8c5b7a6b23d0b48b0456a66c289e0070c195dee125f7b86ec37e9bf2", 0x88)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt(r4, 0x9, 0x80000000, &(0x7f0000000240)=""/157, &(0x7f0000000040)=0x9d)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000004c0)='team\x00')
r6 = accept$packet(0xffffffffffffff9c, &(0x7f0000000500)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000540)=0x14)
getsockname$packet(r6, &(0x7f0000000ac0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000005c0)=0xfffffeae)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000700)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000740)={'team0\x00', <r10=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000780)={@rand_addr, @empty, <r11=>0x0}, &(0x7f00000007c0)=0xc)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000800)={@empty, <r12=>0x0}, &(0x7f0000000840)=0x14)
accept4$packet(0xffffffffffffffff, &(0x7f0000000880)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000008c0)=0x14, 0x80800)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1b, &(0x7f0000000900)={@mcast2, <r14=>0x0}, &(0x7f0000000940)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000980)={'team0\x00', <r15=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f00000009c0)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000a00)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001b00)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001b40)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001b80)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000001c80)=0xe8)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x15, &(0x7f0000001cc0)={@remote, <r19=>0x0}, &(0x7f0000001d00)=0x14)
accept4$packet(0xffffffffffffffff, &(0x7f0000001d40)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001d80)=0x14, 0x80000)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001dc0)={<r21=>0x0, @dev, @multicast1}, &(0x7f0000001e00)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f00000023c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x84000}, 0xc, &(0x7f0000002380)={&(0x7f0000001e40)={0x520, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{{0x8, 0x1, r7}, {0x20c, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7f}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xa9}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r9}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x34, 0x4, [{0x2, 0x80, 0x2}, {0xfd9a, 0x121, 0x8, 0x69}, {0x3, 0x7f, 0x8, 0x8b2}, {0x1ff, 0x6, 0x3, 0xd7eb}, {0x6, 0x3, 0x4, 0x3}, {0x6, 0x0, 0x400, 0xffff}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x8100000}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x48}}, {0x8, 0x6, r11}}}]}}, {{0x8, 0x1, r12}, {0x3c, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x15e}}}]}}, {{0x8, 0x1, r13}, {0x74, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r14}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8}}}]}}, {{0x8, 0x1, r15}, {0x74, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7fffffff}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8, 0x1, r16}, {0xf4, 0x2, [{0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x4}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x14, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r17}}}]}}, {{0x8, 0x1, r18}, {0xb8, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r19}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xe244}}, {0x8, 0x6, r20}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r21}}}]}}]}, 0x520}}, 0x8891)

[  800.453901] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.523533] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.530163] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000ffffffffa00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  800.577686] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.594651] *** Guest State ***
[  800.611860] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:10 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8d4, 0x10}, 0xfffffeb1)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x40040, 0x0)
ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000080)={0x5, 0x80})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xd, 0x5, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1, 0x54}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x420, &(0x7f00001a7f05)=""/251, 0x40f00, 0xfffffffffffffffe, [], 0x0, 0x1}, 0x14)
ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000180)={0xffffffffffff747a, 0x10000, 0x4, 0x1000})
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000000c0)=<r3=>0x0)
tkill(r3, 0x26)
ioctl(r2, 0x80, &(0x7f0000000100)="8ba31d42d88acbc43fb06fdcd927feaa9eb2226e62a88ad4a66a1f2af51ba9a9d36a0ea23ed88e2e32a707eb4177029b12e0067114a6ca23d0ea6ab9c193700a5c8d612fa7589bbd7ba66c976981cf80bad64ada1e7e0a34f4050c1d66c0f10e92a209bc8d3bcf806079dca4c1f45dc41d1996bbf84b500cdccc9d55274161c4")

[  800.659205] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:34:10 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x623a9]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  800.709128] CR3 = 0x0000000000000000
[  800.709993] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.724010] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  800.728217] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.739382] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  800.745579] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  800.792218] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  800.818966] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  800.837295] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  800.848340] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.856504] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  800.866678] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.874771] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:10 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x6]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:10 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:10 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000100)="153f6234488dd25d766070")
r1 = syz_open_dev$loop(&(0x7f00000006c0)='/dev/loop#\x00', 0x0, 0x0)
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x8000, 0x1, &(0x7f0000000080)=[{&(0x7f0000000700)="094393090227f74d0282cd15e9d8df50d8b10c262f5ef6b9b162e32acec8505242cf45a31e8b931a23005c82dc8f6120070bda7c3a0332c1823fd3a36f706bd3951f68bca9bca1739a5d40697eda6c8d33cabf313f8676742b81d28af81b715f2a20175c04b73bdb953222f3fa792c5d4ec07321fb4dfd9868fca6a136b814dcb09408837f1effa2f3755255a99d394692731f7c9e218f18b069c8253879d867e8de8132cbeb7f4183b2bb9148bf0fc805a144652106ff4869ceab0048e312832dbfe135de2fe0c42f8929160c7f18e7f31024940e86c883f6b2269aaf7b4393c4e98a2a8e565d140f6bcb4e2cf2fc2be476082925d6b29ce780d9e03432189f2a9e941d3b0e82cfe949095ea2236e23b3b7a7ddbc43021eece8598d4bc7f8ded77e68cdb83264735757e9e41e91e2dc20f5b2bfe9e3643e0eaf24a72d462afcc1b9d3deaeaab39536f85c9184d509f2d7b213a1d58f8fd2370aa258a5830e0c7872860e33e00922604241e92f883fcc6e093d47178542dff9d80aadbebfb8ddcc2a9a9a20a6ebafbad75e4e2b0b5e7ffcdb8a232c29f169b095b42ae4d8d0e14e7db5977f3934701e217e6ff05c4ac2d1a2a015a2d6470ca3b35a132d053bb6349d0ac535a1c0d69244ed2a0a7cd818904b25a227edc183ceec1664e68ce091c398d218f1d2a3e219b2ab72eabc570f311911cc8c522e5e829d4726fc711c7342d2d27b4d8e3c8b9de2e5c65e28ef874ba6aa8833b7f5f26bb08615846ac9252c2751cd70553011c10f839287ee954d13d4793679ef1d5cba2648452a1d9dfecf591ac78a82666f07dd5f9fe6be1c922a13899860b3d4b9fde96c8e71bcd813366abc15c8cddd9255051f8b3184d3e6bd8599b66c2a9aba84446c0fb17fdb829bb3ac5cd3aaa065df555be73c20dfc0e8a7a6d49e52676def8e7bcebe96dff49e659833e0ce9c8cc7f0fe3204506604ab0daff41df6ae60f1f0ab768a61bb74e3e9fea5ccdeb1dd3ec5a6548d59638977a8be0613323929d239e523e21f5989ac98cea5c0278fb4f82042c0021fd37205e314703a80eb534ce2d7e3ecc32340eeb24cddb70b93b2103d2f8fe50c3a22158638f3814cd6a65a49e22daa71ac1d462cdc88b7147c257b95c692959c51bc3550bb5f5339d827c4e8aa330dca815a379efe078cd6042cc78575743826488275d882409d3d1e4ef0e1bd94d1fe5e4730be31c4a7e382bd0207470eb1dfdf8ccadd487858caebca7bae926a532963ab65265251e9d19ef2116e288ba0935bfc784e73963f38e9ae1504fc882e671ca179bb85557f51e79e664c1fffa4c889b6a6b1066dc36fa1d4976949a3b5135dde76321be2d527180fa232dadafeca2d2a7d2131162b0ebdabb54973651445362fb31143dfacfee2f4003188112f409e556436bbfbcfb290404aad4a2698d20121efba7a93aa6ff10a74ca51c83f3686f5e28ec8efb3ff1836656b515c9520c26fbf204c6d94422369ea4773edaa83893c686ccf047579974a1192f9ac1f752e15550769ad32f61bf2d96f5b94ef65dab273486a8b5abb3486ca0fac72e6549a8a544753d0cfdac8bb30d6a81cbdc185a9edda47647b9cd5ee6d881ccc797a050bb31cabb9ce89dcaddafe401a58e976767fde5ccb41062d581859b453a83e912b559315fe18a5a7f18c75a3e3474af946b40253e608530be587d3da91bb7ddbbf2163c7ce3ba002f6d9b6f57a2889fa1a630fe8870d70e19d530f428b5ada4cc9de2a7d04c0cb749d001031b085f4051ed75ae6e132146cd2827cff46a70e353dbafc6a9cca6c3f583148e04f77fed6ad2f9faf988a59cfe3fb1f40dc29fbab69dee13494cd65dc57fc0cc0deb5f8a939177e265fa0ce6bf5a2d06b550d040c35d43712902b052e906b5452fbccf2e734f86978a42e1d4a67d5b153475712a6c865bf262197ee6e45c4f99f927e2077af118d3ad51da58022051303538d69dfccd6ca63ff78f7c15183341bb169ca373b5c6f7cfff2a6b0a19684324ee4da43ad147ee6e9a24533f5de8eceec79f1c00603d8d3b23b36f398d34a0975e1a5922905e6c6fac98a100deccfe18b709b09a69d69db1f99266a7da56c2049a38c355f41b661d159ab62f30b7c9ae31eb6d6c41751c0bc3caa7a89a1fc995f17a1967fda5caf65331ab3d21ea27ba30f31c5dceec16a2d0c6b40d6c27aec9662d4dd4ddf4a8184bfa2687216d5fa3fa65625288b0ff75fa28b1092a07071d424ec285d4b5a5ed35e83c36c262be19a96ac59716c9033e142bc45783db67bebcece13d7ee73fd23131f28be322779927edd0789572eaed921af25d3b1165535b2418f37cf5efbcf17400f6a6a7801aed617a64739a5ced8780f42d3e47de03a2698e08d43c51daff50e998910f11821b4be8db7f67f0941a4d7ccfd058a00b441147c154d57a8a38c03f2246e7b66c737674e80044d4a42979f797e96089c5a0675a6bdc24822a9a975d4447ce68679321a02b43e9d82a2d786037b4dbfcf4321b0e12b572d4fd962e49b06fe45dfe0aa10e84a812e43b7b93eff3aa5f9333720eaf0e63fb58fa5ce0e61198cb7f515205def415dc7d28ef4a040bc8158605419f22003530814b82b172810a2d120f7c92a0affb7323c90e8ca5645e8267189a9cce9146ed62dfd4e811477c11d05f2e9a57b42769d0b887ce30223de7303a28e2947e66a8bc27c3ffd0722e071f50b2d5c7aa7b6f6bd9c9d8335b23bd5ce0eb2e34d7b7f4b36f9dda7a0ae273678ad2c0eccd9f7bb694bcd40756e3b63396f345b87f3771ca1a12f121d91f7a41c7fd5b8c38ea2882cc5480d26f73772cff4311633254a674cc23a58f1fdb2b1ba05253eb1032d3f47155059166ac8ae346b5376c81732258624e80a7be1091cab4834e1b6e4032bdf8a10567d6f5008bbc1863c3aee3148290c42ca4cec0a8784a4d22a908e501bd528cc398b0786ad0199a155bd30f7be992b3957944b381c3b7f0aefb7385514c55062a5a1ca0d3c3138995fa9e55c669770aa9b9d75e864c980ba6ea8d8d5d80439688e57d6f2aeb468c7c7f25a8df822ca2be55518f8d8b2a9f9b352d2f561eb65074f8fa892514519f755bac60214c91c1f60f05cdd1c7065ba0c55b90cb22d78b5231fdd64a221477b40e5ba4df5de7d6af5fea895b4f6b84d3ce4de2125f6c25154e6cea84cdacfc064f093ec9e574406577790703920a60bd75e6dcb1940c5d27c2bd57a93ebe09e06cbf4c84aee3d23eae3275ce1d0e92ae02dbe973c662bfbb508806c0ad0ec5db1f7043cacce6c8e027bebeab7cff228d4bc3e3c7b8ac0acbb48e2f4a6e28b1a79e753d773c47f9ea17e08ed0c2633b3a409fbce796170b13dd2e20b075f5d2feb1b0e65a4ed2835feab9f10ed1cdb4982aa2b139f1e50afa9d5436e1b9bea6bab55e78e657ed347caa8e48ee7c3d4c5b7084f225f86166b6ba1d671582ccc9c19b7a5db0a19167c30603279b3480e44025571f83fa4b1e776a6d8834fa61931a420c39039b07bfac99ae1fb6a950becf6835c58587d5b616c18dd1b985784e194224f6ae3a235bf5876c63f9d58072c3b0ca68aaa3af5c73c0ab3663f47d2895952ddb901121e6c722b530bf34117ee6be0c3af3295bb7d99581e8b95510444b1d3a4da38dd963d1847ff258889a5a5213f9a8c68721779b5fab35eb9ab00095cfa07a6883ec5199db8fb93aeac08cacb7c14931e8815d8b50b46b622777aaa7bbc3c21559e4a7b2d1edbfeb650943fe5d01f3a442ffe7fb26dfca8cbafa2188371db743dac601bfb95dfcbf3c06e14fc39a602648e4a0dd3d12e918f80652982e8ff0ebb8bc06d00b6d9f2acd736bc53510cbaa15a7cbc1dfa6e6eabece26eeee7b1d890af4e4c85eb8f3d4cd06188d97cf69b9572190952a08c8fb0d25dd2de5110547a23a840b68510b5ce425038346718b05549a9854f00091885b74f5de6010eba54c65a56b798e7cfd6a402dedf125f90e679c8428b508ff52d3abc58d4252db88eb0ffb07c41edd3824e9e41298ff5cad1fb2eea24e7ef4cff574a0a95b42b38e4ac786ff1456bec7e5fb7d867cac520e64e11424572328f7f8f4a0f96bf455e815cacffbcdc6728870ba25ad83a537988809aff83ae8ae5cea3ad4536ea0ccb08b0be01fa9e58b377bdd877d5c2ad56fffd581c63dd8a86ad7fdae8fc501019c7e32ceb8bdcbe3ab8c33409337eb7796f2c3dfe40e2c1e052090722d762b6b1a8c98f7a67bd0a5c8a8635641819fb51f6e15ef822c859abd9373b0cddc00b5b1969bae4b2362f7453849815db2e7470db908e13e18df669e19ade6aefda4322ca6cc5dae6817abc6194fb51b357fa4e5e05aed0fd901c3675efd6a7ffa2a39841627492dc6d4cf98b3926b3db317e8635ea116cc9595c862a0730336478f9d86d06bb8761ea268ca4078385173b3fd672d974b479a4acaa3451e9102b4583c63305ba846d987e26d0977eb5ef596e78f33dda4558db68fd798c50532e7d158c571ebeb24682d3136f7449ce85d076753d202a73fbadfc125e78c63571dc693695c417f5d55f713932b649a56510e32fa2dcbce2f7d292e1b2326db0c670a00c17b9a76a1c1be07830e648ecf3f79cfbe1a64842e86365d60b2d9fb9d5f38e38fd57fc598e02934c6b474c384683c36fea64768eb6e0c8bef5b8ad1bfddb3c2ffb9cfe8ecabb80a341185732bcfc94e47d4628e3d454ef25a94302ea3964308afdad5233bb8ccd6906d677b024f53e390b5a6cc63269fcfccce80c0505ec85f8a9de2ac8f2d90f2ac97b3f649a7c294f21178c0a876a03ab44f4646a8725f5939ccc2f2c4d6073824f3730c8238ad6693ffb4746d4fc8eac608def52db1d11fd29f3ee578646aeea4b17cd79e32348e6878608e29a36ced36bb97fde83b1085a22b68f1bb967997b7216502eff36fd4f84a7065c6808eef1c97cc5df64ab6e658c4edc78be5ffa1aec548d45eb19e9288db1b92a18a701af1cde2c7fd6ffc2a5ac9fa743e04017dd94e3a5747b824a8d3555735f37188841cb45304888569d8a531650016a751b808229c2e09ab554ab5c389a3f708c9bd3ad483b2f9472ae3dad0dc190a1dfb07aacdea71a0334b6276b5ca575fb1537a7a042e355712f5158a2c63f1efd61de508065fee733795c618937f10c55e843f1c5a7e52f3edd9ff3bbe7f1728c0127643f404517c2817454994a9d2cbc6997e97225de306bc72217ccb48d24b321f61ae58641cb8459a347e73a60b7b1e3ccd9f17b4a31f2dcfcb5ed420d69cdc0c373daef3e961ac2877b34966a08bf6511cecc5b267b7382fd30543e2b73f5e62ebe884732b439d32362a367933453265d73a63da8bcc300a640474c64ffacecbb712465acb24f4d7500c5d612a3f0dc5275555a181651e4b8e0514d4b48bea952bbf715ea95596c863f670ff848d3fd56cdb3f0da89513ac16c6503a3b75b5105ccb9f5352e26316e8fe3f64fa9f407b5bba84b977c0d926db37e67b633788f62a2eeed7a29d9349f3bbc1954f5fec620d3092e80fbc26fa957fd88c6bcc7d68c850a1ddaa22cd3c21d3ae4cbc6c67c27d0a7422a7f7cf20c7101ec7d59b88ad29dc0ead60326a9002e72387abf8daf1dc202f18b46b709514c2512035291c00e955531e0e5ae1b2c1ecc794c95d4d06c07673f59c6bc1055244863c3b86933e76105fd244a0549ec3d2b9c84007083928e4c789a0ed24bd14c5591be1a7a0211a98a73b78bdf0be62dc74f2ffe367bc0262aa344306457a8", 0x1000, 0x4}], 0x8, &(0x7f00000001c0)={[{@show_sys_files_yes='show_sys_files=yes'}, {@show_sys_files_yes='show_sys_files=yes'}, {@case_sensitive_no='case_sensitive=no'}, {@case_sensitive_no='case_sensitive=no'}, {@umask={'umask', 0x3d, 0x7}}, {@errors_remount='errors=remount-ro'}, {@dmask={'dmask', 0x3d, 0x8}}], [{@obj_user={'obj_user', 0x3d, 'vboxnet0procvmnet1%'}}]})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getegid()
fstat(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresgid(r2, r3, r4)
syz_mount_image$ntfs(&(0x7f0000000140)='ntfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000580)={[{@disable_sparse_yes='disable_sparse=yes'}]})

[  800.898539] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  800.920985] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  800.959238] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  800.982951] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  800.997165] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  801.021130] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  801.029017] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  801.029031] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  801.029045] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  801.029056] Interruptibility = 00000001  ActivityState = 00000000
[  801.029061] *** Host State ***
[  801.029075] RIP = 0xffffffff8120269c  RSP = 0xffff880188df7390
13:34:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000001a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  801.029101] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  801.029114] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  801.029127] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  801.029144] CR0=0000000080050033 CR3=00000001cc175000 CR4=00000000001426f0
[  801.029161] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  801.029175] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  801.029181] *** Control State ***
[  801.029191] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
13:34:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  801.029201] EntryControls=0000d1ff ExitControls=002fefff
[  801.029216] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  801.029226] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  801.029244] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  801.097605] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  801.156840]         reason=80000021 qualification=0000000000000000
[  801.165749] IDTVectoring: info=00000000 errcode=00000000
[  801.196925] TSC Offset = 0xfffffe50e3c4a3c6
[  801.218226] EPT pointer = 0x00000001b79f701e
[  801.289926] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  801.322797] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  801.379624] *** Guest State ***
[  801.388818] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  801.405727] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  801.416608] CR3 = 0x0000000000000000
[  801.421200] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  801.431579] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  801.458292] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  801.467022] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  801.475259] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  801.483793] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  801.494338] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  801.502821] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  801.511238] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  801.519713] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  801.528109] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  801.536505] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  801.544709] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  801.567949] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  801.581486] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  801.598296] Interruptibility = 00000001  ActivityState = 00000000
[  801.611580] *** Host State ***
[  801.618528] RIP = 0xffffffff8120269c  RSP = 0xffff8801871bf390
[  801.625976] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  801.637774] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  801.646062] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  801.652159] CR0=0000000080050033 CR3=00000001cc175000 CR4=00000000001426f0
[  801.659720] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  801.666849] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  801.673129] *** Control State ***
[  801.677193] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  801.684083] EntryControls=0000d1ff ExitControls=002fefff
[  801.690010] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  801.697460] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  801.704384] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  801.711492]         reason=80000021 qualification=0000000000000000
[  801.726973] IDTVectoring: info=00000000 errcode=00000000
[  801.739773] TSC Offset = 0xfffffe50e3c4a3c6
[  801.750891] EPT pointer = 0x00000001b79f701e
13:34:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="b809008ee0f4c53ebe000f015fc4f20f01c9b800008ec882e4420f07f0820ea255f00f01f6", 0x25}], 0x1, 0x16, &(0x7f0000000180)=[@flags={0x3, 0x4}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:11 executing program 3:
execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000080), &(0x7f00000002c0))
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x2, 0x210000)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x7)
mlock(&(0x7f00005ff000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000289000/0x400000)=nil, 0x400000, 0x0, &(0x7f0000000540), 0x1, 0x2)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7ff, 0x581080)
write$FUSE_BMAP(r2, &(0x7f0000000040)={0x18, 0x0, 0x7, {0x5}}, 0x18)

13:34:11 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x7fdc]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:11 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:11 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
capset(&(0x7f0000000000)={0x19980330}, &(0x7f00000000c0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x200001, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000100)={0x7, 0x1b, 0x2}, 0x7)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
sendto$inet(r1, &(0x7f0000000080)='\x00', 0x1, 0x4008000, &(0x7f00004daff0)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000140)='q', 0x1, 0x4000084, &(0x7f0000000240)={0x2, 0x0, @remote}, 0x10)

[  801.901610] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff0f000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  801.949382] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  802.044952] *** Guest State ***
[  802.057848] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
[  802.076076] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  802.082360] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  802.085210] CR3 = 0x0000000000000000
[  802.096968] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  802.098295] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  802.111421] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  802.118560] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
[  802.125507] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[  802.126476] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  802.133758] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.152025] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.160113] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.176800] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
13:34:12 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
ftruncate(0xffffffffffffffff, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:12 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:12 executing program 3:
pwritev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000100)="2a75792178dcde0540bd80cbfcf9c6497baa9b831edba91ace25875799c459a3e99cf1412e290c3c813aa4b76410f8b83870f0543a86979ebcc743d2b48f6f07b525014b56eebcc0e7f993d755605672838109344f22884d30632e037473a0836af4667a", 0x64}, {&(0x7f0000000180)="5b329f1f46cc6ac021e698df84dada08d192206159ce197bd2b3bebd49a6553e423f08cda8fc9b2e6a6b69634ad3e62fc75abcf118dd8df3856b49ccd183b154becbdcee712cd40e54a266dbec3e490af49dde445de754391257d3f06c794ee73f29a06aa0d4fb28b9c1b7cb8a08db300cdc3134", 0x74}, {&(0x7f0000000200)="c494fb8d4dbc698ecd2b0055da6e2ff66f480f1b40f2d9c7e4187d5e2244fd27468788ab2500b23c212c0db79cfe784379f4b18007383bf2def0aecb313756dc04ac7642faca8254566940f8c8cb87fd1c013ba0", 0x54}, {&(0x7f0000000280)="39b464000de02dd0b25f2df5bf", 0xd}, {&(0x7f00000002c0)="8b3332bbf58439", 0x7}, {&(0x7f0000000300)="411a43698a03febcd4030a3ac99df89bb9c2a19f37f1ae7f896fdb4aa30fa25c779d997f9faa8f7459a5d1eddf5acbc2dfc4ef8aa67226dcd9ff7a3f975c4e8f3ac406ccd808106e85e53cd4dcc4adb34a6ffc012a821b4a", 0x58}, {&(0x7f0000000380)="013e87f26803f59645413e29284b927a2b4aa0e00627cb700d3d66ad393c687d8284a41acc3ab64b84", 0x29}], 0x7, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000580)='/dev/snd/pcmC#D#p\x00', 0x33, 0x80002)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000005c0)={0x0, 0x0, 0x8, 0x0, [], [{0x4, 0x9a1b, 0x4, 0x6, 0x2, 0x22a}, {0x6, 0x222, 0x5, 0x4, 0x8001, 0x6}], [[], [], [], [], [], [], [], []]})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000000c0)=<r2=>0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={[], 0xe7, 0x6, 0x1f, 0x8, 0x5, r2})
ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000440)={0x2000000000000000, 0xf000, 0xc1f8, 0x0, 0x17})
ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f0000000040)=0x8)
madvise(&(0x7f0000f60000/0x1000)=nil, 0x1000, 0x6)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000540)={0x1000, &(0x7f0000000500), 0x8, r1, 0x7})
ioctl$int_in(r1, 0x5421, &(0x7f0000000080)=0x10cc)

[  802.200883] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.237962] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  802.283000] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  802.318753] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  802.332936] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[  802.341486] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  802.351149] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  802.372062] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[  802.387984] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  802.405415] Interruptibility = 00000001  ActivityState = 00000000
[  802.420234] *** Host State ***
[  802.426001] RIP = 0xffffffff8120269c  RSP = 0xffff880184c27390
[  802.432010] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  802.455650] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  802.465044] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  802.471242] CR0=0000000080050033 CR3=00000001c86ef000 CR4=00000000001426f0
[  802.478663] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  802.485354] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  802.491561] *** Control State ***
[  802.495214] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca
[  802.502301] EntryControls=0000d1ff ExitControls=002fefff
[  802.507844] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  802.514961] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  802.522015] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  802.529197]         reason=80000021 qualification=0000000000000000
[  802.535535] IDTVectoring: info=00000000 errcode=00000000
[  802.541182] TSC Offset = 0xfffffe5025e0a92b
[  802.545701] EPT pointer = 0x00000001ce5b301e
[  802.563850] *** Guest State ***
[  802.571577] CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
[  802.581079] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  802.591192] CR3 = 0x0000000000000000
[  802.595311] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[  802.601931] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  802.615585] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
[  802.622997] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[  802.632221] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.641018] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.651413] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.660180] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.669845] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[  802.678660] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[  802.689290] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[  802.698130] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[  802.707769] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  802.716519] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[  802.723246] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  802.732524] Interruptibility = 00000001  ActivityState = 00000000
[  802.739518] *** Host State ***
[  802.743022] RIP = 0xffffffff8120269c  RSP = 0xffff880182267390
[  802.750687] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  802.757931] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  802.766826] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  802.772856] CR0=0000000080050033 CR3=00000001c86ef000 CR4=00000000001426f0
[  802.779993] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  802.787908] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  802.798481] *** Control State ***
[  802.801957] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000ca
[  802.813008] EntryControls=0000d1ff ExitControls=002fefff
[  802.823186] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  802.831197] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  802.842051] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  802.849442]         reason=80000021 qualification=0000000000000000
[  802.856123] IDTVectoring: info=00000000 errcode=00000000
13:34:12 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
r3 = request_key(&(0x7f0000000040)='rxrpc\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='/dev/kvm\x00', 0xffffffffffffffff)
keyctl$revoke(0x3, r3)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x10000, 0x1)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000000340)=0xe8)
fstat(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
fchownat(r4, &(0x7f0000000200)='./file0\x00', r5, r6, 0x1000)

13:34:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff0f0000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:12 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000380)='/dev/usbmon#\x00', 0x0, 0x0)
write$P9_RFLUSH(r1, &(0x7f00000003c0)={0x7, 0x6d, 0x2}, 0x7)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mq_timedsend(0xffffffffffffffff, &(0x7f0000000900)="173074fb8c62c7934719212e2502da2d2f2a5736bcec670f5da0de3b165e6999d4d12b2a1bf0c14ea0a482a6a489facd33e339ac", 0x34, 0x7fffffff, &(0x7f0000000340))
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r2, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfd8af)
syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x3f, 0x200500)
ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f0000000bc0))
r3 = request_key(&(0x7f0000000200)='ceph\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000300)='securitybdev\x00', 0x0)
r4 = request_key(&(0x7f0000000940)='trusted\x00', &(0x7f0000000980)={'syz', 0x2}, &(0x7f00000009c0)='eth1\x00', 0xfffffffffffffff9)
r5 = add_key(&(0x7f0000000a00)='user\x00', &(0x7f0000000a40)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000a80)={r3, r4, r5}, &(0x7f0000000ac0)=""/201, 0xc9, &(0x7f0000000d40)={&(0x7f0000000c80)={'sha384-generic\x00'}, &(0x7f0000000cc0)="5e28a61368030a4577c2bbe1846b82e60571e8e77d1bcc03747759044f8079bb194e4a50603c808d257b70e97f0e6f89c95055208399d461b941b122d7d4e3d86bb021ffcc95d95685d23c180e9f136b77fbbb7b1f0b292d", 0x58})
accept$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000880)={{0xa, 0x4e22, 0x9, @loopback, 0x400}, {0xa, 0x4e24, 0x0, @mcast2, 0x101}, 0x1, [0x6, 0x10001, 0x1, 0x8, 0xff, 0x2, 0x7f]}, 0x5c)
recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f00000002c0)=""/20, 0x14}, 0x100)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000040), 0x0, 0x20000001, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
write$binfmt_elf64(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c4600706a5ce1a2ee467d3bca22f507643a066104010000000000000200000000000040000000000000000c02000000000000a6d10000030038000200ffffffff468051e57464030000000300000000000000bc08000000000000f9ffffffffffffffff7f0000000000000600000000000000000800000000000005000000020000006f000000000000000000000000000000ea2b000000000000080000000000000003000000000000000800000000000000f8d1cf6bc8252c025b5f92a84bb4d5efd7201c0b3858f135eeae2dc7f0e87b4cb7c2ebe8e1bf26d90204e8796ae2234ab4507f89e0a927c56e06ac8486242f23306477b3ced713f3ccd7a0f1572c2cfeceaf21bfb67974157e7a4e10510b1d74ca0f796a92f62c8102c33ef139e0cf2ccd4388e8404194afc7dcb3c0580904a76736e493f5c3e2c8d91d510485793916f26e041f6b30857e8c9b55fe64259328116a71513c065b05319d42f98f000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000008f0000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ff00000000000000000000000000000000000000000000000000db0000000000000000000000000000000000000000bb4243dbcbc2188b0017487b2e533a58643fe24b175f8e919e52849e39389043525d3ddd494ae985e53468473c711971a0f1c6201ef789867a6a6a43da1331e65f4e1a7c88aea52f23a6494510e240ed0b839a8ffb1e95afe210cd60467c1192a1c88027aed995e0b380cfde5b43203edc98da95e2a230873df201f1d2c5b9afa2a163e85dd75b2733d7061889089388ca552942e1daf09ced67f63454488474926f7c2159861ed5ba97392ab124be8caa"], 0x45a)
write$binfmt_elf64(r2, &(0x7f0000001400)=ANY=[@ANYBLOB="7f454c4600250000050000000000000003003e00060000002c010000000000004000000000000000e1000000000000000500000087003800020002000700ea000200007001000000ea0a000000000000f7ffffffffffffff00000000ffffffff00000000000000000100000001000400010000000000000001000070040000000500000000000000000000000000000005000000000000000100000001000000ff0f00000000000000fcfffffffffffff423273d395b5dfe49a633eb0eb0263328129db30c89d614ca312379424593d1149401363a977a2b10bc8394762bab422771360aa38dc889b26829f721e3098b0f80c2f4ee55bcf0df04911af0a6a16e0ab5b5bb1e2227df0cb7b403be567ea3b9adef738dd4b7efbd9e56dfc0dc488a064d4ad246d477bc8fedb6c1fbcdb1469e544a6ac9afa9987b94c8d1209a41a79416931a8f43bd761418a2c47221a2a4d6bee2592cd6eab8fa3ac582965b48d68fb1dde708c9901874b0f1628c0adf0dc15872d102a327e9f073a52942892de4cc87c25e76cde841dd1e09db3f59955450018b682981af9bf3133a11fbf7915b41105bd663e6f7116777b3cb43f260d25a06d22119ca7674f7d9eeb496cccae5ea73758600072b6f0c2a040000002001cb9377fbc132be60c8b0bf6ac0a892b355685d62cb7077a1e889c359d7bfc544111c6ca232e6c6593a0b8f085567b065536d649fea6d4e202255fc1a0dedba780af208b0457ed33958cfd97c0155f59b06d997423bb3b6f3d5e01c8b74030434cacb0e508ef261aff03a72021b6011f6ff05f6070f0bcb7d75cbf1668562cd6599dcf1eac792c47370ac83b2730215d9955f6fa81f59d3209fbaf52f41f8c413432d976fe6eb3ae98661de6250e09bcf7b82d0492b349ca022abe346a443d41aa83ba7d2ed5193dda7e9c78769b1430e5a171e12e0fa1d057e1aef4b856ab0f2dabc8b207f09d78e1f83461ccac0b2558732ea70d369973971d2c6d94081f33308b1e4b27a2ce6f45838809407045aa63b07372728d2aabbb752eb506219d82564c7323f73bfc2260fd95e5e8eeca550b29adcca477de69469764858d7aa3ab8afd99e883c43dacae12ac88e7fea5a99df90755e5caf59185794ed6419a22fe36d9070ed6558b090cb871914491e2a135047b729107896b784bf87c941f7b993033898b993c83b8bcec93aed20e900921e8c8e65939b23a0f84c837a71633aad5664665e7f89839258d1477a2e8fceaa9280b9c9dc53b5ed4bd907c3948f04ac1eff961bf3040ae0faed3985bccc355506dfcd52907750828fc988e60aec5b577af9769cebc8d6e87a826826f8362c84fe7ec9e6d3cc39c1b6b6b9005eaaf0d9037fa576757018d3f60fbab576284cd7343e70a4b8143dc67e94c1090b7376eec330f5995c4b3a119646b4a953cf0669d6e52264827bbbae2c7565529a68f46f5e1a23137059867d0192caf6b22e2d74f8fbe12a139bc90a0d12b6acc0a106ba4fd2baf87c254bb540835206fc5f63dbc82581cec68813c331af00086cae971610587c4683d5f1b0dd68b8a419f581f0387cc9d1a435e329a0595d73a4489b1ea23c331ca752bfd46de13faee26e7e2e9b11dd7151883ac8112c0ba049070bcf00881cc0a37395f1a102cddda4b0b903b0233461e70254e6a75b9c29c02fce51b630d5cd58867e5f8e5b47fdb2fb53e0b9485f1079ddb39d7b3ef5d8d37be9a08714575e454274581a8ad758ba53da32d2c893e8a40de0febf31f84016558a9db7c53dec27895d69fa1a34e4b5b856f4d0974a9dd4031e28632a245b921a576f1a19f47d7ba08e9ca94a7ae46c89b379d90e0dfdcffb790586d920ea79f94af735aa51695dfe0c9c73a44b277e877b473b43f5c3a960d7c5e22678ab3f7cf46bdf23cbbd31df613827f8e23f7b2c71be25eab7dbd56f7b426b78f8e5afe72366ffcd05c29b92ad591e35a19df805a2b89b9b87a13109c19ea941e9b9f6ee1c47708870abfda2debce7eae0f356bc896a5a207f6bc3ed4186117e1ae9b861d3a9a94520a6df99fd700c6fc3b82467a1257c2040dd34b2fb30c032224e6b864900f93168e387edaeeedaebf8b7b40d4caaa97c85229e63770ced3382013fd11010d0ee46333666aaec98aacc511c92be9e55eee400c74ab4614552624ad88f5d63b6f87e85826ee7cf6f15418f9712c6d07f36a54f097d9bc48b3035ae569af4753e7831dc520fe4726d0c96d0cb7b45e5ca5002884d38ed8e8ead8d4a7da76f9bcfd848fd27345bec7dd4356ef7b11a0cd3113bd9c581e7e647eddd060553fd6e9194bc07ffc5ca9eb6e9ce36aa545ac0f6e242e381282522481668f05909a69db9c8f417ce2406fb727c11fa8ed3ec6f097fed51414f3286075c414753979f58a70d97539c1215ad15f4f24e9921c3fc4636f4fb616d5b871cbdc9cb27e00245bb2291f767d4c581387a63022c727026043c0180a848edd1c3fffff21c3fe0b11c65caca8941959536882277e3dc9e61da52527a24e2d79a497a80b33b24f1ca184d56ad13194867d7a0a424977b5f256a4643460a03007ccf2abb042c6a8f357e8c67298f4ee68fa10d82aeec9c63884f43927692db04bfa6651a630ff1e945d5c2ceb1552d0cd69830f257e5d2b500e4447f03edc78938d82871b7075be875dee546cd23ae617356f51fe8f1fb11417e63a436d7ca0ecd22fab3719ab5b4a4fa0ac2b6a44002fdddb61f7d6fe2beac291455b144cff1da4cb487c430a42cd6dee2b0752536175bdeb3abf2a393823dddf4567d7a6ac785662eb272ea9ea223e0d63a2d027fc3bfa6da9c1537a5c207c9f2495bd45ee28be938ad3dbdadee778875ba641ceb20f3fb23d57269a4e40e0baea56d0b4247f12ebb7cf6ee0e64b0d521c8636ca845287f752adfde004e37bee0451540bcabf455b43233e287e4ce36ebbf2cf0aa8325b72b90c40cc5bdf77f66b07bf5423a80409e1e95424e2d63c09e621354d87d29d28758c290f29746e00e72e1f6ee9fc93841a7a4ec7420c1d78c09f9355b41c5b6a2e94d84218428a4e4e40bcab84f0cdc9a230101146a11e1f36367b4b5f21e76b5e58c31aec27a47e7ce6c22d29c553f03d0515199b541750e92718c53542cb8c0e4202c89b5bc2a4e3cd4fd1e33ba846b2d2d1c94d2e73327b1d327fe80ff1113634e2e94769b97a1088c2f00001fd26ffbf3b4b82036e960a01efd1eecb0e4cff79c5943cb7f3390757f2ebaa20ac131cddf19065dad03237cca7406b5c30228494fe25d9d26631795f3b0a16ac6c8c27e37a75bce127c592beed29fe6137efe5ac28a2a89597db794c570055e318e92f17f36e3fcbc68c8233d2f0c433f9e11b2819ade8026682c9c966d13605ba9cfa66d91f8203260ed06d8c53912b2c25be01165ebda24e3b70c4fa4a99c56470ee400000092272d6ba4a0906d5b8df7039b82bf83378b78ce124aca8b7944fffdd65bfca51e33614282fb1738dd43c6b95f2bc5e9b24605ff3fb5a06ece40c2c4a86b93acdde534777d47c5196e7ef7d65ff45606324b402aa6b81afa463f63f96bc442cd25a033b7b6feed08de0f00bccb16c439813c6c4b1d1733bb55a6245a9180ec71a7f31631613c60af161f5ef64493b859a6c4baa9e3811250984db538169178a4f4cb4141f74e366a28b4fdeef59bb22f6f525c493912a044bd99a3b4b86b2834a40437d58d4292a22a730b6a2e5ec7bf358c2016326fff4889d5d5e1beec898a3888d0f4a450d86548a1a9b1cc1bee45e6a4e2c4e0c8d69a51d46190755bd42c1e53d4a1f80010da651d6c500a066afa9c98755acf643ff381af66742c6e091746c77e0f14f2583d6d70339ed50e9da34a0aa8820359872132179f087f16cdaf3636688927e39a857a99f911d08406b6addefa9f895f3b29812234eaf4d5a93b9363fa02a4ee9fe8676811004fabc8121f7639e9f92c0d7f796a6355e984d7a85aadc638b3b17d74fa96eb571516eb1a9fc487e918956411823e1edef555a61ba7d45931457b221bdcc8aaad58e8007497a8846278e0aed68926d3ea9fd96a89ccc89627c86da315c3eb5445bf799df613befe958390660f6c9f7ac02e3187100f18eb3bfacf9662601fc9868329b3524cb8c07850726355bd748f7c51b32e6c4341676cef6af55351e599d196d38d63bf0cd20b85f4bc79a2895b9c5c4d46090b4e1a10394f8ba7201d45"], 0xbb9)
ioctl$SG_IO(r0, 0x227a, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, &(0x7f0000000440)}, &(0x7f0000000580), &(0x7f0000000100)=""/44, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000})

[  802.863821] TSC Offset = 0xfffffe5025e0a92b
[  802.868831] EPT pointer = 0x00000001ce5b301e
13:34:13 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  802.943837] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  802.959949] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:13 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  803.006207] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x11000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  803.100836] *** Guest State ***
[  803.113356] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  803.151627] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  803.164204] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:13 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  803.192984] CR3 = 0x0000000000000000
[  803.198117] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  803.225179] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
13:34:13 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000008000a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  803.241989] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  803.242178] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  803.256959] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  803.283358] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  803.310661] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:13 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:13 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000002a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  803.357747] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  803.375553] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x392967]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  803.454122] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  803.521451] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  803.583708] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  803.607470] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  803.617860] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  803.632376] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  803.642229] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  803.662614] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  803.680050] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  803.702503] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  803.712731] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  803.722660] Interruptibility = 00000001  ActivityState = 00000000
[  803.729761] *** Host State ***
[  803.743105] RIP = 0xffffffff8120269c  RSP = 0xffff8801840e7390
[  803.749805] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  803.757279] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  803.765309] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  803.771725] CR0=0000000080050033 CR3=00000001c6980000 CR4=00000000001426f0
[  803.779831] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  803.786977] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  803.793241] *** Control State ***
[  803.797717] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  803.811965] EntryControls=0000d1ff ExitControls=002fefff
[  803.822677] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  803.839494] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  803.853977] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  803.861917]         reason=80000021 qualification=0000000000000000
[  803.868711] IDTVectoring: info=00000000 errcode=00000000
[  803.875763] TSC Offset = 0xfffffe4f8e2b83f3
[  803.880681] EPT pointer = 0x00000001bdcd501e
13:34:13 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80400, 0x108)
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @loopback}, &(0x7f00000002c0)=0xc)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000000300)={@empty, @rand_addr, <r6=>0x0}, &(0x7f0000000340)=0xc)
accept(0xffffffffffffff9c, &(0x7f0000000380)=@hci={0x1f, <r7=>0x0}, &(0x7f0000000440)=0x80)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f00000005c0)=0xe8)
accept4$packet(0xffffffffffffff9c, &(0x7f0000000b80)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000bc0)=0x14, 0x800)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000cc0)={'ifb0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_NOOP(r3, &(0x7f0000000f40)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x6d40000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000d00)={0x1c8, r4, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x1ac, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xd890}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x101}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r10}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0xd0}}}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)

13:34:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000040)={[0x7, 0xd6, 0x1, 0x1, 0x101, 0x0, 0x6, 0x1, 0x4, 0x8, 0xfffffffffffffff8, 0x5094b74c, 0x0, 0x1, 0x4, 0x8], 0x1000, 0x80000})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000380)="0f070f20616426660fe855090f350f22e4c4e205a622f20f5a2666baf80cb8ccae358eef66bafc0cb872000000efb805000000b9000000000f01d9b9800000c00f3235000800000f30", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:34:13 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  804.001863] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  804.010732] Unknown ioctl 1083223682
[  804.038891] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  804.080235] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  804.120640] *** Guest State ***
[  804.124187] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  804.145933] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  804.155185] Unknown ioctl 1083223682
[  804.161848] CR3 = 0x0000000000000000
[  804.183194] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  804.204858] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  804.216892] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  804.246093] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  804.269589] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.290690] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.313654] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.322080] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.332969] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.344812] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  804.353994] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  804.362336] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  804.370580] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  804.379799] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  804.389973] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  804.397839] Interruptibility = 00000001  ActivityState = 00000000
[  804.404220] *** Host State ***
[  804.407691] RIP = 0xffffffff8120269c  RSP = 0xffff88018230f390
[  804.413836] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  804.424056] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  804.432140] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  804.438242] CR0=0000000080050033 CR3=00000001c172a000 CR4=00000000001426e0
[  804.445418] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  804.452425] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  804.458684] *** Control State ***
[  804.462298] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  804.469342] EntryControls=0000d1ff ExitControls=002fefff
[  804.478836] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  804.486010] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  804.492833] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  804.499617]         reason=80000021 qualification=0000000000000000
[  804.511280] IDTVectoring: info=00000000 errcode=00000000
[  804.523540] TSC Offset = 0xfffffe4efd3d3a00
[  804.528126] EPT pointer = 0x000000017f25001e
[  804.542952] *** Guest State ***
13:34:14 executing program 5:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r0=>0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(r0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:14 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:14 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:14 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = add_key(&(0x7f0000000280)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)="aefc3acc7a1832feeec3a9f9751972399cd43ab9f2ede8433a1074d90d00c5856a9b9bebcb8b909d6f13f0e861ad0760a77aed35ca7349eda85405273d8aa5edc377a2c4012d37ea2dae86ec5bff939fed1ce3b64202c603edabb63723812b5837f0041463ee3841fd2ac3bcc81a43d08a693aa55e54b3a14626c47247159f73b729806e4773907c20107f71d28ce9c195918700f572bb76d8e712630c62293a49efc4d96dc9a4e7a74f6f1e279526396116c2e2b25f1456b44e35c47d6f20039002c5bb11f980422f2e67406c1e1521bab4d92730f1414a", 0xd8, 0xfffffffffffffffc)
add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)="3781cb9745979d", 0x7, r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:14 executing program 0:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r0=>0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(r0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  804.549907] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  804.559046] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  804.568484] CR3 = 0x0000000000000000
[  804.572196] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  804.578260] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  804.584251] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  804.591010] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  804.626174] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.650982] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.658230] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:14 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:14 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = add_key(&(0x7f0000000280)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)="aefc3acc7a1832feeec3a9f9751972399cd43ab9f2ede8433a1074d90d00c5856a9b9bebcb8b909d6f13f0e861ad0760a77aed35ca7349eda85405273d8aa5edc377a2c4012d37ea2dae86ec5bff939fed1ce3b64202c603edabb63723812b5837f0041463ee3841fd2ac3bcc81a43d08a693aa55e54b3a14626c47247159f73b729806e4773907c20107f71d28ce9c195918700f572bb76d8e712630c62293a49efc4d96dc9a4e7a74f6f1e279526396116c2e2b25f1456b44e35c47d6f20039002c5bb11f980422f2e67406c1e1521bab4d92730f1414a", 0xd8, 0xfffffffffffffffc)
add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)="3781cb9745979d", 0x7, r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  804.671328] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  804.693564] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.708308] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.719577] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  804.731478] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  804.739759] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  804.748023] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:34:14 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  804.770232] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  804.784644] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  804.817027] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  804.846290] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  804.871278] Interruptibility = 00000001  ActivityState = 00000000
[  804.900244] *** Host State ***
[  804.930857] RIP = 0xffffffff8120269c  RSP = 0xffff88018230f390
[  804.948213] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  804.957038] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  804.968511] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  804.975533] CR0=0000000080050033 CR3=00000001c172a000 CR4=00000000001426e0
[  804.982956] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  804.990337] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  804.996505] *** Control State ***
[  804.999974] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  805.006721] EntryControls=0000d1ff ExitControls=002fefff
[  805.012862] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  805.020431] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
13:34:15 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$inet(0x2, 0xa, 0x40)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='maps\x00')
r4 = syz_open_dev$amidi(&(0x7f0000000300)='/dev/amidi#\x00', 0x400, 0x400000)
fanotify_mark(r3, 0xa, 0x0, r4, &(0x7f0000000340)='./file0\x00')
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer2\x00', 0x8000, 0x0)
ioctl$sock_SIOCGIFBR(r5, 0x8940, &(0x7f0000000280)=@get={0x1, &(0x7f0000000200)=""/93, 0xfffffffffffffff7})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r5, 0x40bc5311, &(0x7f0000000140)={0x100, 0x2, 'client0\x00', 0x6, "6d9184ab43053b52", "1a8d513e7752c7c1e4f1e0d555c6a83b7fbdce881ddc4ff7765f3ae8e7270f37", 0x0, 0xbf})

13:34:15 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff00]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:15 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000a00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:15 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = add_key(&(0x7f0000000280)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)="aefc3acc7a1832feeec3a9f9751972399cd43ab9f2ede8433a1074d90d00c5856a9b9bebcb8b909d6f13f0e861ad0760a77aed35ca7349eda85405273d8aa5edc377a2c4012d37ea2dae86ec5bff939fed1ce3b64202c603edabb63723812b5837f0041463ee3841fd2ac3bcc81a43d08a693aa55e54b3a14626c47247159f73b729806e4773907c20107f71d28ce9c195918700f572bb76d8e712630c62293a49efc4d96dc9a4e7a74f6f1e279526396116c2e2b25f1456b44e35c47d6f20039002c5bb11f980422f2e67406c1e1521bab4d92730f1414a", 0xd8, 0xfffffffffffffffc)
add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)="3781cb9745979d", 0x7, r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  805.027197] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  805.034591]         reason=80000021 qualification=0000000000000000
[  805.041985] IDTVectoring: info=00000000 errcode=00000000
[  805.047862] TSC Offset = 0xfffffe4efd3d3a00
[  805.052838] EPT pointer = 0x000000017f25001e
13:34:15 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:15 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = add_key(&(0x7f0000000280)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)="aefc3acc7a1832feeec3a9f9751972399cd43ab9f2ede8433a1074d90d00c5856a9b9bebcb8b909d6f13f0e861ad0760a77aed35ca7349eda85405273d8aa5edc377a2c4012d37ea2dae86ec5bff939fed1ce3b64202c603edabb63723812b5837f0041463ee3841fd2ac3bcc81a43d08a693aa55e54b3a14626c47247159f73b729806e4773907c20107f71d28ce9c195918700f572bb76d8e712630c62293a49efc4d96dc9a4e7a74f6f1e279526396116c2e2b25f1456b44e35c47d6f20039002c5bb11f980422f2e67406c1e1521bab4d92730f1414a", 0xd8, 0xfffffffffffffffc)
add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000240)="3781cb9745979d", 0x7, r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  805.141911] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  805.170490] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:15 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  805.261235] *** Guest State ***
[  805.264837] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:15 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xf5ffffff00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  805.309383] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  805.328298] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  805.335224] CR3 = 0x0000000000000000
[  805.341347] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  805.352276] RFLAGS=0x00000002         DR7 = 0x0000000000000400
13:34:15 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
add_key(&(0x7f0000000280)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)="aefc3acc7a1832feeec3a9f9751972399cd43ab9f2ede8433a1074d90d00c5856a9b9bebcb8b909d6f13f0e861ad0760a77aed35ca7349eda85405273d8aa5edc377a2c4012d37ea2dae86ec5bff939fed1ce3b64202c603edabb63723812b5837f0041463ee3841fd2ac3bcc81a43d08a693aa55e54b3a14626c47247159f73b729806e4773907c20107f71d28ce9c195918700f572bb76d8e712630c62293a49efc4d96dc9a4e7a74f6f1e279526396116c2e2b25f1456b44e35c47d6f20039002c5bb11f980422f2e67406c1e1521bab4d92730f1414a", 0xd8, 0xfffffffffffffffc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:15 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000008000a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  805.367292] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  805.397264] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  805.430229] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.443713] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  805.451424] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.475436] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.495638] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.514204] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:15 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  805.529945] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  805.546663] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  805.568573] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  805.606944] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  805.634913] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  805.646588] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  805.654061] Interruptibility = 00000001  ActivityState = 00000000
[  805.696758] *** Host State ***
[  805.702347] RIP = 0xffffffff8120269c  RSP = 0xffff880187407390
[  805.717011] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  805.730014] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  805.748298] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  805.755192] CR0=0000000080050033 CR3=00000001c10aa000 CR4=00000000001426e0
[  805.767638] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  805.774604] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  805.780931] *** Control State ***
[  805.784609] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  805.791545] EntryControls=0000d1ff ExitControls=002fefff
[  805.798239] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  805.805475] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  805.812423] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  805.819261]         reason=80000021 qualification=0000000000000000
[  805.825842] IDTVectoring: info=00000000 errcode=00000000
[  805.831508] TSC Offset = 0xfffffe4e63dbf007
[  805.836125] EPT pointer = 0x00000001b752201e
[  805.850344] *** Guest State ***
[  805.854677] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  805.863806] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  805.872962] CR3 = 0x0000000000000000
[  805.876934] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  805.883132] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  805.889377] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  805.896307] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  805.904829] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.916608] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.924603] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.954302] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.976038] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  805.986163] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:34:16 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  806.009527] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  806.036438] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  806.069668] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  806.085849] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  806.092277] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  806.116890] Interruptibility = 00000001  ActivityState = 00000000
[  806.123144] *** Host State ***
[  806.138012] RIP = 0xffffffff8120269c  RSP = 0xffff880187407390
[  806.146448] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  806.152881] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  806.167541] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  806.173457] CR0=0000000080050033 CR3=00000001c10aa000 CR4=00000000001426e0
[  806.203698] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  806.210800] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  806.217267] *** Control State ***
[  806.220741] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  806.236307] EntryControls=0000d1ff ExitControls=002fefff
[  806.244549] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  806.254279] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  806.282974] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  806.295886]         reason=80000021 qualification=0000000000000000
[  806.302244] IDTVectoring: info=00000000 errcode=00000000
[  806.319653] TSC Offset = 0xfffffe4e63dbf007
[  806.324191] EPT pointer = 0x00000001b752201e
13:34:16 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
dup3(r0, r0, 0x80000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:16 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

13:34:16 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:16 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  806.449434] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:16 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

13:34:16 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8001a0]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  806.547987] *** Guest State ***
[  806.551434] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  806.587129] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  806.625236] CR3 = 0x0000000000000000
[  806.641506] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  806.664710] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  806.679453] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  806.692109] IPVS: ftp: loaded support on port[0] = 21
[  806.697008] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:16 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

[  806.725275] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  806.757699] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  806.788063] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:16 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x600]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  806.809792] device bridge_slave_1 left promiscuous mode
[  806.815317] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.828488] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  806.848340] device bridge_slave_0 left promiscuous mode
[  806.850279] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  806.872580] bridge0: port 1(bridge_slave_0) entered disabled state
[  806.877049] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  806.906395] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  806.954604] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  806.980719] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  807.004501] team0 (unregistering): Port device team_slave_1 removed
[  807.011315] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  807.029025] team0 (unregistering): Port device team_slave_0 removed
[  807.039296] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  807.046028] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  807.053733] Interruptibility = 00000001  ActivityState = 00000000
[  807.060295] *** Host State ***
[  807.063730] RIP = 0xffffffff8120269c  RSP = 0xffff88017f77f390
[  807.070031] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  807.080628] bond0 (unregistering): Releasing backup interface bond_slave_1
[  807.086323] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
13:34:17 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x0, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  807.101299] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  807.114171] CR0=0000000080050033 CR3=00000001892f3000 CR4=00000000001426f0
[  807.129869] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  807.145045] bond0 (unregistering): Releasing backup interface bond_slave_0
[  807.145776] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  807.174949] *** Control State ***
[  807.183526] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  807.200050] EntryControls=0000d1ff ExitControls=002fefff
[  807.213745] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  807.231548] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  807.252684] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  807.271021]         reason=80000021 qualification=0000000000000000
[  807.288312] bond0 (unregistering): Released all slaves
[  807.296569] IDTVectoring: info=00000000 errcode=00000000
[  807.316665] TSC Offset = 0xfffffe4db379df62
[  807.328022] EPT pointer = 0x00000001b7c7f01e
13:34:17 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

13:34:17 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000088000000020000000000000000000000395300000000000000000000000000008e0500000000000007000000080000000400000007000000000000000000000018ffffff05000000000000000000000000000000000000000000000000000000b32900000400000000000000000000000001000040000000006600000000000000000000000000000000d20000000000009e0b0000040000000000000000000000040000000400000000000000000000000000000000fb09836313f591840000000053163671c00afa7a2b0410000006000000000000000000000001000000d80000000010000000000000040000000000"])
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000140)=""/131)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

[  807.670676] *** Guest State ***
[  807.684357] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

[  807.717348] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  807.756872] CR3 = 0x0000000000000000
[  807.778344] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  807.826000] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  807.832182] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  807.866377] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  807.896851] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  807.916039] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  807.989836] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  808.040542] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  808.069939] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  808.078334] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  808.088742] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  808.098265] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  808.106956] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  808.131419] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  808.166588] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  808.174064] Interruptibility = 00000001  ActivityState = 00000000
[  808.225857] *** Host State ***
[  808.229151] RIP = 0xffffffff8120269c  RSP = 0xffff8801be25f390
[  808.235187] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  808.255986] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  808.286505] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  808.293511] CR0=0000000080050033 CR3=000000018344b000 CR4=00000000001426f0
[  808.316073] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  808.329810] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  808.345131] *** Control State ***
[  808.349070] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  808.368082] EntryControls=0000d1ff ExitControls=002fefff
[  808.383858] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  808.402923] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  808.454556] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  808.473568]         reason=80000021 qualification=0000000000000000
[  808.480331] IDTVectoring: info=00000000 errcode=00000000
[  808.495738] TSC Offset = 0xfffffe4d1db37ee8
[  808.510627] EPT pointer = 0x00000001c580001e
[  808.993648] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.000209] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.008124] device bridge_slave_0 entered promiscuous mode
[  809.057677] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.064150] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.072003] device bridge_slave_1 entered promiscuous mode
[  809.120152] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  809.168219] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  809.317678] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  809.364614] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  809.586465] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  809.593644] team0: Port device team_slave_0 added
[  809.622188] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  809.629643] team0: Port device team_slave_1 added
[  809.656848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  809.687520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  809.718237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  809.748555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  810.022145] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.028537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  810.035118] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.041525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  810.049068] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  810.767526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  811.037259] 8021q: adding VLAN 0 to HW filter on device bond0
[  811.133060] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  811.225101] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  811.231295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  811.239371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  811.328459] 8021q: adding VLAN 0 to HW filter on device team0
13:34:21 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:21 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1900]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:21 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

13:34:21 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x0, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:21 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:21 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  811.878283] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  811.914974] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:21 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

13:34:22 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  811.981165] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  811.992741] *** Guest State ***
[  811.999020] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.006184] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:22 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000002a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  812.034330] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  812.056001] CR3 = 0x0000000000000000
[  812.065628] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
13:34:22 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x10]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  812.086044] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  812.103835] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  812.116321] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.122890] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:22 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:22 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

[  812.136485] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.144818] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.153564] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.190766] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.209651] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.219622] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  812.228535] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:22 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  812.230213] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  812.245431] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  812.254180] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  812.268081] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.276879] EFER =     0x0000000000000000  PAT = 0x0007040600070406
13:34:22 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:22 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x18]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  812.294274] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  812.318797] Interruptibility = 00000001  ActivityState = 00000000
[  812.336439] *** Host State ***
[  812.348248] RIP = 0xffffffff8120269c  RSP = 0xffff88017fab7390
[  812.361477] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.372794] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:34:22 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  812.397838] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.397932] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  812.448931] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  812.460641] CR0=0000000080050033 CR3=00000001c28fc000 CR4=00000000001426e0
[  812.469717] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  812.476982] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  812.479111] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  812.483310] *** Control State ***
[  812.495486] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  812.503147] EntryControls=0000d1ff ExitControls=002fefff
[  812.509268] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  812.516798] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  812.523767] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  812.531215]         reason=80000021 qualification=0000000000000000
[  812.538152] IDTVectoring: info=00000000 errcode=00000000
[  812.544181] TSC Offset = 0xfffffe4ac907208c
[  812.550978] EPT pointer = 0x000000018e00901e
[  812.571816] *** Guest State ***
[  812.577682] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  812.603897] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  812.634354] CR3 = 0x0000000000000000
[  812.652686] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  812.666759] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  812.680736] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  812.695486] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  812.713783] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.733271] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.741677] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.749829] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.758007] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  812.766548] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  812.774646] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  812.782823] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  812.791473] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  812.799647] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  812.806241] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  812.813805] Interruptibility = 00000001  ActivityState = 00000000
[  812.820236] *** Host State ***
[  812.823547] RIP = 0xffffffff8120269c  RSP = 0xffff880184ee7390
[  812.829958] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  812.838232] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  812.846498] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  812.852532] CR0=0000000080050033 CR3=00000001c28fc000 CR4=00000000001426f0
[  812.859755] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  812.867394] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  812.873628] *** Control State ***
[  812.881789] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  812.892744] EntryControls=0000d1ff ExitControls=002fefff
[  812.900336] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  812.912162] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  812.924324] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:34:23 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x7]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:23 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xb9, 0x2)
ioctl$TIOCCONS(r3, 0x541d)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  812.936086]         reason=80000021 qualification=0000000000000000
[  812.942441] IDTVectoring: info=00000000 errcode=00000000
[  812.954812] TSC Offset = 0xfffffe4ac907208c
[  812.962763] EPT pointer = 0x000000018e00901e
[  813.135141] *** Guest State ***
[  813.138729] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  813.147957] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  813.160752] CR3 = 0x0000000000000000
[  813.164597] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  813.171277] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  813.177672] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  813.184543] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  813.192924] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.201489] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.209548] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.217610] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.225579] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.233623] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  813.241688] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  813.249751] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  813.257822] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  813.265871] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  813.272294] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:34:23 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:23 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000ffffffffa00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:23 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200))
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:23 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:23 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  813.279882] Interruptibility = 00000001  ActivityState = 00000000
[  813.286188] *** Host State ***
[  813.289426] RIP = 0xffffffff8120269c  RSP = 0xffff8801b9ec7390
[  813.311318] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  813.339165] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  813.356056] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  813.379056] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:23 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xb8ff000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:23 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:23 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000ffffffffa0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  813.387285] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  813.402607] CR0=0000000080050033 CR3=00000001bfeec000 CR4=00000000001426f0
[  813.425911] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
13:34:23 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

[  813.455514] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  813.462635] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  813.476218] *** Control State ***
[  813.481136] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:23 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  813.526026] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  813.534390] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
13:34:23 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  813.567249] EntryControls=0000d1ff ExitControls=002fefff
[  813.582928] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  813.607189] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  813.608467] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  813.616598] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  813.646170] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  813.657809]         reason=80000021 qualification=0000000000000000
[  813.675055] IDTVectoring: info=00000000 errcode=00000000
[  813.690184] TSC Offset = 0xfffffe4a2a92521d
[  813.700692] EPT pointer = 0x0000000189a1401e
13:34:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  813.821866] *** Guest State ***
[  813.825314] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  813.834627] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  813.843904] CR3 = 0x0000000000000000
[  813.848225] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  813.854319] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  813.860794] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  813.868962] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  813.877396] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.885567] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.894494] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.902902] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.911364] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  813.919851] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  813.928298] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  813.936772] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  813.944923] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  813.953476] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  813.960343] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  813.968585] Interruptibility = 00000001  ActivityState = 00000000
[  813.974980] *** Host State ***
[  813.978779] RIP = 0xffffffff8120269c  RSP = 0xffff8801b9ec7390
[  813.984933] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  813.991820] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  814.001053] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  814.007445] CR0=0000000080050033 CR3=00000001bfeec000 CR4=00000000001426e0
[  814.014636] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  814.021804] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  814.028309] *** Control State ***
[  814.031927] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  814.039064] EntryControls=0000d1ff ExitControls=002fefff
[  814.044680] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  814.052385] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  814.067072] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  814.073928]         reason=80000021 qualification=0000000000000000
[  814.084140] IDTVectoring: info=00000000 errcode=00000000
[  814.090211] TSC Offset = 0xfffffe49ca7a6920
[  814.094837] EPT pointer = 0x0000000188dbf01e
[  814.109309] *** Guest State ***
[  814.112661] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  814.112679] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  814.112688] CR3 = 0x0000000000000000
[  814.112699] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  814.112715] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  814.130814] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  814.153175] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  814.161216] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  814.169301] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  814.177367] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  814.185379] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  814.193590] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  814.201651] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  814.210041] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  814.218176] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  814.226308] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  814.234297] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  814.240806] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  814.248454] Interruptibility = 00000001  ActivityState = 00000000
[  814.254693] *** Host State ***
[  814.257997] RIP = 0xffffffff8120269c  RSP = 0xffff88017fab7390
[  814.264004] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  814.270595] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  814.278529] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  814.284445] CR0=0000000080050033 CR3=00000001bfeec000 CR4=00000000001426f0
[  814.291596] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  814.298323] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  814.304381] *** Control State ***
[  814.307990] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  814.314663] EntryControls=0000d1ff ExitControls=002fefff
13:34:24 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200))
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x48204)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:24 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfc00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:24 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:24 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:24 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

13:34:24 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$intptr(0xb, 0xffffffff)
r1 = inotify_init1(0x80000)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f000045fff8)={0x0, <r2=>0x0})
ptrace$setopts(0x4206, r2, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/zero\x00', 0x1, 0x0)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000001400)=""/27)
ptrace$setregs(0x8, r2, 0x0, &(0x7f0000000140))
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000c00)={0x20}, 0x20)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x2000000, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0x7fffffff, 0x80000001})
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  814.320181] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  814.327189] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  814.333846] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  814.340524]         reason=80000021 qualification=0000000000000000
[  814.346935] IDTVectoring: info=00000000 errcode=00000000
[  814.352384] TSC Offset = 0xfffffe49ca7a6920
[  814.356798] EPT pointer = 0x0000000188dbf01e
[  814.420531] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  814.444380] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:24 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  814.488080] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:24 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

13:34:24 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x300]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:24 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

13:34:24 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

[  814.607812] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  814.644189] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  814.671307] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:24 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:24 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

13:34:24 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:24 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000001a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  814.750602] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  814.761024] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:24 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xf401000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:24 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

13:34:24 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:24 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f0000000080)}, 0x10)

[  814.852615] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:24 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  814.914013] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  814.956568] *** Guest State ***
[  814.959997] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  814.981490] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  815.008846] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  815.014719] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.029820] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.033121] CR3 = 0x0000000000000000
13:34:25 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:25 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  815.057122] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  815.063439] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  815.074666] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  815.090976] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:25 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x0, &(0x7f0000000540))

13:34:25 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  815.108482] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  815.126001] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:25 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x800000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  815.179339] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  815.206327] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  815.222504] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.243199] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  815.263168] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.277705] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  815.305581] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  815.307141] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  815.327003] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  815.344361] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  815.356007] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  815.372387] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  815.403334] Interruptibility = 00000001  ActivityState = 00000000
[  815.441840] *** Host State ***
[  815.445434] RIP = 0xffffffff8120269c  RSP = 0xffff880180f6f390
[  815.460775] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  815.487791] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  815.508098] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  815.526053] CR0=0000000080050033 CR3=00000001bed81000 CR4=00000000001426e0
[  815.533183] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  815.540733] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  815.547075] *** Control State ***
[  815.550629] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
13:34:25 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x10002, 0xffffffffffffffc1, 0x590b, 0x6, 0x0, [{0x7f, 0x3ff}, {0x8, 0xc9, 0x2}, {0x3, 0x8f0, 0x0, [], 0x85}, {0x8, 0x6, 0x6bd, [], 0x4}, {0x3ff, 0x5, 0x7c, [], 0x8000}, {0xffffffff00000000, 0x4, 0x6}, {0x2, 0x20, 0x9, [], 0xfffffffffffffff8}, {0x5, 0x1, 0x7, [], 0x2}, {0x800, 0x401, 0x100, [], 0x20}, {0x10000, 0x9, 0x0, [], 0xfffffffffffffffe}, {0x9, 0x3, 0x3, [], 0xfffffffffffffe8e}, {0x5, 0x81, 0x3ff, [], 0x2}, {0x0, 0x8, 0xffffffff, [], 0x2}, {0x5, 0xfff, 0x0, [], 0xfffffffeffffffff}, {0x6ad, 0x80000000, 0x8, [], 0x2}, {0x5, 0x8, 0x9, [], 0x1}, {0x8001, 0xfffffffffffffc01, 0x3533d5e5, [], 0x9}, {0x120, 0x4, 0x75, [], 0x4}, {0x0, 0x0, 0x1ff, [], 0x9}, {0x1ff, 0x9, 0x0, [], 0x2}, {0x0, 0x228240bf, 0x3, [], 0x1}, {0x20, 0x2, 0x9, [], 0x400}, {0xfffffffffffffff9, 0x7, 0x9, [], 0x7}, {0x9, 0xc4044ec, 0x3ff, [], 0x3}]}})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:25 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:25 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:25 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:25 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffffffff00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:25 executing program 0 (fault-call:5 fault-nth:0):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  815.557609] EntryControls=0000d1ff ExitControls=002fefff
[  815.563170] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  815.570711] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  815.577674] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  815.584363]         reason=80000021 qualification=0000000000000000
[  815.591040] IDTVectoring: info=00000000 errcode=00000000
[  815.596789] TSC Offset = 0xfffffe4939c6a8c3
[  815.601216] EPT pointer = 0x00000001bb89801e
[  815.683960] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.696790] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  815.713609] FAULT_INJECTION: forcing a failure.
[  815.713609] name failslab, interval 1, probability 0, space 0, times 0
[  815.724188] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  815.735933] CPU: 0 PID: 10700 Comm: syz-executor0 Not tainted 4.19.0-rc8-next-20181018+ #97
[  815.744788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  815.754141] Call Trace:
[  815.756747]  dump_stack+0x244/0x39d
[  815.760391]  ? dump_stack_print_info.cold.1+0x20/0x20
[  815.765605]  ? kasan_check_read+0x11/0x20
[  815.769770]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  815.775061]  should_fail.cold.4+0xa/0x17
[  815.779139]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  815.784253]  ? __lock_acquire+0x62f/0x4c20
[  815.788491]  ? up_read+0x225/0x2c0
[  815.792049]  ? zap_class+0x640/0x640
[  815.795777]  ? mark_held_locks+0x130/0x130
[  815.800028]  ? find_held_lock+0x36/0x1c0
[  815.804130]  ? perf_trace_sched_process_exec+0x860/0x860
[  815.809585]  ? lock_release+0xa10/0xa10
[  815.813571]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  815.819125]  __should_failslab+0x124/0x180
[  815.823371]  should_failslab+0x9/0x14
[  815.827186]  kmem_cache_alloc+0x2be/0x730
[  815.831344]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  815.836889]  ? _copy_from_user+0xdf/0x150
[  815.841054]  io_submit_one+0x1a2/0xf80
[  815.844951]  ? aio_poll+0x1420/0x1420
[  815.848770]  ? __might_fault+0x12b/0x1e0
[  815.852838]  ? lock_downgrade+0x900/0x900
[  815.857001]  ? lock_release+0xa10/0xa10
[  815.860978]  ? perf_trace_sched_process_exec+0x860/0x860
[  815.866447]  ? __lock_is_held+0xb5/0x140
[  815.870542]  __x64_sys_io_submit+0x1b7/0x580
[  815.874962]  ? __ia32_sys_io_destroy+0x580/0x580
[  815.879730]  ? trace_hardirqs_on+0xbd/0x310
[  815.884056]  ? __ia32_sys_read+0xb0/0xb0
[  815.888124]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  815.893495]  ? trace_hardirqs_off_caller+0x300/0x300
[  815.898619]  do_syscall_64+0x1b9/0x820
[  815.902511]  ? __ia32_sys_io_destroy+0x580/0x580
[  815.907269]  ? do_syscall_64+0x1b9/0x820
[  815.911330]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  815.916710]  ? syscall_return_slowpath+0x5e0/0x5e0
[  815.921643]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  815.926498]  ? trace_hardirqs_on_caller+0x310/0x310
[  815.931519]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  815.936541]  ? prepare_exit_to_usermode+0x291/0x3b0
[  815.941571]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  815.946439]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  815.951635] RIP: 0033:0x457569
[  815.954835] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  815.973735] RSP: 002b:00007fa378de3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
13:34:26 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:26 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  815.981444] RAX: ffffffffffffffda RBX: 00007fa378de3c90 RCX: 0000000000457569
[  815.988713] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007fa378dc3000
[  815.995984] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  816.003249] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa378de46d4
[  816.010527] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
13:34:26 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000a00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:26 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  816.091654] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:26 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
syz_read_part_table(0x2, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="f9ac698e40a616b751797a08084d4ee36b02f7e02c5f436dfddb0c7728f4d30de9caa6df9149c2409c821c57ee7a9f3eebce87ce2547573ea764c791120004b775d14ceff77da32fdadccfb373b8e6266ba67b677f45abf0f6a489d0199eefb246c019a029508085e99a3bc41b68fb10f526cfa8b9bda08f573a8000b44a474b1a49730de7b62d254a6c8a756b3c4eb80d59e8a1483036d0ca06c19b60c21e1d7666539055d465c576d0fd4fd9d7e2509ea30ebd759989a77c1efe7a113f1dd90e29b9907361818d8a7b", 0xca, 0x10001}])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mixer\x00', 0x28080, 0x0)
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000280)=0xc99)

13:34:26 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x19000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:26 executing program 0 (fault-call:5 fault-nth:1):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:26 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  816.190274] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:26 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  816.258101] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  816.314426] FAULT_INJECTION: forcing a failure.
[  816.314426] name failslab, interval 1, probability 0, space 0, times 0
[  816.335237] *** Guest State ***
[  816.338986] CPU: 1 PID: 10734 Comm: syz-executor0 Not tainted 4.19.0-rc8-next-20181018+ #97
[  816.347490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  816.356849] Call Trace:
[  816.359463]  dump_stack+0x244/0x39d
13:34:26 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:26 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  816.363132]  ? dump_stack_print_info.cold.1+0x20/0x20
[  816.368342]  ? update_load_avg+0x2470/0x2470
[  816.372794]  should_fail.cold.4+0xa/0x17
[  816.376876]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  816.381983] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  816.389803]  ? pick_next_task_fair+0xa35/0x1c90
[  816.394504]  ? zap_class+0x640/0x640
[  816.398231]  ? zap_class+0x640/0x640
[  816.401966]  ? find_held_lock+0x36/0x1c0
[  816.406051]  ? __lock_is_held+0xb5/0x140
[  816.410163]  ? mark_held_locks+0xc7/0x130
[  816.414329]  ? perf_trace_sched_process_exec+0x860/0x860
[  816.419801]  ? rb_erase_cached+0xc78/0x3720
[  816.424144]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  816.429731]  __should_failslab+0x124/0x180
[  816.433993]  should_failslab+0x9/0x14
[  816.437808]  kmem_cache_alloc+0x2be/0x730
[  816.441981]  ? print_usage_bug+0xc0/0xc0
[  816.446130]  do_blockdev_direct_IO+0x719/0xefa0
[  816.450823]  ? print_usage_bug+0xc0/0xc0
[  816.454897]  ? activate_page+0x1040/0x1040
[  816.459163]  ? __lock_acquire+0x62f/0x4c20
13:34:26 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  816.463422]  ? lock_unpin_lock+0x4a0/0x4a0
[  816.467693]  ? write_end_fn+0xf0/0xf0
[  816.471507]  ? ext4_get_block_trans+0x2e0/0x2e0
[  816.476195]  ? sb_init_dio_done_wq+0x90/0x90
[  816.480616]  ? mark_held_locks+0x130/0x130
[  816.484863]  ? zap_class+0x640/0x640
[  816.488595]  ? zap_class+0x640/0x640
[  816.492344]  ? print_usage_bug+0xc0/0xc0
[  816.496454]  ? lock_downgrade+0x900/0x900
[  816.500629]  ? __lock_acquire+0x62f/0x4c20
[  816.504893]  ? print_usage_bug+0xc0/0xc0
[  816.508991]  ? print_usage_bug+0xc0/0xc0
[  816.513091]  ? zap_class+0x640/0x640
[  816.516827]  ? mark_held_locks+0x130/0x130
[  816.521085]  ? find_held_lock+0x36/0x1c0
[  816.525169]  ? __unlock_page_memcg+0x53/0x100
[  816.529693]  ? lock_downgrade+0x900/0x900
[  816.533857]  ? check_preemption_disabled+0x48/0x280
[  816.538924]  ? print_usage_bug+0xc0/0xc0
[  816.542997]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  816.548303]  ? kasan_check_read+0x11/0x20
[  816.552466]  ? rcu_softirq_qs+0x20/0x20
[  816.556458]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
13:34:26 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  816.562038]  ? __unlock_page_memcg+0x70/0x100
[  816.566555]  ? __lock_acquire+0x62f/0x4c20
[  816.570801]  ? page_add_new_anon_rmap+0xb70/0xb70
[  816.575657]  ? lock_unpin_lock+0x4a0/0x4a0
[  816.579910]  ? mark_held_locks+0x130/0x130
[  816.584164]  ? print_usage_bug+0xc0/0xc0
[  816.588239]  ? __lock_acquire+0x62f/0x4c20
[  816.592486]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  816.597453]  ? kasan_check_read+0x11/0x20
[  816.601623]  ? mark_held_locks+0x130/0x130
[  816.605870]  ? print_usage_bug+0xc0/0xc0
[  816.609956]  ? zap_class+0x640/0x640
[  816.613690]  ? lock_acquire+0x1ed/0x520
[  816.617677]  ? alloc_set_pte+0x1447/0x1f40
[  816.621946]  ? kasan_check_read+0x11/0x20
[  816.626112]  ? do_raw_spin_lock+0x14f/0x350
[  816.630452]  ? rwlock_bug.part.2+0x90/0x90
[  816.634701]  ? print_usage_bug+0xc0/0xc0
[  816.638781]  ? print_usage_bug+0xc0/0xc0
[  816.642861]  ? alloc_set_pte+0xdee/0x1f40
[  816.647021]  ? zap_class+0x640/0x640
[  816.650754]  ? __lock_acquire+0x62f/0x4c20
[  816.655003]  ? reacquire_held_locks+0x137/0x510
[  816.659691]  ? __lock_acquire+0x62f/0x4c20
[  816.663945]  ? print_usage_bug+0xc0/0xc0
[  816.668035]  ? mark_held_locks+0x130/0x130
[  816.672282]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  816.677241]  ? __lock_acquire+0x62f/0x4c20
[  816.681487]  ? print_usage_bug+0xc0/0xc0
[  816.685580]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  816.691129]  ? invalidate_inode_pages2_range+0x15ef/0x1cb0
[  816.696773]  ? zap_class+0x640/0x640
[  816.700495]  ? zap_class+0x640/0x640
[  816.704220]  ? __lock_acquire+0x62f/0x4c20
[  816.708469]  ? pagecache_isize_extended+0x440/0x440
[  816.713494]  ? zap_class+0x640/0x640
[  816.717217]  ? print_usage_bug+0xc0/0xc0
[  816.721296]  ? zap_class+0x640/0x640
[  816.725025]  ? __lock_is_held+0xb5/0x140
[  816.729098]  ? find_held_lock+0x36/0x1c0
[  816.733184]  ? find_held_lock+0x36/0x1c0
[  816.737268]  ? ext4_direct_IO+0x134d/0x2210
[  816.741604]  ? lock_downgrade+0x900/0x900
[  816.745768]  ? lock_release+0xa10/0xa10
[  816.749754]  ? perf_trace_sched_process_exec+0x860/0x860
[  816.755225]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  816.760774]  ? ext4_journal_check_start+0x18e/0x220
[  816.765821]  ? up_write+0x7b/0x220
[  816.769381]  ? ext4_get_block_trans+0x2e0/0x2e0
[  816.774074]  __blockdev_direct_IO+0x9d/0xc6
[  816.778419]  ? write_end_fn+0xf0/0xf0
[  816.782235]  ? ext4_get_block_trans+0x2e0/0x2e0
[  816.787148]  ext4_direct_IO+0xadd/0x2210
[  816.791236]  ? ext4_iomap_end+0x810/0x810
[  816.795411]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  816.800961]  ? timespec64_trunc+0xea/0x180
[  816.805209]  ? inode_init_owner+0x340/0x340
[  816.809549]  ? __vfs_setxattr+0x180/0x180
[  816.813709]  ? kasan_check_read+0x11/0x20
[  816.817883]  ? current_time+0x10b/0x1b0
[  816.821885]  ? timespec64_trunc+0x180/0x180
[  816.826234]  ? security_inode_need_killpriv+0x80/0xa0
[  816.831455]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  816.837009]  ? file_update_time+0xe4/0x640
[  816.841257]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  816.847070]  ? filemap_check_errors+0xd8/0x110
[  816.851679]  generic_file_direct_write+0x275/0x4b0
[  816.856635]  __generic_file_write_iter+0x2ff/0x630
[  816.861592]  ext4_file_write_iter+0x390/0x1420
[  816.866213]  ? __fget+0x4d1/0x740
[  816.869710]  ? ext4_file_mmap+0x410/0x410
[  816.873871]  ? find_held_lock+0x36/0x1c0
[  816.877961]  ? aio_write+0x4ce/0x610
[  816.881693]  ? lock_downgrade+0x900/0x900
[  816.885854]  ? __lock_is_held+0xb5/0x140
[  816.889958]  ? rcu_read_lock_sched_held+0x14f/0x180
[  816.895508]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  816.901054]  ? __sb_start_write+0x1b2/0x370
[  816.905392]  aio_write+0x3b1/0x610
[  816.908979]  ? aio_complete_rw+0x640/0x640
[  816.913240]  ? lock_downgrade+0x900/0x900
[  816.917425]  ? kasan_check_read+0x11/0x20
[  816.921593]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  816.926903]  io_submit_one+0xaa1/0xf80
[  816.930825]  ? aio_poll+0x1420/0x1420
[  816.934654]  ? __might_fault+0x12b/0x1e0
[  816.938730]  ? lock_downgrade+0x900/0x900
[  816.942897]  ? perf_trace_sched_process_exec+0x860/0x860
[  816.948368]  ? __lock_is_held+0xb5/0x140
[  816.952485]  __x64_sys_io_submit+0x1b7/0x580
[  816.956922]  ? __ia32_sys_io_destroy+0x580/0x580
[  816.961726]  ? trace_hardirqs_on+0xbd/0x310
[  816.966061]  ? __ia32_sys_read+0xb0/0xb0
[  816.970135]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  816.975528]  ? trace_hardirqs_off_caller+0x300/0x300
[  816.980659]  do_syscall_64+0x1b9/0x820
[  816.984568]  ? __ia32_sys_io_destroy+0x580/0x580
[  816.989336]  ? do_syscall_64+0x1b9/0x820
[  816.993435]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  816.998842]  ? syscall_return_slowpath+0x5e0/0x5e0
[  817.003805]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  817.008670]  ? trace_hardirqs_on_caller+0x310/0x310
[  817.013698]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  817.018734]  ? prepare_exit_to_usermode+0x291/0x3b0
[  817.023799]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  817.028670]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  817.033872] RIP: 0033:0x457569
[  817.037081] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  817.055991] RSP: 002b:00007fa378de3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  817.063709] RAX: ffffffffffffffda RBX: 00007fa378de3c90 RCX: 0000000000457569
[  817.071012] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007fa378dc3000
[  817.078284] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  817.085561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa378de46d4
[  817.092828] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
[  817.120873] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  817.155948] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  817.164822] CR3 = 0x0000000000000000
13:34:27 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x18020000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  817.191845] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  817.206320] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  817.216072] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  817.226422] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:27 executing program 5 (fault-call:5 fault-nth:0):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:27 executing program 0 (fault-call:5 fault-nth:2):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  817.338884] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  817.360597] FAULT_INJECTION: forcing a failure.
[  817.360597] name failslab, interval 1, probability 0, space 0, times 0
[  817.373843] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  817.414132] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  817.436474] CPU: 1 PID: 10757 Comm: syz-executor5 Not tainted 4.19.0-rc8-next-20181018+ #97
[  817.444998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  817.445005] Call Trace:
[  817.445032]  dump_stack+0x244/0x39d
[  817.445061]  ? dump_stack_print_info.cold.1+0x20/0x20
[  817.461662] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  817.465816]  ? kasan_check_read+0x11/0x20
[  817.465839]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  817.465866]  should_fail.cold.4+0xa/0x17
[  817.465891]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  817.465910]  ? __lock_acquire+0x62f/0x4c20
[  817.465931]  ? up_read+0x225/0x2c0
[  817.483333]  ? zap_class+0x640/0x640
[  817.483360]  ? mark_held_locks+0x130/0x130
[  817.483381]  ? find_held_lock+0x36/0x1c0
[  817.483439]  ? perf_trace_sched_process_exec+0x860/0x860
[  817.492568]  ? lock_release+0xa10/0xa10
[  817.492589]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  817.492618]  __should_failslab+0x124/0x180
[  817.492645]  should_failslab+0x9/0x14
[  817.497413] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  817.500419]  kmem_cache_alloc+0x2be/0x730
[  817.500442]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  817.500460]  ? _copy_from_user+0xdf/0x150
[  817.500485]  io_submit_one+0x1a2/0xf80
[  817.500507]  ? aio_poll+0x1420/0x1420
[  817.500531]  ? __might_fault+0x12b/0x1e0
[  817.504395] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  817.508465]  ? lock_downgrade+0x900/0x900
[  817.508489]  ? lock_release+0xa10/0xa10
[  817.508503]  ? perf_trace_sched_process_exec+0x860/0x860
[  817.508521]  ? __lock_is_held+0xb5/0x140
[  817.508562]  __x64_sys_io_submit+0x1b7/0x580
[  817.508585]  ? __ia32_sys_io_destroy+0x580/0x580
[  817.518107]  ? trace_hardirqs_on+0xbd/0x310
[  817.518125]  ? __ia32_sys_read+0xb0/0xb0
[  817.518143]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  817.518162]  ? trace_hardirqs_off_caller+0x300/0x300
[  817.518193]  do_syscall_64+0x1b9/0x820
[  817.518214]  ? __ia32_sys_io_destroy+0x580/0x580
[  817.522862] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  817.527713]  ? do_syscall_64+0x1b9/0x820
[  817.527730]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  817.527752]  ? syscall_return_slowpath+0x5e0/0x5e0
[  817.527768]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  817.527788]  ? trace_hardirqs_on_caller+0x310/0x310
[  817.527806]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  817.527826]  ? prepare_exit_to_usermode+0x291/0x3b0
[  817.532575] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  817.535858]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  817.535884]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  817.535898] RIP: 0033:0x457569
[  817.535923] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  817.535933] RSP: 002b:00007f949b1d4c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  817.535949] RAX: ffffffffffffffda RBX: 00007f949b1d4c90 RCX: 0000000000457569
[  817.535958] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f949b1b4000
[  817.535967] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  817.535982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f949b1d56d4
[  817.548083] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
[  817.553882] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  817.593205] FAULT_INJECTION: forcing a failure.
[  817.593205] name failslab, interval 1, probability 0, space 0, times 0
[  817.632011] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  817.744443] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  817.795351] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  817.803833] Interruptibility = 00000001  ActivityState = 00000000
[  817.810359] *** Host State ***
[  817.846967] RIP = 0xffffffff8120269c  RSP = 0xffff8801d4997390
[  817.856796] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  817.887059] CPU: 0 PID: 10764 Comm: syz-executor0 Not tainted 4.19.0-rc8-next-20181018+ #97
[  817.895571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  817.900155] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  817.904932] Call Trace:
[  817.904959]  dump_stack+0x244/0x39d
[  817.904986]  ? dump_stack_print_info.cold.1+0x20/0x20
[  817.924173]  ? print_usage_bug+0xc0/0xc0
[  817.925340] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  817.928254]  should_fail.cold.4+0xa/0x17
[  817.928281]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  817.928300]  ? print_usage_bug+0xc0/0xc0
[  817.928313]  ? zap_class+0x640/0x640
[  817.928338]  ? print_usage_bug+0xc0/0xc0
[  817.928359]  ? zap_class+0x640/0x640
[  817.934910] CR0=0000000080050033 CR3=0000000187fed000 CR4=00000000001426e0
[  817.938298]  ? __update_load_avg_blocked_se+0x690/0x690
[  817.938335]  ? __lock_is_held+0xb5/0x140
[  817.938387]  ? perf_trace_sched_process_exec+0x860/0x860
[  817.943764] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  817.947558]  ? __lock_acquire+0x62f/0x4c20
[  817.947574]  ? mark_held_locks+0x130/0x130
[  817.947598]  __should_failslab+0x124/0x180
[  817.947621]  should_failslab+0x9/0x14
[  817.947642]  __kmalloc+0x2e0/0x760
[  817.954750] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  817.955431]  ? ext4_find_extent+0x757/0x9b0
[  817.959589] *** Control State ***
[  817.966147]  ext4_find_extent+0x757/0x9b0
[  817.966177]  ext4_ext_map_blocks+0x28c/0x48e0
[  817.966204]  ? print_usage_bug+0xc0/0xc0
[  817.966218]  ? cpuacct_charge+0x265/0x440
[  817.966240]  ? ext4_ext_release+0x10/0x10
[  817.973065] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  817.975657]  ? zap_class+0x640/0x640
[  817.975676]  ? zap_class+0x640/0x640
[  817.975698]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  817.981615] EntryControls=0000d1ff ExitControls=002fefff
[  817.987799]  ? check_preemption_disabled+0x48/0x280
[  817.987841]  ? lock_acquire+0x1ed/0x520
[  817.987871]  ? ext4_map_blocks+0x487/0x1b50
[  817.987907]  ? lock_release+0xa10/0xa10
[  817.987943]  ? perf_trace_sched_process_exec+0x860/0x860
[  817.993698] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  817.996395]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  817.996428]  ? mark_held_locks+0xc7/0x130
[  817.996450]  ? get_user_pages_fast+0x22b/0x450
[  817.996481]  ? down_read+0x8d/0x120
[  817.996495]  ? ext4_map_blocks+0x487/0x1b50
[  817.996515]  ? __down_interruptible+0x700/0x700
[  818.002223] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  818.004546]  ext4_map_blocks+0xe2d/0x1b50
[  818.004577]  ? ext4_issue_zeroout+0x190/0x190
[  818.008563] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  818.014171]  ? ext4_journal_check_start+0x18e/0x220
[  818.014192]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  818.014212]  _ext4_get_block+0x226/0x6d0
[  818.018945]         reason=80000021 qualification=0000000000000000
[  818.021981]  ? ext4_map_blocks+0x1b50/0x1b50
[  818.022003]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.022022]  ? ext4_meta_trans_blocks+0x25f/0x310
[  818.026677] IDTVectoring: info=00000000 errcode=00000000
[  818.030662]  ext4_get_block_trans+0x1a6/0x2e0
[  818.030686]  ? ext4_dio_get_block_overwrite+0x100/0x100
[  818.030707]  ? iov_iter_npages+0xdd0/0xdd0
[  818.034808] TSC Offset = 0xfffffe48755c7a80
[  818.038909]  ext4_dio_get_block_unwritten_async+0x72/0x260
[  818.038934]  do_blockdev_direct_IO+0x37fe/0xefa0
[  818.038974]  ? lock_unpin_lock+0x4a0/0x4a0
[  818.039007]  ? sb_init_dio_done_wq+0x90/0x90
[  818.045354] EPT pointer = 0x000000018796c01e
[  818.049815]  ? mark_held_locks+0x130/0x130
[  818.049840]  ? zap_class+0x640/0x640
[  818.049873]  ? print_usage_bug+0xc0/0xc0
[  818.049898]  ? ext4_get_block_trans+0x2e0/0x2e0
[  818.049925]  ? lock_downgrade+0x900/0x900
[  818.057346]  ? __lock_acquire+0x62f/0x4c20
[  818.057364]  ? print_usage_bug+0xc0/0xc0
[  818.057383]  ? print_usage_bug+0xc0/0xc0
[  818.057413]  ? zap_class+0x640/0x640
[  818.057443]  ? mark_held_locks+0x130/0x130
[  818.068440]  ? find_held_lock+0x36/0x1c0
[  818.068469]  ? __unlock_page_memcg+0x53/0x100
[  818.068488]  ? lock_downgrade+0x900/0x900
[  818.068507]  ? check_preemption_disabled+0x48/0x280
[  818.287354]  ? print_usage_bug+0xc0/0xc0
[  818.291436]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  818.296718]  ? kasan_check_read+0x11/0x20
[  818.300872]  ? rcu_softirq_qs+0x20/0x20
[  818.304850]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.310412]  ? __unlock_page_memcg+0x70/0x100
[  818.314926]  ? __lock_acquire+0x62f/0x4c20
[  818.319164]  ? page_add_new_anon_rmap+0xb70/0xb70
[  818.324015]  ? lock_unpin_lock+0x4a0/0x4a0
[  818.328266]  ? mark_held_locks+0x130/0x130
[  818.332506]  ? print_usage_bug+0xc0/0xc0
[  818.336578]  ? __lock_acquire+0x62f/0x4c20
[  818.340831]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  818.345801]  ? kasan_check_read+0x11/0x20
[  818.349971]  ? mark_held_locks+0x130/0x130
[  818.354224]  ? print_usage_bug+0xc0/0xc0
[  818.358288]  ? zap_class+0x640/0x640
[  818.362010]  ? lock_acquire+0x1ed/0x520
[  818.365993]  ? alloc_set_pte+0x1447/0x1f40
[  818.370244]  ? kasan_check_read+0x11/0x20
[  818.374397]  ? do_raw_spin_lock+0x14f/0x350
[  818.378753]  ? rwlock_bug.part.2+0x90/0x90
[  818.382990]  ? print_usage_bug+0xc0/0xc0
[  818.387060]  ? print_usage_bug+0xc0/0xc0
[  818.391127]  ? alloc_set_pte+0xdee/0x1f40
[  818.395275]  ? zap_class+0x640/0x640
[  818.399023]  ? __lock_acquire+0x62f/0x4c20
[  818.403272]  ? reacquire_held_locks+0x137/0x510
[  818.407949]  ? __lock_acquire+0x62f/0x4c20
[  818.412208]  ? print_usage_bug+0xc0/0xc0
[  818.416290]  ? mark_held_locks+0x130/0x130
[  818.420533]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  818.425494]  ? __lock_acquire+0x62f/0x4c20
[  818.429752]  ? print_usage_bug+0xc0/0xc0
[  818.433835]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  818.439376]  ? invalidate_inode_pages2_range+0x15ef/0x1cb0
[  818.445024]  ? zap_class+0x640/0x640
[  818.448787]  ? zap_class+0x640/0x640
[  818.452500]  ? __lock_acquire+0x62f/0x4c20
[  818.456757]  ? pagecache_isize_extended+0x440/0x440
[  818.461770]  ? zap_class+0x640/0x640
[  818.465493]  ? print_usage_bug+0xc0/0xc0
[  818.469560]  ? zap_class+0x640/0x640
[  818.473287]  ? __lock_is_held+0xb5/0x140
[  818.477348]  ? find_held_lock+0x36/0x1c0
[  818.481438]  ? find_held_lock+0x36/0x1c0
[  818.485519]  ? ext4_direct_IO+0x134d/0x2210
[  818.489869]  ? lock_downgrade+0x900/0x900
[  818.494029]  ? lock_release+0xa10/0xa10
[  818.498005]  ? perf_trace_sched_process_exec+0x860/0x860
[  818.503465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.509006]  ? ext4_journal_check_start+0x18e/0x220
[  818.514038]  ? up_write+0x7b/0x220
[  818.517586]  ? ext4_get_block_trans+0x2e0/0x2e0
[  818.522258]  __blockdev_direct_IO+0x9d/0xc6
[  818.526587]  ? write_end_fn+0xf0/0xf0
[  818.530391]  ? ext4_get_block_trans+0x2e0/0x2e0
[  818.535077]  ext4_direct_IO+0xadd/0x2210
[  818.539156]  ? ext4_iomap_end+0x810/0x810
[  818.543308]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.548860]  ? timespec64_trunc+0xea/0x180
[  818.553095]  ? inode_init_owner+0x340/0x340
[  818.557437]  ? __vfs_setxattr+0x180/0x180
[  818.561588]  ? kasan_check_read+0x11/0x20
[  818.565740]  ? current_time+0x10b/0x1b0
[  818.569719]  ? timespec64_trunc+0x180/0x180
[  818.574047]  ? security_inode_need_killpriv+0x80/0xa0
[  818.579245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.584783]  ? file_update_time+0xe4/0x640
[  818.589022]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  818.594599]  ? filemap_check_errors+0xd8/0x110
[  818.599199]  generic_file_direct_write+0x275/0x4b0
[  818.604141]  __generic_file_write_iter+0x2ff/0x630
[  818.609092]  ext4_file_write_iter+0x390/0x1420
[  818.613676]  ? __fget+0x4d1/0x740
[  818.617155]  ? ext4_file_mmap+0x410/0x410
[  818.621321]  ? find_held_lock+0x36/0x1c0
[  818.625450]  ? aio_write+0x4ce/0x610
[  818.629170]  ? lock_downgrade+0x900/0x900
[  818.633318]  ? __lock_is_held+0xb5/0x140
[  818.637398]  ? rcu_read_lock_sched_held+0x14f/0x180
[  818.642449]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.647986]  ? __sb_start_write+0x1b2/0x370
[  818.652318]  aio_write+0x3b1/0x610
[  818.655879]  ? aio_complete_rw+0x640/0x640
[  818.660129]  ? lock_downgrade+0x900/0x900
[  818.664297]  ? kasan_check_read+0x11/0x20
[  818.668459]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  818.673760]  io_submit_one+0xaa1/0xf80
[  818.677659]  ? aio_poll+0x1420/0x1420
[  818.681471]  ? __might_fault+0x12b/0x1e0
[  818.685539]  ? lock_downgrade+0x900/0x900
[  818.689693]  ? perf_trace_sched_process_exec+0x860/0x860
[  818.695142]  ? __lock_is_held+0xb5/0x140
[  818.699249]  __x64_sys_io_submit+0x1b7/0x580
[  818.703661]  ? __ia32_sys_io_destroy+0x580/0x580
[  818.708440]  ? trace_hardirqs_on+0xbd/0x310
[  818.712768]  ? __ia32_sys_read+0xb0/0xb0
[  818.716882]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  818.722273]  ? trace_hardirqs_off_caller+0x300/0x300
[  818.727389]  do_syscall_64+0x1b9/0x820
[  818.731313]  ? __ia32_sys_io_destroy+0x580/0x580
[  818.736072]  ? do_syscall_64+0x1b9/0x820
[  818.740136]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  818.745507]  ? syscall_return_slowpath+0x5e0/0x5e0
[  818.750446]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  818.755292]  ? trace_hardirqs_on_caller+0x310/0x310
[  818.760363]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  818.765385]  ? prepare_exit_to_usermode+0x291/0x3b0
[  818.770437]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  818.775290]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  818.780483] RIP: 0033:0x457569
[  818.783765] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  818.803130] RSP: 002b:00007fa378de3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  818.810843] RAX: ffffffffffffffda RBX: 00007fa378de3c90 RCX: 0000000000457569
[  818.818112] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007fa378dc3000
[  818.825377] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  818.832661] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa378de46d4
[  818.839928] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
13:34:28 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:28 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:28 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2d]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:28 executing program 5 (fault-call:5 fault-nth:1):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  819.011903] FAULT_INJECTION: forcing a failure.
[  819.011903] name failslab, interval 1, probability 0, space 0, times 0
[  819.053415] CPU: 1 PID: 10776 Comm: syz-executor5 Not tainted 4.19.0-rc8-next-20181018+ #97
[  819.062024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  819.071383] Call Trace:
[  819.074019]  dump_stack+0x244/0x39d
[  819.077679]  ? dump_stack_print_info.cold.1+0x20/0x20
[  819.082901]  ? zap_class+0x640/0x640
[  819.086674]  should_fail.cold.4+0xa/0x17
[  819.090771]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  819.095893]  ? zap_class+0x640/0x640
[  819.099625]  ? zap_class+0x640/0x640
[  819.103380]  ? zap_class+0x640/0x640
[  819.107119]  ? check_preemption_disabled+0x48/0x280
[  819.112155]  ? zap_class+0x640/0x640
[  819.115878]  ? check_preemption_disabled+0x48/0x280
[  819.120942]  ? find_held_lock+0x36/0x1c0
[  819.125027]  ? __lock_is_held+0xb5/0x140
[  819.129103]  ? ipoib_cm_tx_reap+0xbe8/0x1630
[  819.133537]  ? lock_downgrade+0x900/0x900
[  819.137703]  ? perf_trace_sched_process_exec+0x860/0x860
[  819.143184]  ? rb_erase_cached+0xc78/0x3720
[  819.147535]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  819.153111]  __should_failslab+0x124/0x180
[  819.157386]  should_failslab+0x9/0x14
[  819.161207]  kmem_cache_alloc+0x2be/0x730
[  819.165372]  ? print_usage_bug+0xc0/0xc0
[  819.169473]  do_blockdev_direct_IO+0x719/0xefa0
[  819.174181]  ? print_usage_bug+0xc0/0xc0
[  819.178282]  ? activate_page+0x1040/0x1040
[  819.182542]  ? __lock_acquire+0x62f/0x4c20
[  819.186803]  ? mark_page_accessed+0xcaf/0x2040
[  819.191397]  ? write_end_fn+0xf0/0xf0
[  819.195258]  ? ext4_get_block_trans+0x2e0/0x2e0
[  819.199952]  ? sb_init_dio_done_wq+0x90/0x90
[  819.204381]  ? mark_held_locks+0x130/0x130
[  819.208733]  ? zap_class+0x640/0x640
[  819.212478]  ? print_usage_bug+0xc0/0xc0
[  819.216575]  ? lock_downgrade+0x900/0x900
[  819.220743]  ? __lock_acquire+0x62f/0x4c20
[  819.225012]  ? print_usage_bug+0xc0/0xc0
[  819.229087]  ? print_usage_bug+0xc0/0xc0
[  819.233165]  ? zap_class+0x640/0x640
[  819.236901]  ? mark_held_locks+0x130/0x130
[  819.241168]  ? find_held_lock+0x36/0x1c0
[  819.245282]  ? __unlock_page_memcg+0x53/0x100
[  819.249810]  ? lock_downgrade+0x900/0x900
[  819.253986]  ? check_preemption_disabled+0x48/0x280
[  819.259024]  ? print_usage_bug+0xc0/0xc0
[  819.263114]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  819.268412]  ? kasan_check_read+0x11/0x20
[  819.272575]  ? rcu_softirq_qs+0x20/0x20
[  819.276567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.282135]  ? __unlock_page_memcg+0x70/0x100
[  819.286652]  ? __lock_acquire+0x62f/0x4c20
[  819.290922]  ? page_add_new_anon_rmap+0xb70/0xb70
[  819.295801]  ? rb_erase_cached+0xc78/0x3720
[  819.300163]  ? mark_held_locks+0x130/0x130
[  819.304439]  ? print_usage_bug+0xc0/0xc0
[  819.308518]  ? __lock_acquire+0x62f/0x4c20
[  819.312767]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  819.317707]  ? kasan_check_read+0x11/0x20
[  819.321878]  ? mark_held_locks+0x130/0x130
[  819.326134]  ? print_usage_bug+0xc0/0xc0
[  819.330210]  ? zap_class+0x640/0x640
[  819.333965]  ? lock_acquire+0x1ed/0x520
[  819.337955]  ? alloc_set_pte+0x1447/0x1f40
[  819.342212]  ? kasan_check_read+0x11/0x20
[  819.346373]  ? do_raw_spin_lock+0x14f/0x350
[  819.350716]  ? rwlock_bug.part.2+0x90/0x90
[  819.354963]  ? print_usage_bug+0xc0/0xc0
[  819.359047]  ? print_usage_bug+0xc0/0xc0
[  819.363133]  ? alloc_set_pte+0xdee/0x1f40
[  819.367328]  ? zap_class+0x640/0x640
[  819.371072]  ? __lock_acquire+0x62f/0x4c20
[  819.375321]  ? reacquire_held_locks+0x137/0x510
[  819.380037]  ? __lock_acquire+0x62f/0x4c20
[  819.384291]  ? print_usage_bug+0xc0/0xc0
[  819.388421]  ? mark_held_locks+0x130/0x130
[  819.392676]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  819.397623]  ? __lock_acquire+0x62f/0x4c20
[  819.401874]  ? print_usage_bug+0xc0/0xc0
[  819.405978]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  819.411528]  ? invalidate_inode_pages2_range+0x15ef/0x1cb0
[  819.417170]  ? zap_class+0x640/0x640
[  819.420902]  ? zap_class+0x640/0x640
[  819.424635]  ? __lock_acquire+0x62f/0x4c20
[  819.428886]  ? pagecache_isize_extended+0x440/0x440
[  819.433954]  ? zap_class+0x640/0x640
[  819.437681]  ? print_usage_bug+0xc0/0xc0
[  819.441755]  ? zap_class+0x640/0x640
[  819.445499]  ? __lock_is_held+0xb5/0x140
[  819.449570]  ? find_held_lock+0x36/0x1c0
[  819.453656]  ? find_held_lock+0x36/0x1c0
[  819.457742]  ? ext4_direct_IO+0x134d/0x2210
[  819.462079]  ? lock_downgrade+0x900/0x900
[  819.466247]  ? lock_release+0xa10/0xa10
[  819.470237]  ? perf_trace_sched_process_exec+0x860/0x860
[  819.475701]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.481256]  ? ext4_journal_check_start+0x18e/0x220
[  819.486313]  ? up_write+0x7b/0x220
[  819.489882]  ? ext4_get_block_trans+0x2e0/0x2e0
[  819.494584]  __blockdev_direct_IO+0x9d/0xc6
[  819.498925]  ? write_end_fn+0xf0/0xf0
[  819.502868]  ? ext4_get_block_trans+0x2e0/0x2e0
[  819.507571]  ext4_direct_IO+0xadd/0x2210
[  819.511667]  ? ext4_iomap_end+0x810/0x810
[  819.515827]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.521375]  ? timespec64_trunc+0xea/0x180
[  819.525631]  ? inode_init_owner+0x340/0x340
[  819.529972]  ? __vfs_setxattr+0x180/0x180
[  819.534138]  ? kasan_check_read+0x11/0x20
[  819.538303]  ? current_time+0x10b/0x1b0
[  819.542295]  ? timespec64_trunc+0x180/0x180
[  819.546639]  ? security_inode_need_killpriv+0x80/0xa0
[  819.551852]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.557413]  ? file_update_time+0xe4/0x640
[  819.561679]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  819.567225]  ? filemap_check_errors+0xd8/0x110
[  819.571830]  generic_file_direct_write+0x275/0x4b0
[  819.576789]  __generic_file_write_iter+0x2ff/0x630
[  819.581744]  ext4_file_write_iter+0x390/0x1420
[  819.586336]  ? __fget+0x4d1/0x740
[  819.589821]  ? ext4_file_mmap+0x410/0x410
[  819.593987]  ? find_held_lock+0x36/0x1c0
[  819.598074]  ? aio_write+0x4ce/0x610
[  819.601805]  ? lock_downgrade+0x900/0x900
[  819.605965]  ? __lock_is_held+0xb5/0x140
[  819.610051]  ? rcu_read_lock_sched_held+0x14f/0x180
[  819.615112]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.620689]  ? __sb_start_write+0x1b2/0x370
[  819.625040]  aio_write+0x3b1/0x610
[  819.628601]  ? aio_complete_rw+0x640/0x640
[  819.632889]  ? lock_downgrade+0x900/0x900
[  819.637097]  ? kasan_check_read+0x11/0x20
[  819.641287]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  819.646596]  io_submit_one+0xaa1/0xf80
[  819.650504]  ? aio_poll+0x1420/0x1420
[  819.654334]  ? __might_fault+0x12b/0x1e0
[  819.658431]  ? lock_downgrade+0x900/0x900
[  819.662604]  ? perf_trace_sched_process_exec+0x860/0x860
[  819.668070]  ? __lock_is_held+0xb5/0x140
[  819.672167]  __x64_sys_io_submit+0x1b7/0x580
[  819.676592]  ? __ia32_sys_io_destroy+0x580/0x580
[  819.681370]  ? trace_hardirqs_on+0xbd/0x310
[  819.685720]  ? __ia32_sys_read+0xb0/0xb0
[  819.689808]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  819.695203]  ? trace_hardirqs_off_caller+0x300/0x300
[  819.700360]  do_syscall_64+0x1b9/0x820
[  819.704299]  ? __ia32_sys_io_destroy+0x580/0x580
[  819.709065]  ? do_syscall_64+0x1b9/0x820
[  819.713140]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  819.718521]  ? syscall_return_slowpath+0x5e0/0x5e0
[  819.723460]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  819.728329]  ? trace_hardirqs_on_caller+0x310/0x310
[  819.733362]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  819.738474]  ? prepare_exit_to_usermode+0x291/0x3b0
[  819.743518]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  819.748386]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  819.753608] RIP: 0033:0x457569
[  819.756815] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  819.775729] RSP: 002b:00007f949b1d4c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  819.783464] RAX: ffffffffffffffda RBX: 00007f949b1d4c90 RCX: 0000000000457569
[  819.790742] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f949b1b4000
[  819.798023] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  819.805301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f949b1d56d4
[  819.812589] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
13:34:29 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  819.881732] *** Guest State ***
[  819.902770] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  819.941220] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  819.959612] CR3 = 0x0000000000000000
[  819.963472] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  819.969627] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  819.975715] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  819.982618] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  819.990748] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  819.998930] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  820.007140] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  820.015232] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  820.023455] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  820.031743] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:34:30 executing program 5 (fault-call:5 fault-nth:2):
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  820.067644] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  820.132812] IPVS: ftp: loaded support on port[0] = 21
[  820.151347] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  820.185078] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  820.201831] FAULT_INJECTION: forcing a failure.
[  820.201831] name failslab, interval 1, probability 0, space 0, times 0
[  820.213250] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  820.220728] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  820.228422] CPU: 0 PID: 10791 Comm: syz-executor5 Not tainted 4.19.0-rc8-next-20181018+ #97
[  820.236930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  820.246292] Call Trace:
[  820.248902]  dump_stack+0x244/0x39d
[  820.252573]  ? dump_stack_print_info.cold.1+0x20/0x20
[  820.257786]  ? print_usage_bug+0xc0/0xc0
[  820.261874]  should_fail.cold.4+0xa/0x17
[  820.265965]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  820.271087]  ? print_usage_bug+0xc0/0xc0
[  820.275159]  ? zap_class+0x640/0x640
[  820.278912]  ? print_usage_bug+0xc0/0xc0
[  820.282987]  ? zap_class+0x640/0x640
[  820.286722]  ? __update_load_avg_se+0xae0/0xae0
[  820.291411]  ? zap_class+0x640/0x640
[  820.295164]  ? __lock_is_held+0xb5/0x140
[  820.299260]  ? perf_trace_sched_process_exec+0x860/0x860
[  820.304727]  ? __lock_acquire+0x62f/0x4c20
[  820.308977]  ? mark_held_locks+0x130/0x130
[  820.313245]  __should_failslab+0x124/0x180
[  820.317507]  should_failslab+0x9/0x14
[  820.321321]  __kmalloc+0x2e0/0x760
[  820.324883]  ? ext4_find_extent+0x757/0x9b0
[  820.329229]  ext4_find_extent+0x757/0x9b0
[  820.333446]  ext4_ext_map_blocks+0x28c/0x48e0
[  820.337973]  ? cpuacct_charge+0x265/0x440
[  820.342152]  ? ext4_ext_release+0x10/0x10
[  820.346337]  ? zap_class+0x640/0x640
[  820.350068]  ? zap_class+0x640/0x640
[  820.353804]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.359361]  ? check_preemption_disabled+0x48/0x280
[  820.364438]  ? lock_acquire+0x1ed/0x520
[  820.368445]  ? ext4_map_blocks+0x487/0x1b50
[  820.372791]  ? lock_release+0xa10/0xa10
[  820.376777]  ? perf_trace_sched_process_exec+0x860/0x860
[  820.382246]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  820.386925]  ? mark_held_locks+0xc7/0x130
[  820.391096]  ? get_user_pages_fast+0x22b/0x450
[  820.395711]  ? down_read+0x8d/0x120
[  820.399351]  ? ext4_map_blocks+0x487/0x1b50
[  820.403696]  ? __down_interruptible+0x700/0x700
[  820.408393]  ext4_map_blocks+0xe2d/0x1b50
[  820.412593]  ? ext4_issue_zeroout+0x190/0x190
[  820.417111]  ? ext4_journal_check_start+0x18e/0x220
[  820.422144]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  820.427698]  _ext4_get_block+0x226/0x6d0
[  820.431777]  ? ext4_map_blocks+0x1b50/0x1b50
[  820.436216]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.441789]  ? ext4_meta_trans_blocks+0x25f/0x310
[  820.446650]  ext4_get_block_trans+0x1a6/0x2e0
[  820.451165]  ? ext4_dio_get_block_overwrite+0x100/0x100
[  820.456560]  ? iov_iter_npages+0xdd0/0xdd0
[  820.460817]  ext4_dio_get_block_unwritten_async+0x72/0x260
[  820.466464]  do_blockdev_direct_IO+0x37fe/0xefa0
[  820.471259]  ? mark_page_accessed+0xcaf/0x2040
[  820.475876]  ? sb_init_dio_done_wq+0x90/0x90
[  820.480301]  ? mark_held_locks+0x130/0x130
[  820.484556]  ? zap_class+0x640/0x640
[  820.488299]  ? print_usage_bug+0xc0/0xc0
[  820.492380]  ? ext4_get_block_trans+0x2e0/0x2e0
[  820.497088]  ? lock_downgrade+0x900/0x900
[  820.501263]  ? __lock_acquire+0x62f/0x4c20
[  820.505512]  ? print_usage_bug+0xc0/0xc0
[  820.509591]  ? print_usage_bug+0xc0/0xc0
[  820.513671]  ? zap_class+0x640/0x640
[  820.517430]  ? mark_held_locks+0x130/0x130
[  820.521703]  ? find_held_lock+0x36/0x1c0
[  820.525836]  ? __unlock_page_memcg+0x53/0x100
[  820.530398]  ? lock_downgrade+0x900/0x900
[  820.534585]  ? check_preemption_disabled+0x48/0x280
[  820.539618]  ? print_usage_bug+0xc0/0xc0
[  820.543698]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  820.549011]  ? kasan_check_read+0x11/0x20
[  820.553185]  ? rcu_softirq_qs+0x20/0x20
[  820.557182]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.562745]  ? __unlock_page_memcg+0x70/0x100
[  820.567264]  ? __lock_acquire+0x62f/0x4c20
[  820.571513]  ? page_add_new_anon_rmap+0xb70/0xb70
[  820.576390]  ? lock_unpin_lock+0x4a0/0x4a0
[  820.580682]  ? mark_held_locks+0x130/0x130
[  820.584934]  ? print_usage_bug+0xc0/0xc0
[  820.589014]  ? __lock_acquire+0x62f/0x4c20
[  820.593267]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  820.598208]  ? kasan_check_read+0x11/0x20
[  820.602376]  ? mark_held_locks+0x130/0x130
[  820.606661]  ? print_usage_bug+0xc0/0xc0
[  820.610738]  ? zap_class+0x640/0x640
[  820.614473]  ? lock_acquire+0x1ed/0x520
[  820.618486]  ? alloc_set_pte+0x1447/0x1f40
[  820.622743]  ? kasan_check_read+0x11/0x20
[  820.626923]  ? do_raw_spin_lock+0x14f/0x350
[  820.631257]  ? rwlock_bug.part.2+0x90/0x90
[  820.635506]  ? print_usage_bug+0xc0/0xc0
[  820.639591]  ? print_usage_bug+0xc0/0xc0
[  820.643672]  ? alloc_set_pte+0xdee/0x1f40
[  820.647833]  ? zap_class+0x640/0x640
[  820.651575]  ? __lock_acquire+0x62f/0x4c20
[  820.655821]  ? reacquire_held_locks+0x137/0x510
[  820.660515]  ? __lock_acquire+0x62f/0x4c20
[  820.664762]  ? print_usage_bug+0xc0/0xc0
[  820.668860]  ? mark_held_locks+0x130/0x130
[  820.673114]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  820.678065]  ? __lock_acquire+0x62f/0x4c20
[  820.682316]  ? print_usage_bug+0xc0/0xc0
[  820.686436]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  820.692000]  ? invalidate_inode_pages2_range+0x15ef/0x1cb0
[  820.697642]  ? zap_class+0x640/0x640
[  820.701366]  ? zap_class+0x640/0x640
[  820.705104]  ? __lock_acquire+0x62f/0x4c20
[  820.709356]  ? pagecache_isize_extended+0x440/0x440
[  820.714412]  ? zap_class+0x640/0x640
[  820.718163]  ? print_usage_bug+0xc0/0xc0
[  820.722242]  ? zap_class+0x640/0x640
[  820.725984]  ? __lock_is_held+0xb5/0x140
[  820.730057]  ? find_held_lock+0x36/0x1c0
[  820.734136]  ? find_held_lock+0x36/0x1c0
[  820.738230]  ? ext4_direct_IO+0x134d/0x2210
[  820.742583]  ? lock_downgrade+0x900/0x900
[  820.746751]  ? lock_release+0xa10/0xa10
[  820.750743]  ? perf_trace_sched_process_exec+0x860/0x860
[  820.756216]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.761778]  ? ext4_journal_check_start+0x18e/0x220
[  820.766827]  ? up_write+0x7b/0x220
[  820.770387]  ? ext4_get_block_trans+0x2e0/0x2e0
[  820.775088]  __blockdev_direct_IO+0x9d/0xc6
[  820.779442]  ? write_end_fn+0xf0/0xf0
[  820.783285]  ? ext4_get_block_trans+0x2e0/0x2e0
[  820.788501]  ext4_direct_IO+0xadd/0x2210
[  820.792606]  ? ext4_iomap_end+0x810/0x810
[  820.796770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.802329]  ? timespec64_trunc+0xea/0x180
[  820.806585]  ? inode_init_owner+0x340/0x340
[  820.810925]  ? __vfs_setxattr+0x180/0x180
[  820.815105]  ? kasan_check_read+0x11/0x20
[  820.819303]  ? current_time+0x10b/0x1b0
[  820.823299]  ? timespec64_trunc+0x180/0x180
[  820.827645]  ? security_inode_need_killpriv+0x80/0xa0
[  820.832860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.838447]  ? file_update_time+0xe4/0x640
[  820.842713]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  820.848265]  ? filemap_check_errors+0xd8/0x110
[  820.852875]  generic_file_direct_write+0x275/0x4b0
[  820.857837]  __generic_file_write_iter+0x2ff/0x630
[  820.863422]  ext4_file_write_iter+0x390/0x1420
[  820.868018]  ? __fget+0x4d1/0x740
[  820.871500]  ? ext4_file_mmap+0x410/0x410
[  820.875662]  ? find_held_lock+0x36/0x1c0
[  820.879750]  ? aio_write+0x4ce/0x610
[  820.883485]  ? lock_downgrade+0x900/0x900
[  820.887648]  ? __lock_is_held+0xb5/0x140
[  820.891736]  ? rcu_read_lock_sched_held+0x14f/0x180
[  820.896931]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  820.902484]  ? __sb_start_write+0x1b2/0x370
[  820.906828]  aio_write+0x3b1/0x610
[  820.910393]  ? aio_complete_rw+0x640/0x640
[  820.914676]  ? lock_downgrade+0x900/0x900
[  820.918848]  ? kasan_check_read+0x11/0x20
[  820.923011]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  820.928336]  io_submit_one+0xaa1/0xf80
[  820.932240]  ? aio_poll+0x1420/0x1420
[  820.936067]  ? __might_fault+0x12b/0x1e0
[  820.940147]  ? lock_downgrade+0x900/0x900
[  820.944317]  ? perf_trace_sched_process_exec+0x860/0x860
[  820.949780]  ? __lock_is_held+0xb5/0x140
[  820.953885]  __x64_sys_io_submit+0x1b7/0x580
[  820.958314]  ? __ia32_sys_io_destroy+0x580/0x580
[  820.963089]  ? trace_hardirqs_on+0xbd/0x310
[  820.967441]  ? __ia32_sys_read+0xb0/0xb0
[  820.971519]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  820.976897]  ? trace_hardirqs_off_caller+0x300/0x300
[  820.982050]  do_syscall_64+0x1b9/0x820
[  820.985950]  ? __ia32_sys_io_destroy+0x580/0x580
[  820.990714]  ? do_syscall_64+0x1b9/0x820
[  820.994790]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  821.000168]  ? syscall_return_slowpath+0x5e0/0x5e0
[  821.005129]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  821.009987]  ? trace_hardirqs_on_caller+0x310/0x310
[  821.015040]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  821.020073]  ? prepare_exit_to_usermode+0x291/0x3b0
[  821.025115]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  821.029980]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  821.035182] RIP: 0033:0x457569
[  821.038421] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  821.057326] RSP: 002b:00007f949b1d4c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  821.065054] RAX: ffffffffffffffda RBX: 00007f949b1d4c90 RCX: 0000000000457569
[  821.072361] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f949b1b4000
[  821.079636] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  821.086916] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f949b1d56d4
[  821.094202] R13: 00000000004be72d R14: 00000000004ce380 R15: 0000000000000005
[  821.102089] Interruptibility = 00000001  ActivityState = 00000000
[  821.108491] *** Host State ***
[  821.111869] RIP = 0xffffffff8120269c  RSP = 0xffff8801bd8f7390
[  821.118155] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  821.124672] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  821.132667] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  821.138752] CR0=0000000080050033 CR3=000000018a204000 CR4=00000000001426e0
[  821.145975] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  821.152758] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  821.159003] *** Control State ***
[  821.162568] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  821.169583] EntryControls=0000d1ff ExitControls=002fefff
[  821.175144] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  821.182584] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  821.189700] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  821.196729]         reason=80000021 qualification=0000000000000000
[  821.203362] IDTVectoring: info=00000000 errcode=00000000
[  821.209291] TSC Offset = 0xfffffe46fb1f5257
[  821.213717] EPT pointer = 0x00000001c77fc01e
13:34:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x28000)
r4 = accept4$nfc_llcp(0xffffffffffffff9c, &(0x7f0000000140), &(0x7f00000001c0)=0x60, 0x80800)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000200)={r4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  821.411451] *** Guest State ***
[  821.415072] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  821.424652] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  821.434067] CR3 = 0x0000000000000000
[  821.446227] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  821.456756] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  821.463274] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  821.470797] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  821.479523] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.488430] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:31 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  821.509582] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.525209] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.563449] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.592604] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  821.611367] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  821.628847] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  821.667121] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  821.682002] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  821.688679] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  821.696531] Interruptibility = 00000001  ActivityState = 00000000
[  821.703181] *** Host State ***
[  821.706568] RIP = 0xffffffff8120269c  RSP = 0xffff8801bd8f7390
[  821.712663] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  821.719468] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  821.727598] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  821.733623] CR0=0000000080050033 CR3=00000001c86e3000 CR4=00000000001426e0
[  821.740969] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  821.748127] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  821.754201] *** Control State ***
[  821.757826] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  821.764510] EntryControls=0000d1ff ExitControls=002fefff
[  821.770065] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  821.777138] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  821.783815] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  821.790982]         reason=80000021 qualification=0000000000000000
[  821.797454] IDTVectoring: info=00000000 errcode=00000000
[  821.802919] TSC Offset = 0xfffffe45bac6968d
[  821.807336] EPT pointer = 0x00000001c0df001e
[  821.829571] *** Guest State ***
[  821.833082] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  821.842758] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  821.852152] CR3 = 0x0000000000000000
[  821.856395] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  821.862610] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  821.869261] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  821.881829] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  821.890433] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.898947] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.908486] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.916990] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.925248] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  821.933963] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  821.942485] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  821.951022] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  821.978531] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  821.999498] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  822.018494] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  822.026569] Interruptibility = 00000001  ActivityState = 00000000
[  822.033038] *** Host State ***
[  822.037906] RIP = 0xffffffff8120269c  RSP = 0xffff880186c6f390
[  822.044127] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  822.051302] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  822.059976] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  822.066364] CR0=0000000080050033 CR3=00000001c86e3000 CR4=00000000001426f0
[  822.073582] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  822.080747] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  822.087289] *** Control State ***
[  822.090898] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  822.098061] EntryControls=0000d1ff ExitControls=002fefff
[  822.103678] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  822.111125] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  822.118228] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  822.124977]         reason=80000021 qualification=0000000000000000
[  822.131775] IDTVectoring: info=00000000 errcode=00000000
[  822.137712] TSC Offset = 0xfffffe45bac6968d
[  822.142191] EPT pointer = 0x00000001c0df001e
13:34:32 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x788, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:32 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0xf000, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:32 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, <r3=>0x0}, &(0x7f0000000180)=0xc)
r4 = getegid()
chown(&(0x7f0000000040)='./file0\x00', r3, r4)

13:34:32 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x91ffffff00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  822.371694] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  822.433944] *** Guest State ***
[  822.437766] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  822.448096] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  822.460645] CR3 = 0x0000000000000000
[  822.464670] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  822.471064] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  822.480064] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  822.487657] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  822.496520] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  822.504751] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  822.513722] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  822.549024] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  822.559298] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  822.570053] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  822.579901] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  822.591869] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  822.603075] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  822.611511] device bridge_slave_1 left promiscuous mode
[  822.621129] bridge0: port 2(bridge_slave_1) entered disabled state
[  822.627521] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  822.627536] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  822.627548] Interruptibility = 00000001  ActivityState = 00000000
[  822.627553] *** Host State ***
[  822.627574] RIP = 0xffffffff8120269c  RSP = 0xffff88018cc87390
[  822.657080] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  822.663558] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  822.671443] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  822.671462] CR0=0000000080050033 CR3=00000001ccbe4000 CR4=00000000001426f0
[  822.671480] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  822.671494] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  822.671506] *** Control State ***
[  822.684473] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  822.684482] EntryControls=0000d1ff ExitControls=002fefff
[  822.684499] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  822.684510] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  822.684521] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  822.684531]         reason=80000021 qualification=0000000000000000
[  822.684540] IDTVectoring: info=00000000 errcode=00000000
[  822.684547] TSC Offset = 0xfffffe452e0ad91e
[  822.684561] EPT pointer = 0x00000001cd2c301e
[  822.692443] device bridge_slave_0 left promiscuous mode
[  822.715009] bridge0: port 1(bridge_slave_0) entered disabled state
[  822.858797] team0 (unregistering): Port device team_slave_1 removed
[  822.870156] team0 (unregistering): Port device team_slave_0 removed
[  822.880912] bond0 (unregistering): Releasing backup interface bond_slave_1
[  822.893289] bond0 (unregistering): Releasing backup interface bond_slave_0
[  822.924571] bond0 (unregistering): Released all slaves
[  823.468168] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.474648] bridge0: port 1(bridge_slave_0) entered disabled state
[  823.483110] device bridge_slave_0 entered promiscuous mode
[  823.530682] bridge0: port 2(bridge_slave_1) entered blocking state
[  823.537213] bridge0: port 2(bridge_slave_1) entered disabled state
[  823.544586] device bridge_slave_1 entered promiscuous mode
[  823.590363] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  823.638459] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  823.781126] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  823.831536] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  824.058756] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  824.066613] team0: Port device team_slave_0 added
[  824.113090] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  824.121010] team0: Port device team_slave_1 added
[  824.167513] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  824.218622] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  824.268424] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  824.275564] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  824.291840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  824.332699] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  824.339874] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  824.349033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  825.205679] bridge0: port 2(bridge_slave_1) entered blocking state
[  825.212077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  825.218781] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.225132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  825.232675] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  825.239353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  826.086602] IPVS: stopping backup sync thread 2911 ...
[  826.094796] device bridge_slave_1 left promiscuous mode
[  826.100490] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.108124] device bridge_slave_0 left promiscuous mode
[  826.113596] bridge0: port 1(bridge_slave_0) entered disabled state
[  828.211618] team0 (unregistering): Port device team_slave_1 removed
[  828.222117] team0 (unregistering): Port device team_slave_0 removed
[  828.232704] bond0 (unregistering): Releasing backup interface bond_slave_1
[  828.243740] bond0 (unregistering): Releasing backup interface bond_slave_0
[  828.274340] bond0 (unregistering): Released all slaves
[  829.701972] 8021q: adding VLAN 0 to HW filter on device bond0
[  829.818915] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  829.910898] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  829.917278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  829.924276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  830.019436] 8021q: adding VLAN 0 to HW filter on device team0
13:34:40 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:40 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:40 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x748, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:40 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x142800]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0\x00', 0x8f)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000200)={@host})
write$uinput_user_dev(r1, &(0x7f0000000440)={'syz1\x00', {0x3fc000000000, 0xa1, 0x9, 0x122}, 0xf, [0x3, 0x4, 0x0, 0x0, 0x2ee, 0x8, 0xfffffffffffffc8e, 0x9, 0xffffffffffff8000, 0x4, 0x8, 0xff, 0x4, 0x401, 0x6, 0x1230, 0xbcd, 0x9, 0x7, 0x4, 0x9, 0x7, 0x6, 0x1, 0x401, 0x1, 0xcdc0, 0x68, 0x6, 0x2, 0x81, 0x1ff, 0x5, 0x2d, 0xffffffffffffffff, 0x3, 0x784, 0x9e, 0x96a, 0x7c11a757, 0x1000, 0xff, 0x3, 0x2fd, 0x6de1, 0x1, 0x3ff, 0x4, 0x3ff, 0x0, 0x5, 0x7a6, 0x3, 0x5, 0xfff, 0x9db, 0xff, 0xa727, 0x3, 0x200000, 0x800, 0xa7, 0x9, 0x80000000], [0xfffffffeffffffff, 0x2, 0x6, 0x80, 0x8, 0x1, 0x6, 0xfffffffffffffe00, 0x0, 0x80, 0x8, 0xfd2, 0x0, 0x20, 0x6, 0x7, 0x8, 0x7, 0x9, 0xf12, 0x3f, 0x8, 0x1, 0x3, 0x7fff, 0x1ff, 0x5, 0x28, 0x4, 0xfffffffffffffff9, 0xb96c, 0x7f, 0x400, 0x0, 0x1000, 0x9, 0x54a6, 0x200, 0x80, 0x0, 0x0, 0x1ff, 0xe3, 0x8, 0x5, 0x80, 0xffffffff, 0x2, 0x0, 0x20, 0x0, 0x5f, 0x7f, 0x2, 0x6, 0xfffffffffffffffc, 0x1f, 0x2, 0x9ea, 0x400, 0x7, 0x5, 0x7f, 0x1], [0x3ff, 0xfffffffffffffffb, 0xb42, 0x4, 0x0, 0x4, 0x4, 0x3, 0x7f00000000, 0x4, 0xed, 0x7d54, 0x50, 0x817, 0x2, 0x7, 0x9b, 0x0, 0x80000001, 0x3, 0x1, 0x9, 0x0, 0x7bca0066, 0x2, 0x6, 0x3f, 0x3, 0xffffffff00000001, 0x1ff, 0x80000001, 0x1, 0x6, 0x4, 0x7ff, 0x9, 0xf61, 0x2, 0x80000001, 0x80000000, 0x20, 0x5, 0x401, 0x6, 0xfffffffffffffffe, 0x1ff, 0x0, 0x6, 0x800, 0x9, 0x5, 0x6, 0x1ff, 0x3ad, 0x800, 0x7, 0x1, 0x5, 0x8001, 0x7ff, 0x3, 0xfff, 0x4, 0xd8b], [0x0, 0xff, 0x1000, 0x9, 0x8, 0x3d, 0x51d4a3f7, 0x3, 0xffffffffffffff00, 0x400, 0x7, 0x3, 0x1a080000, 0x2, 0xffffffffffffffe0, 0x73, 0x2, 0x23ee48e4, 0x0, 0x2, 0x292f, 0x2, 0xfffffffffffff801, 0x533, 0x81, 0xfffffffffffffe00, 0x6, 0x1ad, 0xf27, 0x7, 0x7fffffff, 0xa37, 0x7, 0x2af, 0x2, 0x9, 0x3ff, 0x0, 0x1, 0x800, 0x7, 0x6, 0xfffffffffffffff8, 0x6, 0x4, 0x0, 0x6, 0x80, 0x96, 0xe4b, 0xffffffffffffff47, 0x8, 0x2, 0x1, 0x0, 0x0, 0x43f89284, 0x1f, 0x81, 0x7, 0x5, 0x6, 0x9, 0x2]}, 0x45c)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
getresgid(&(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000180))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:40 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x755, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  830.579299] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  830.659397] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  830.691074] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:40 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  830.707981] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  830.729187] *** Guest State ***
[  830.732812] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  830.743361] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  830.753051] CR3 = 0x0000000000000000
[  830.757628] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  830.764122] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  830.771222] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  830.791838] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  830.795424] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:40 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8010017d]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:40 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  830.802151] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  830.828642] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  830.840827] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  830.860007] IPVS: ftp: loaded support on port[0] = 21
[  830.869507] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  830.888515] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  830.897643] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:40 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5be, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  830.906574] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  830.915082] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  830.925334] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  830.934583] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  830.943060] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  830.943820] EFER =     0x0000000000000000  PAT = 0x0007040600070406
13:34:41 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  830.961391] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  830.974434] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  831.004546] Interruptibility = 00000001  ActivityState = 00000000
[  831.025631] *** Host State ***
[  831.036754] RIP = 0xffffffff8120269c  RSP = 0xffff880184bff390
13:34:41 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xdc7f]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  831.048205] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  831.064164] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  831.077740] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  831.095380] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
13:34:41 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x66f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  831.106199] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  831.128704] CR0=0000000080050033 CR3=00000001ce9de000 CR4=00000000001426e0
[  831.157061] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  831.190765] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  831.208353] *** Control State ***
[  831.212020] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  831.226984] EntryControls=0000d1ff ExitControls=002fefff
[  831.243108] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  831.261440] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  831.278071] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  831.284938]         reason=80000021 qualification=0000000000000000
[  831.300166] IDTVectoring: info=00000000 errcode=00000000
[  831.308063] TSC Offset = 0xfffffe40c1e5ae37
[  831.314197] EPT pointer = 0x000000018770601e
[  831.752547] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.759136] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.766528] device bridge_slave_0 entered promiscuous mode
[  831.794831] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.801303] bridge0: port 2(bridge_slave_1) entered disabled state
[  831.808491] device bridge_slave_1 entered promiscuous mode
[  831.836540] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  831.864699] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  831.946444] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  831.976794] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  832.101208] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  832.109386] team0: Port device team_slave_0 added
[  832.136016] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  832.143122] team0: Port device team_slave_1 added
[  832.170030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  832.200096] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  832.229335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  832.258645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  832.531319] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.537721] bridge0: port 2(bridge_slave_1) entered forwarding state
[  832.544299] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.550715] bridge0: port 1(bridge_slave_0) entered forwarding state
[  833.522690] 8021q: adding VLAN 0 to HW filter on device bond0
[  833.615703] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  833.709516] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  833.715649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  833.724082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  833.815165] 8021q: adding VLAN 0 to HW filter on device team0
13:34:44 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:44 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:44 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffffffffa0018000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:44 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6bf, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpgrp(0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0x100, 0x8, 0x8, 0x8, 0x0, 0x0, 0x40, 0x6, 0xfffffffffffffff7, 0x20000000000, 0x100, 0x4, 0x6, 0x2, 0x3, 0xfffffffffffffff7, 0xffffffffffff8a48, 0x0, 0x3, 0x9, 0xd93f, 0x7, 0x6, 0x8, 0x42, 0x2, 0x2, 0x80000000, 0xff, 0x0, 0x20, 0x1, 0x1, 0x10000, 0x9, 0x1000, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000200), 0x6}, 0x40, 0xdbf7, 0x28c8, 0x2, 0x0, 0xf793e8a, 0x4}, r2, 0x2, r3, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000040)=<r5=>0x0)
waitid(0x1, r5, 0x0, 0x2, &(0x7f0000000140))

13:34:44 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6cc, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:44 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000008000a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  834.443246] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.447369] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  834.460061] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:44 executing program 1:
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:44 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:44 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4e845e6400000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:44 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:44 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  834.594108] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.615495] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.676519] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  834.677819] *** Guest State ***
[  834.711366] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:44 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:44 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  834.727802] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.736522] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  834.748501] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.756550] CR3 = 0x0000000000000000
[  834.760309] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
13:34:44 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1802]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  834.784132] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  834.805969] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  834.820661] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  834.836950] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  834.854909] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  834.855532] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:44 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x64f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:44 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x469, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:44 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  834.898461] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  834.898476] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  834.898497] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  834.934000] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  834.942587] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  834.966031] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  834.992118] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  835.006835] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  835.056361] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  835.068686] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.085495] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.096865] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  835.108962] Interruptibility = 00000001  ActivityState = 00000000
[  835.117296] *** Host State ***
[  835.120780] RIP = 0xffffffff8120269c  RSP = 0xffff8801bffd7390
[  835.127744] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  835.134381] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  835.142787] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  835.149270] CR0=0000000080050033 CR3=00000001c19fd000 CR4=00000000001426f0
[  835.156616] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  835.163355] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  835.170623] *** Control State ***
[  835.174134] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  835.181076] EntryControls=0000d1ff ExitControls=002fefff
[  835.186777] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  835.193829] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  835.200706] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  835.207690]         reason=80000021 qualification=0000000000000000
[  835.214188] IDTVectoring: info=00000000 errcode=00000000
[  835.219911] TSC Offset = 0xfffffe3ea69905f6
[  835.224319] EPT pointer = 0x00000001c5e1201e
13:34:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000002c0)={0x4003, 0x2000, 0x2, 0x2, 0x400})
r3 = accept$inet(0xffffffffffffff9c, &(0x7f0000000080)={0x2, 0x0, @multicast2}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000480)={<r4=>0x0, 0x9, 0x7ff, 0xbf6, 0x5, 0x7eab}, &(0x7f00000004c0)=0x14)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000500)=r4, 0x4)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x20042, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(r5, 0x29, 0xca, &(0x7f0000000140)={0x200, 0x1, 0x688, 0x7ff, 0x7f}, 0xc)
fchdir(r5)
r6 = semget$private(0x0, 0x0, 0x40)
semctl$GETPID(r6, 0x0, 0xb, &(0x7f0000000300)=""/183)
poll(&(0x7f0000000300), 0x2000000000000298, 0x4)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f00000003c0)="0f79e3f20f2202baf80c66b87ee2698c66efbafc0cb80001ef660f1bf60f810090ba4200ed81ae000007000fc72966b8010000000f01c10f2266", 0x3a}], 0x1, 0x11, &(0x7f0000000440)=[@efer={0x2, 0x5000}], 0x1245)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000000)='fou\x00')
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000180)={<r7=>0x0, @in6={{0xa, 0x4e21, 0x7, @ipv4={[], [], @multicast1}, 0x100000000}}, 0x1, 0xff, 0x6, 0x0, 0x4}, &(0x7f0000000240)=0x98)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r5, 0x84, 0x78, &(0x7f0000000280)=r7, 0x4)

13:34:45 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x9000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:45 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x793, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  835.347509] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.356453] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:45 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x638, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000001a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  835.397149] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:45 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x20000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  835.552504] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.581514] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:45 executing program 1:
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x301000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r1, 0x28, &(0x7f0000000140)={0x0, <r3=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={r3, 0x7, 0x18}, 0xc)

13:34:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x7, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf01000000000000950000000000000015010000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  835.595241] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:45 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x479, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  835.684911] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.708090] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:45 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffffff91]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x7, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf01000000000000950000000000000015010000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  835.758466] *** Guest State ***
[  835.768423] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  835.802523] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  835.829506] CR3 = 0x0000000000000000
[  835.838098] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
13:34:45 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  835.855541] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  835.860717] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  835.870684] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  835.880626] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:45 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xa923060000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  835.898481] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  835.918453] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:46 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x59b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x7, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf01000000000000950000000000000015010000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  835.966686] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  835.992528] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.042971] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.067563] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  836.084136] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  836.108360] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  836.122728] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  836.139258] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  836.160590] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  836.182503] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  836.194194] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  836.202935] Interruptibility = 00000001  ActivityState = 00000000
13:34:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe8030000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  836.229443] *** Host State ***
[  836.238595] RIP = 0xffffffff8120269c  RSP = 0xffff8801d4997390
[  836.300677] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  836.316553] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  836.329163] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  836.335422] CR0=0000000080050033 CR3=0000000181b9f000 CR4=00000000001426e0
[  836.343396] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  836.356251] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  836.359365] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  836.366647] *** Control State ***
[  836.397420] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  836.406120] EntryControls=0000d1ff ExitControls=002fefff
[  836.412129] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  836.422942] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  836.430434] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  836.437357]         reason=80000021 qualification=0000000000000000
[  836.443882] IDTVectoring: info=00000000 errcode=00000000
[  836.460310] TSC Offset = 0xfffffe3e0da72d27
[  836.464788] EPT pointer = 0x00000001859eb01e
13:34:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/l2cap\x00')
write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="2e00000003000000080000000000000006000000000000000d0000000000000024776c616e30766d6e6574312600aa9568a6ff20c56e5008b880d63aff42b7a062dd893baac6f7e285858bf2dedff7104a93d693425d34b0155fe198981295321f304956eacef16c65abeb5161530a841a27939f5b04f7ce10685e033c924ace2ae3785d210ccc412e1f44e4982063b37b4379d3078f6a8c517d4ccb664bfd2687b665e832bbc07bbf37478310cf8f27b2f3fe97c8d5e759b6ad4a350bb331cb8cf65a4e709f2fb92a3291be1aaa9d9940969643e269be630bb5083d28d0e6cf0040e0802ef077040e9e460c77e5a981f41f98d2ebfe5792768c03e9dd4b19c76b05bec4e0a6"], 0x2e)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000280)={'team0\x00', <r4=>0x0})
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f00000002c0)={r4, 0x200, 0x3, 0x0, 0x100000000, 0x3, 0x100})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x1, 0x0)
ioctl$BLKGETSIZE64(r5, 0x80081272, &(0x7f0000000140))
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0xb2, 0x41, &(0x7f0000000140), 0x1000009e)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:46 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6a2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:46 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4dc, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  836.633833] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:46 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:46 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xf4010000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  836.754596] *** Guest State ***
[  836.758467] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  836.767593] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  836.776772] CR3 = 0x0000000000000000
[  836.780689] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  836.787440] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  836.793719] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  836.821874] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  836.843501] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  836.886066] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.895104] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.906086] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.914103] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  836.914118] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  836.914136] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  836.914147] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  836.914164] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  836.914173] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  836.914183] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  836.914193] Interruptibility = 00000001  ActivityState = 00000000
[  836.914197] *** Host State ***
[  836.914207] RIP = 0xffffffff8120269c  RSP = 0xffff8801843af390
[  836.914228] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  836.914240] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  836.956422] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  837.018792] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  837.024745] CR0=0000000080050033 CR3=000000018a92d000 CR4=00000000001426f0
13:34:47 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  837.031874] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  837.038762] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  837.044833] *** Control State ***
[  837.048455] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  837.056137] EntryControls=0000d1ff ExitControls=002fefff
[  837.061686] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  837.068718] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  837.075418] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:34:47 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4af, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:47 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x516, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  837.082206]         reason=80000021 qualification=0000000000000000
[  837.088791] IDTVectoring: info=00000000 errcode=00000000
[  837.094259] TSC Offset = 0xfffffe3d831c293d
[  837.098781] EPT pointer = 0x00000001c2a0501e
[  837.109791] IPVS: ftp: loaded support on port[0] = 21
13:34:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:47 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2d000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  837.256731] device bridge_slave_1 left promiscuous mode
[  837.266528] bridge0: port 2(bridge_slave_1) entered disabled state
[  837.285565] device bridge_slave_0 left promiscuous mode
[  837.311970] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.377073] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  837.397643] team0 (unregistering): Port device team_slave_1 removed
[  837.404805] *** Guest State ***
[  837.408822] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  837.418349] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:34:47 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x64a, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  837.428589] CR3 = 0x0000000000000000
[  837.432816] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  837.445962] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  837.454282] team0 (unregistering): Port device team_slave_0 removed
[  837.461257] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  837.488651] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  837.505601] bond0 (unregistering): Releasing backup interface bond_slave_1
[  837.520543] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:47 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6e2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  837.535222] bond0 (unregistering): Releasing backup interface bond_slave_0
[  837.542570] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  837.551525] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  837.566586] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  837.579449] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  837.588210] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  837.596949] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  837.606598] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  837.614700] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  837.614721] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  837.630086] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  837.639201] Interruptibility = 00000001  ActivityState = 00000000
[  837.645548] *** Host State ***
[  837.649269] RIP = 0xffffffff8120269c  RSP = 0xffff8801c7167390
[  837.655366] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:34:47 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4e6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  837.685277] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  837.702844] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  837.710125] CR0=0000000080050033 CR3=00000001b8fb8000 CR4=00000000001426e0
[  837.718223] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  837.725113] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  837.731967] *** Control State ***
[  837.741374] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  837.757049] EntryControls=0000d1ff ExitControls=002fefff
[  837.765984] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  837.782901] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  837.804680] bond0 (unregistering): Released all slaves
[  837.811248] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  837.824748]         reason=80000021 qualification=0000000000000000
[  837.831648] IDTVectoring: info=00000000 errcode=00000000
[  837.839141] TSC Offset = 0xfffffe3d2c134307
[  837.844049] EPT pointer = 0x00000001b825801e
[  838.822469] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.829302] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.836836] device bridge_slave_0 entered promiscuous mode
[  838.886537] bridge0: port 2(bridge_slave_1) entered blocking state
[  838.893008] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.900707] device bridge_slave_1 entered promiscuous mode
[  838.949450] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  838.998943] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  839.173753] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  839.223510] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  839.420792] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  839.428113] team0: Port device team_slave_0 added
[  839.454961] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  839.462260] team0: Port device team_slave_1 added
[  839.489510] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  839.519390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  839.549639] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  839.557053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  839.564951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  839.593315] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  839.600661] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  839.609083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  839.877754] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.884114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  839.890819] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.897211] bridge0: port 1(bridge_slave_0) entered forwarding state
[  839.904392] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  839.911687] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  840.866910] 8021q: adding VLAN 0 to HW filter on device bond0
[  840.960706] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  841.052024] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  841.058443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  841.065454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  841.158312] 8021q: adding VLAN 0 to HW filter on device team0
13:34:51 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:51 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x505, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:51 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair(0x11, 0x0, 0x4, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
write$P9_RATTACH(r3, &(0x7f00000001c0)={0x14, 0x69, 0x2, {0x45, 0x1}}, 0x14)
r4 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x7f, 0x200001)
ioctl$TIOCLINUX6(r4, 0x541c, &(0x7f0000000140)={0x6, 0x9})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:51 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4000, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:51 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  841.691317] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  841.730777] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:51 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:51 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000002a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  841.778485] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  841.800111] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  841.807141] *** Guest State ***
[  841.811834] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  841.822836] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  841.832572] CR3 = 0x0000000000000000
[  841.836905] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  841.843300] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  841.849827] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  841.857383] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:34:51 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xffffffffffffffff]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:51 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  841.874714] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  841.878440] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  841.894881] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  841.906811] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:34:51 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  841.923841] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  841.929040] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  841.941233] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  841.954074] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  841.963014] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
13:34:52 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000000000000950000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  841.973152] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  841.982397] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  842.002675] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.007746] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  842.020154] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
13:34:52 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xc0fe]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  842.021396] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.028114] Interruptibility = 00000001  ActivityState = 00000000
[  842.052300] *** Host State ***
[  842.056030] RIP = 0xffffffff8120269c  RSP = 0xffff880187a57390
[  842.062366] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:34:52 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x1a, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:52 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  842.086051] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  842.107081] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  842.126235] CR0=0000000080050033 CR3=00000001ba850000 CR4=00000000001426e0
[  842.136644] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  842.147772] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.159056] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  842.181561] *** Control State ***
[  842.185224] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  842.185234] EntryControls=0000d1ff ExitControls=002fefff
[  842.185251] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  842.185262] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  842.185272] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  842.185282]         reason=80000021 qualification=0000000000000000
[  842.185290] IDTVectoring: info=00000000 errcode=00000000
[  842.185298] TSC Offset = 0xfffffe3ad25df6bb
13:34:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f0000000200)='./file0/file0\x00', 0x200000, 0x0)
getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000240)={'raw\x00'}, &(0x7f00000002c0)=0x54)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
mq_timedsend(r2, &(0x7f0000000300)="eec665fdf0f460d543904e3311852c40f3a18bd64885ecb69b5457e8a4e5bbf0a4e59919c52af1100c40c27a5854fe52cd1134dd03587dac7fd34ea1ea00a25138a539fbd3500b370980bfc48e33b649995de44ea0e1148a13322fe4805dbce790044791fcfce76c2e9fa1cc41a8f95b813a23812647592e4e369df4178cb47bcef2d5bf434e7f32df3c254d261b5bcfa6ef455e44b77117f44ccd1231ec610e33dd9c73074da07d4b10da8c1e434eaea7e074033f52835940d3e222642dbd1124f7af5975516a81869ca653ec90799725a208dc9d4e", 0xd6, 0x4, &(0x7f0000000440)={0x0, 0x1c9c380})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x20)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r4, 0xc0bc5310, &(0x7f0000000140))

13:34:52 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000000095000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:52 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xa]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:52 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000ffffffffa00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:52 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4a9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  842.185308] EPT pointer = 0x000000018000801e
[  842.218531] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:52 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:52 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000000095000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:52 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x556, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  842.336999] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.376784] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:52 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5000000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  842.439634] *** Guest State ***
[  842.455550] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.466045] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:52 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x9, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000000095000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:52 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  842.484193] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.499704] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  842.518711] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  842.533024] CR3 = 0x0000000000000000
13:34:52 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7df, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  842.547054] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.556225] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  842.557201] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  842.562457] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  842.577616] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  842.584839] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  842.599155] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.608465] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.630226] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.643886] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.660445] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.672157] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  842.681329] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  842.697716] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  842.707469] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  842.715667] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  842.731628] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  842.741929] Interruptibility = 00000001  ActivityState = 00000000
[  842.748818] *** Host State ***
[  842.752225] RIP = 0xffffffff8120269c  RSP = 0xffff88018a397390
[  842.758559] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  842.765030] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  842.773795] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  842.779884] CR0=0000000080050033 CR3=000000018a576000 CR4=00000000001426f0
[  842.787278] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  842.793941] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  842.800071] *** Control State ***
[  842.803565] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  842.810347] EntryControls=0000d1ff ExitControls=002fefff
[  842.815879] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  842.822810] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  842.829795] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  842.836470]         reason=80000021 qualification=0000000000000000
[  842.842798] IDTVectoring: info=00000000 errcode=00000000
[  842.848607] TSC Offset = 0xfffffe3a7c948e79
[  842.852950] EPT pointer = 0x00000001cbe1701e
[  842.865115] *** Guest State ***
[  842.868697] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  842.877904] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  842.887432] CR3 = 0x0000000000000000
[  842.891160] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  842.897198] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  842.903182] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  842.910662] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  842.919070] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.928864] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.936944] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.944943] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.953052] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  842.961108] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  842.969177] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  842.977230] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  842.985211] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  842.993331] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  842.999806] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  843.007421] Interruptibility = 00000001  ActivityState = 00000000
[  843.013668] *** Host State ***
[  843.016903] RIP = 0xffffffff8120269c  RSP = 0xffff8801bc0e7390
[  843.022927] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  843.029499] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  843.037368] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  843.043293] CR0=0000000080050033 CR3=000000018a576000 CR4=00000000001426f0
[  843.050490] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  843.057244] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  843.063308] *** Control State ***
[  843.066892] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  843.073564] EntryControls=0000d1ff ExitControls=002fefff
[  843.079068] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  843.086371] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  843.093058] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:34:53 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8000000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:53 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x483, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:53 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x79f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  843.099694]         reason=80000021 qualification=0000000000000000
[  843.106100] IDTVectoring: info=00000000 errcode=00000000
[  843.111537] TSC Offset = 0xfffffe3a7c948e79
[  843.115909] EPT pointer = 0x00000001cbe1701e
13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000a00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  843.197072] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.197456] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  843.232910] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:53 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

[  843.284280] *** Guest State ***
[  843.288831] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  843.301037] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  843.317041] CR3 = 0x0000000000000000
13:34:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff00000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  843.327993] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.331760] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  843.343074] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  843.364839] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
13:34:53 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x50, &(0x7f0000000080)}, 0x10)

[  843.386463] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  843.406153] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  843.417224] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  843.428861] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  843.436990] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  843.446987] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.455022] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  843.464012] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  843.486535] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  843.503381] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  843.514824] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  843.528709] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:34:53 executing program 3:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x469, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:53 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6b5, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:53 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6f6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  843.533160] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.539883] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
13:34:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xdc7f0000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  843.593726] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.602646] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  843.636112] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  843.660415] Interruptibility = 00000001  ActivityState = 00000000
[  843.667757] *** Host State ***
[  843.671122] RIP = 0xffffffff8120269c  RSP = 0xffff880185aff390
[  843.678078] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  843.685111] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  843.695305] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  843.702348] CR0=0000000080050033 CR3=00000001c0b29000 CR4=00000000001426e0
[  843.704164] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  843.709820] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  843.726793] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  843.732850] *** Control State ***
[  843.736365] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  843.743069] EntryControls=0000d1ff ExitControls=002fefff
[  843.748726] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  843.755906] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  843.762580] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  843.769382]         reason=80000021 qualification=0000000000000000
[  843.775886] IDTVectoring: info=00000000 errcode=00000000
[  843.781434] TSC Offset = 0xfffffe3a0344d93e
[  843.785748] EPT pointer = 0x00000001d23ec01e
13:34:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:53 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x4e845e64]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:53 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  843.860592] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  843.891334] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:53 executing program 3:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0xf000, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:54 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x711, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:54 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3f00]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  844.025654] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:34:54 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000a0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:34:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  844.088927] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  844.111677] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:54 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7f6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:54 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x6000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  844.272083] *** Guest State ***
[  844.275878] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  844.293209] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  844.316384] CR3 = 0x0000000000000000
[  844.324183] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  844.335148] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  844.344703] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  844.353517] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  844.363500] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  844.372599] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  844.381524] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  844.390285] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  844.398931] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  844.399103] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  844.407498] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  844.426240] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  844.434732] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  844.443291] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  844.453744] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  844.462148] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  844.471044] Interruptibility = 00000001  ActivityState = 00000000
[  844.477835] *** Host State ***
[  844.481561] RIP = 0xffffffff8120269c  RSP = 0xffff8801877af390
[  844.489464] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  844.496685] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  844.505000] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  844.515632] CR0=0000000080050033 CR3=00000001864b1000 CR4=00000000001426e0
13:34:54 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x900]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  844.523312] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  844.540184] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
13:34:54 executing program 3 (fault-call:4 fault-nth:0):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:54 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x499, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  844.588114] *** Control State ***
[  844.606749] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  844.628658] EntryControls=0000d1ff ExitControls=002fefff
[  844.637182] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  844.666534] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:34:54 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7ba, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  844.686154] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  844.716748] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:34:54 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  844.758771]         reason=80000021 qualification=0000000000000000
[  844.796046] IDTVectoring: info=00000000 errcode=00000000
[  844.801578] TSC Offset = 0xfffffe397e42cd11
13:34:54 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1800000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  844.826807] EPT pointer = 0x00000001d238c01e
13:34:54 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7bf, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:54 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  844.882615] *** Guest State ***
[  844.885924] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  844.904768] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:34:55 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5e1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  844.987999] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  845.011220] CR3 = 0x0000000000000000
[  845.014988] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  845.066566] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  845.072601] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  845.116110] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  845.124665] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.133213] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.141883] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.147952] IPVS: ftp: loaded support on port[0] = 21
[  845.161059] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.186773] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.199179] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  845.207423] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  845.215575] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  845.224223] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  845.224248] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  845.238893] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  845.246907] Interruptibility = 00000001  ActivityState = 00000000
[  845.253317] *** Host State ***
[  845.258411] device bridge_slave_1 left promiscuous mode
[  845.263965] bridge0: port 2(bridge_slave_1) entered disabled state
[  845.265911] RIP = 0xffffffff8120269c  RSP = 0xffff88017ecdf390
[  845.276575] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  845.284791] device bridge_slave_0 left promiscuous mode
[  845.288761] FSBase=00007f9b60ee1700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  845.298298] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  845.304342] CR0=0000000080050033 CR3=00000001864b1000 CR4=00000000001426f0
[  845.311602] bridge0: port 1(bridge_slave_0) entered disabled state
[  845.312471] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  845.326467] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  845.332659] *** Control State ***
[  845.336324] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  845.343095] EntryControls=0000d1ff ExitControls=002fefff
[  845.348760] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  845.355887] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  845.362637] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  845.369314]         reason=80000021 qualification=0000000000000000
[  845.375666] IDTVectoring: info=00000000 errcode=00000000
[  845.381224] TSC Offset = 0xfffffe397e42cd11
13:34:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000140)={0x2, r3, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:34:55 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x8, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:55 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x8010017d00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:34:55 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x493, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:55 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x701, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  845.385586] EPT pointer = 0x00000001d238c01e
[  845.464177] team0 (unregistering): Port device team_slave_1 removed
[  845.477092] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  845.499032] team0 (unregistering): Port device team_slave_0 removed
[  845.523615] bond0 (unregistering): Releasing backup interface bond_slave_1
[  845.541065] bond0 (unregistering): Releasing backup interface bond_slave_0
[  845.550492] *** Guest State ***
[  845.554003] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  845.563897] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  845.573713] CR3 = 0x0000000000000000
[  845.577977] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  845.584124] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  845.584145] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  845.584162] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  845.584185] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.584207] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.584228] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.584250] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.597995] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  845.615090] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  845.632867] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  845.646700] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  845.662981] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  845.685114] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  845.691821] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  845.699600] Interruptibility = 00000001  ActivityState = 00000000
[  845.706205] *** Host State ***
[  845.709798] RIP = 0xffffffff8120269c  RSP = 0xffff8801c76f7390
13:34:55 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x789, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:34:55 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5d3, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  845.726110] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  845.741922] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  845.741937] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  845.764421] bond0 (unregistering): Released all slaves
[  845.796973] CR0=0000000080050033 CR3=00000001cd0fb000 CR4=00000000001426f0
[  845.819100] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  845.840729] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  845.852503] *** Control State ***
[  845.856525] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  845.863343] EntryControls=0000d1ff ExitControls=002fefff
[  845.869745] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  845.885127] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  845.893129] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  845.900623]         reason=80000021 qualification=0000000000000000
[  845.907624] IDTVectoring: info=00000000 errcode=00000000
[  845.913481] TSC Offset = 0xfffffe38cd8a5ca4
[  845.918900] EPT pointer = 0x0000000185d3901e
13:34:56 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x2, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:34:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/autofs\x00', 0xa0000, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000200)={0x9996, 0x4})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000040)=[0x5a, 0x4, 0x81], 0x3, 0xa1, 0x20, 0x40, 0x800, 0x9, {0xf843, 0x100000001, 0x4, 0xd19c, 0x80000000, 0x24000000, 0x5, 0x0, 0x3, 0x20, 0x6, 0x7f, 0x9, 0x7, "b761b557ee78f039b1671312b4fa9d1f33852336c33c4ed257d9876a3757cb0a"}})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:34:56 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xd, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  846.177366] *** Guest State ***
[  846.186595] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  846.236075] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  846.268987] CR3 = 0x0000000000000000
[  846.280535] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  846.324226] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  846.331500] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  846.359832] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  846.370092] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  846.378564] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  846.393531] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  846.401988] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  846.411435] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  846.419845] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  846.428445] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  846.437704] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  846.455944] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  846.464044] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  846.479527] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  846.496442] Interruptibility = 00000001  ActivityState = 00000000
[  846.502780] *** Host State ***
[  846.516278] RIP = 0xffffffff8120269c  RSP = 0xffff8801c3307390
[  846.522381] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  846.533938] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  846.546019] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  846.557458] CR0=0000000080050033 CR3=00000001b8361000 CR4=00000000001426e0
[  846.574738] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  846.585999] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  846.606273] *** Control State ***
[  846.609841] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  846.619541] EntryControls=0000d1ff ExitControls=002fefff
[  846.625101] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  846.648944] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  846.666091] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  846.672780]         reason=80000021 qualification=0000000000000000
[  846.690141] IDTVectoring: info=00000000 errcode=00000000
[  846.695701] TSC Offset = 0xfffffe387a871650
[  846.706012] EPT pointer = 0x00000001cb16a01e
[  847.224649] bridge0: port 1(bridge_slave_0) entered blocking state
[  847.231237] bridge0: port 1(bridge_slave_0) entered disabled state
[  847.239012] device bridge_slave_0 entered promiscuous mode
[  847.289513] bridge0: port 2(bridge_slave_1) entered blocking state
[  847.296371] bridge0: port 2(bridge_slave_1) entered disabled state
[  847.303991] device bridge_slave_1 entered promiscuous mode
[  847.354993] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  847.405351] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  847.558356] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  847.607733] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  847.749522] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  847.757050] team0: Port device team_slave_0 added
[  847.785254] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  847.792531] team0: Port device team_slave_1 added
[  847.822311] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  847.853124] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  847.882839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  847.913505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  848.187602] bridge0: port 2(bridge_slave_1) entered blocking state
[  848.193965] bridge0: port 2(bridge_slave_1) entered forwarding state
[  848.200679] bridge0: port 1(bridge_slave_0) entered blocking state
[  848.207058] bridge0: port 1(bridge_slave_0) entered forwarding state
[  848.214459] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  849.006203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  849.194328] 8021q: adding VLAN 0 to HW filter on device bond0
[  849.289448] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  849.384177] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  849.390382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  849.397612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  849.490364] 8021q: adding VLAN 0 to HW filter on device team0
13:35:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000001a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:00 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x61c, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:00 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x48b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:00 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xb, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:00 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3812edaa5d000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x18200, 0x0)
ioctl$BLKFLSBUF(r3, 0x1261, &(0x7f0000000140)=0xaa27)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  850.080070] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.168678] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  850.192624] *** Guest State ***
[  850.200815] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:35:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  850.210454] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  850.215717] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.220081] CR3 = 0x0000000000000000
[  850.231747] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  850.241719] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.241764] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  850.256254] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
13:35:00 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xe, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  850.263972] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  850.276786] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.292662] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.292775] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.309848] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:00 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x14280000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000ffffffffa00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  850.330290] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.345240] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.367733] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.376808] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  850.385297] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  850.394283] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  850.404099] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
13:35:00 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x3, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:00 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6c8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  850.428327] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  850.429727] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  850.459481] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.470018] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  850.485216] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  850.506015] Interruptibility = 00000001  ActivityState = 00000000
[  850.516126] *** Host State ***
[  850.524319] RIP = 0xffffffff8120269c  RSP = 0xffff880188f87390
13:35:00 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe59afa1700000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  850.539818] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  850.547037] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  850.557632] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  850.567210] CR0=0000000080050033 CR3=00000001c0578000 CR4=00000000001426e0
[  850.594189] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.597502] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  850.614605] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:00 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x485, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:00 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000008000a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:00 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x10, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  850.647167] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  850.671784] *** Control State ***
[  850.692332] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  850.704627] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  850.736107] EntryControls=0000d1ff ExitControls=002fefff
[  850.744141] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.752832] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  850.763074] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  850.777601] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  850.799571] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  850.816034]         reason=80000021 qualification=0000000000000000
[  850.829295] IDTVectoring: info=00000000 errcode=00000000
[  850.846530] TSC Offset = 0xfffffe3651fdb79e
[  850.860735] EPT pointer = 0x00000001ccfaa01e
[  850.883091] *** Guest State ***
[  850.886570] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  850.895414] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  850.904592] CR3 = 0x0000000000000000
[  850.908667] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  850.914649] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  850.920702] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  850.927808] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  850.936658] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.944629] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.953390] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.961444] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.969471] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  850.977493] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  850.985482] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  850.993573] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  851.001643] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  851.010157] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  851.016651] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  851.024110] Interruptibility = 00000001  ActivityState = 00000000
[  851.030452] *** Host State ***
[  851.033676] RIP = 0xffffffff8120269c  RSP = 0xffff880183c3f390
[  851.033703] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  851.033720] FSBase=00007f9b60ee1700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  851.054041] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  851.060042] CR0=0000000080050033 CR3=00000001c0578000 CR4=00000000001426e0
[  851.067101] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  851.073757] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  851.080526] *** Control State ***
[  851.083977] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  851.090947] EntryControls=0000d1ff ExitControls=002fefff
13:35:01 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x13, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000002a000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:01 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x55d, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:01 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x900000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:01 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x741, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  851.096494] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  851.103433] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  851.110143] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  851.116764]         reason=80000021 qualification=0000000000000000
[  851.123069] IDTVectoring: info=00000000 errcode=00000000
[  851.128558] TSC Offset = 0xfffffe3651fdb79e
[  851.132886] EPT pointer = 0x00000001ccfaa01e
[  851.204049] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  851.234033] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:01 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  851.266773] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.320339] *** Guest State ***
[  851.324016] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  851.333994] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  851.348057] CR3 = 0x0000000000000000
[  851.352966] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  851.359381] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  851.365777] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  851.373304] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  851.381904] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  851.390453] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  851.390543] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.398985] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  851.415482] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  851.420901] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.425123] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  851.449958] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:35:01 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xc, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:01 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7c3, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  851.466015] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  851.493711] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  851.506022] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  851.522257] EFER =     0x0000000000000000  PAT = 0x0007040600070406
13:35:01 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x7, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  851.543823] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  851.563189] Interruptibility = 00000001  ActivityState = 00000000
[  851.571546] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.583003] *** Host State ***
13:35:01 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  851.588799] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.597237] RIP = 0xffffffff8120269c  RSP = 0xffff8801c08bf390
[  851.604150] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:35:01 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x650, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:01 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  851.640093] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  851.669150] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  851.691607] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.700687] CR0=0000000080050033 CR3=000000017f3ba000 CR4=00000000001426e0
[  851.709203] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  851.725132] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  851.745939] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  851.761022] *** Control State ***
[  851.764662] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  851.771827] EntryControls=0000d1ff ExitControls=002fefff
[  851.777754] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  851.784987] VMEntry: intr_info=80000000 errcode=00000000 ilen=00000000
[  851.792445] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  851.800658]         reason=80000021 qualification=0000000000000000
[  851.815728] IDTVectoring: info=00000000 errcode=00000000
[  851.825988] TSC Offset = 0xfffffe35b7956891
[  851.844152] EPT pointer = 0x00000001c865601e
13:35:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xf401]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:02 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x5, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2000)
ioctl$DRM_IOCTL_GET_MAGIC(r3, 0x80046402, &(0x7f0000000140)=0xa8e)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:02 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7d1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:02 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x680, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:02 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x9, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x218]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  852.150148] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.176942] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  852.206574] *** Guest State ***
[  852.220317] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  852.252997] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  852.279261] CR3 = 0x0000000000000000
[  852.287905] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
13:35:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x281400]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  852.300816] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.308760] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  852.308778] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  852.308799] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  852.317973] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.343382] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  852.360604] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  852.386783] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:02 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x12, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  852.409136] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  852.437344] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.443075] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:02 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x682, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000ffffffffa00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  852.457641] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:02 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x76f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  852.486121] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  852.519166] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  852.568212] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  852.585010] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  852.596858] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.612499] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  852.621251] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  852.628208] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  852.632447] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  852.636344] Interruptibility = 00000001  ActivityState = 00000000
[  852.650306] *** Host State ***
[  852.653614] RIP = 0xffffffff8120269c  RSP = 0xffff8801cebe7390
[  852.660583] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  852.672930] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  852.681430] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  852.689036] CR0=0000000080050033 CR3=00000001c5a4e000 CR4=00000000001426f0
[  852.696940] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  852.703777] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  852.710260] *** Control State ***
[  852.713792] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
13:35:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x734})
r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x800, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140)={<r4=>0x0, 0x7d9b}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f00000001c0)=r4, 0x4)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  852.720881] EntryControls=0000d1ff ExitControls=002fefff
[  852.726629] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  852.733722] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  852.740641] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  852.747367]         reason=80000021 qualification=0000000000000000
[  852.753850] IDTVectoring: info=00000000 errcode=00000000
[  852.759524] TSC Offset = 0xfffffe353fc4018d
[  852.763973] EPT pointer = 0x00000001ba8be01e
13:35:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe59afa17]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:02 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x6, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:02 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  852.849433] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:02 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6bb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:02 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x11, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:02 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:03 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6e5, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  852.957582] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  853.057350] *** Guest State ***
[  853.060773] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  853.087564] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  853.119605] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  853.136205] CR3 = 0x0000000000000000
[  853.140439] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  853.151327] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[  853.157783] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
13:35:03 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0x14, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  853.164809] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  853.173266] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.178287] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  853.181754] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  853.240243] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.263646] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.280805] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.294667] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  853.314481] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  853.342984] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  853.351045] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  853.365944] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  853.378087] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  853.384523] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  853.392624] Interruptibility = 00000001  ActivityState = 00000000
[  853.406798] *** Host State ***
[  853.409996] RIP = 0xffffffff8120269c  RSP = 0xffff8801bd92f390
[  853.416938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  853.423341] FSBase=00007f9b60ee1700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  853.431277] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  853.437237] CR0=0000000080050033 CR3=00000001c5e37000 CR4=00000000001426e0
[  853.444266] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  853.451010] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  853.457651] *** Control State ***
[  853.461097] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  853.467839] EntryControls=0000d1ff ExitControls=002fefff
[  853.473304] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  853.480621] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  853.488104] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:35:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x42, 0x400)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r2, 0xf22, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x10, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1f}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f00000004c0)={0x100000001, 0x9, 0x2, 'queue1\x00', 0xffff})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x412800, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
pwritev(r3, &(0x7f0000000700)=[{&(0x7f0000000340)="d9237874f784fec31b20350f1b6edf796b98a57b3efe912b4a87af65327ec61e2df1c48a6dae3ee309c1b2bdd3e6702590d17244a11f2041539d4254cf0e95eefdc1319d67476e5290e36f6c8600f456ffbf9f1ca9ae97c82b47c0f2592aec48fc800e9ce32faa6bbac60357b96e70b53e0e823ee9c9e0ce350c84f324d7dc8bdf603840d63dd83ea8382253317bdac63587fb337836f33403f1d42ab4600264a97cbeac9176476d131e3582421b1b0a9506", 0xb2}, {&(0x7f0000000440)="4c29f535123e8ac7a74358ebe6ccfbb11c3ed2efa982a9b0e4b92bc36c275e17dce04937df8237ccbbbca5cd57aa8e5f2d710f4654be3ba8f5d3f9", 0x3b}, {&(0x7f0000000580)="dc78c571e301e73000a1bbda7cac6ccff91024767daa94ae5ebe6027db50dfda8a830d2a577e6594b2284bcb13ca49ad11bf0798c7bdd771e277d138f7b81f8792df6edb4193b5fa757eb92128093f5c3f9af63f300de2a676705eb1f52a22e65dc2a2f85730d3f49b737f3366d59679bbe95b608013900c70e8ec9a24dba5f2de7794d8423544d2f15da9f697d0319bd5d3b7ce47bf8fb21de5e7d36f3fb1011f31cc11482760b37f4ea0098152631c46f985cb37abf826f699f5324ec605f59b347600c296610515a857e692e58f9207e5796abbd54d36575d76aa6ddfe241c941de3b2c1125c0f8e53fcd", 0xec}, {&(0x7f0000000680)="62ae5c843180bdfbb05404b9655dc417197778d48aab785e7568cdcfaac454495c207e00225dc08088cab47f78160618c3f03af37587b5f9cc2186ccb4203ab2ef3ada2997e885978e64b5ada6585347417e8fde4906a80c7fa1371fd77004508bb7", 0x62}, {&(0x7f0000000480)="ce8b1af6d3ef9f55b4cf65de21bc565f72f4d30ed0dd12108b19a297dee2c066147765e3100952f99eff7b12b7b97a87ab08c2f63fefaf0bc816", 0x3a}], 0x5, 0x9)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f00000002c0)=[@dstype0={0x6, 0xb}], 0x1)
clock_gettime(0x0, &(0x7f0000000780)={<r5=>0x0, <r6=>0x0})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000cc0)='/dev/ppp\x00', 0x400, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f00000007c0)={{0x3, 0x7, 0x100000000, 0x8000}, 0x0, [0x1, 0x5, 0xf5, 0x2, 0x9, 0x1, 0x6, 0x70, 0x2, 0x3cfe, 0x6, 0xfff, 0x9, 0x2, 0x3ff, 0x8, 0x9, 0x5, 0x8, 0x2, 0x80000000, 0x5, 0x8, 0x1f, 0x8, 0x401, 0x8001, 0x5, 0xb62, 0x0, 0x8, 0x6, 0x7, 0x8, 0x100, 0x3eb, 0x2, 0x101, 0x3, 0x7, 0x5b, 0x1000, 0x200, 0x7fff, 0xe7fd, 0x7, 0x203, 0xee9c, 0xffffffffffffffff, 0xfff, 0x0, 0x9, 0x5, 0x2, 0x401, 0x1f, 0x2, 0x7fffffff, 0xfffffffffffffff7, 0x9, 0xa2, 0xdabc, 0x7, 0x1000, 0x80000000, 0x99b8ae3, 0x1, 0x1, 0x6, 0x0, 0x101, 0x200, 0x6, 0x101, 0x17, 0x1f, 0xff, 0x7, 0x2, 0x7, 0x2, 0x5eb, 0x1, 0x1, 0xe1, 0x81, 0x5, 0x7ff, 0x7, 0x9, 0x7fff, 0x9, 0x7fff, 0x6, 0x8, 0x5, 0x7, 0x1, 0x9, 0x40, 0x9, 0x8, 0x7ff, 0x5, 0x100000000, 0x1ff, 0x4, 0x2, 0x20, 0x7a, 0x6, 0x3c, 0xfffffffffffffff9, 0x400, 0x0, 0x1000, 0x4, 0x40, 0x0, 0x3, 0x7fffffff, 0x2e, 0x81, 0x5, 0x80, 0x200, 0x4, 0xa64c], {r5, r6+30000000}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:35:03 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x61d, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfc00]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:03 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7e6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:03 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x200000d0, &(0x7f0000000080)}, 0x10)

[  853.494679]         reason=80000021 qualification=0000000000000000
[  853.501070] IDTVectoring: info=00000000 errcode=00000000
[  853.506590] TSC Offset = 0xfffffe34d24a81fb
[  853.510905] EPT pointer = 0x00000001c2a9401e
13:35:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  853.606426] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  853.617195] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:03 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x20000150)

[  853.715531] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  853.737608] *** Guest State ***
[  853.741452] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  853.751548] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  853.761490] CR3 = 0x0000000000000000
13:35:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x3]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:03 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  853.766221] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  853.779561] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  853.794098] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  853.808973] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  853.827077] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.856137] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:03 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x48)

13:35:03 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1000000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  853.874353] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.896453] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.916543] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  853.956497] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  853.985548] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  853.986579] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  854.016546] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  854.024959] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  854.033880] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  854.040963] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  854.048959] Interruptibility = 00000001  ActivityState = 00000000
[  854.056907] *** Host State ***
[  854.060129] RIP = 0xffffffff8120269c  RSP = 0xffff880185d1f390
[  854.076126] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  854.082909] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  854.091320] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  854.097835] CR0=0000000080050033 CR3=0000000188ba7000 CR4=00000000001426e0
[  854.118398] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  854.125969] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  854.132040] *** Control State ***
[  854.135499] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  854.165895] EntryControls=0000d1ff ExitControls=002fefff
[  854.171467] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  854.211821] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  854.236969] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  854.260202]         reason=80000021 qualification=0000000000000000
[  854.274313] IDTVectoring: info=00000000 errcode=00000000
[  854.280032] TSC Offset = 0xfffffe346e80f255
[  854.284409] EPT pointer = 0x00000001c2a9501e
[  854.303000] *** Guest State ***
[  854.311357] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  854.320857] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  854.330175] CR3 = 0x0000000000000000
[  854.334004] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  854.340622] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  854.347030] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  854.355383] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  854.364185] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  854.372816] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  854.381014] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  854.389122] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  854.397263] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  854.405245] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  854.405266] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  854.405284] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  854.421421] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  854.421435] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  854.421448] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  854.421466] Interruptibility = 00000001  ActivityState = 00000000
[  854.437552] *** Host State ***
[  854.451471] RIP = 0xffffffff8120269c  RSP = 0xffff8801d4997390
[  854.451496] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  854.451509] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  854.451521] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  854.451536] CR0=0000000080050033 CR3=0000000188ba7000 CR4=00000000001426f0
[  854.451552] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  854.451577] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  854.451582] *** Control State ***
[  854.451592] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  854.451600] EntryControls=0000d1ff ExitControls=002fefff
[  854.451614] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  854.451624] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  854.451633] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  854.451642]         reason=80000021 qualification=0000000000000000
[  854.451649] IDTVectoring: info=00000000 errcode=00000000
[  854.451655] TSC Offset = 0xfffffe341c3eb693
13:35:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffc)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff})
setsockopt$inet6_buf(r3, 0x29, 0xcc, &(0x7f0000000140)="f9905db28a246144c3b752bba64a6391410c75dcb8e1cbd71d9e9ab451992bb2e8a6134d9b4277d20d0244eb3f402560173cb8cf639c932d723a9dadbc0cdf8c5a5652d37ed0a5e0bdea56ee79cd648c0ff9763955d58531b925ed8394c9ecddf4293d6c5eec15efa6c7f01b245f82605dd80ec8e0a4deaf66bb31c67e8268de811319c6f1809c43feeb512eb00c520be5b455283df851d861320e3093abeb8563f0b2eae46bd0148cf91da966feccf6c155f9e559643f0b173b61a5a69d0f45874a0ae20306be3bbbd3", 0xca)

13:35:04 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x6, 0x40)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000200)={0x6, [0x7, 0x3f, 0x100000001, 0xffffffffffffff90, 0x5, 0xf2]}, &(0x7f0000000240)=0x10)
write$binfmt_elf64(r0, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0xffff, 0x20, 0x3f, 0x80000001, 0x8, 0x3, 0x0, 0x2a, 0x203, 0x40, 0xc3, 0x1, 0x2, 0x38, 0x2, 0x6, 0x10001, 0x3}, [{0x70000007, 0x7, 0x6, 0x9, 0x20, 0x6, 0x2, 0x5}, {0x60000004, 0x0, 0x6, 0x40, 0x3, 0x1, 0x2, 0x2}], "14eb112dcfeec02eaaca6b61e0ae531a0f3d057a070f65fb85", [[], [], [], [], [], [], [], []]}, 0x8c9)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:04 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1100000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:04 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6ff, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:04 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:04 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  854.451665] EPT pointer = 0x00000001c845901e
[  854.639496] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:04 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000000580)=ANY=[@ANYBLOB="bf1600000000000085100000050000003e0085100000020000e6bf0100000000000095000000000000001501000000000000b700000000000000950000000000000000000000000000000000000000001bdbd54863f04da5961cfb0b1ee170e985a5d7044cf6fa2bacf35c32dd7ef8a49864055591f1801caddb22a86b25ef5db4385a04e027c0bd411c1391c414643998b990dbaf44e5d1ff637bd41d649b5b822d43c3affb19094707000000a494b90f337a667771211d9b48e54ecd56b5b9b7ab5b8c9fdac7330735817b14325acee40c19554acd3301dd8c8dd5aa5c595157bce042f2082b21bcbd09d569e9307d642b172839fad2800f758ae7919e3a5b851756f7d1761546438d26356711b216e2116a6f1b5322141a0db18b54f6db14070fe872acfb4309ef49793d5751eea88a7082c05267ade9b4598f2d038224d08218e3cbcf7d11cd0194cf46333247da5ce17476958283e268ec1c29ad541ec5f5a5791901e27496694c05d30e9db9f09e9acdca9d7e1b07ce11ff32a97e76f66987026441baed8f73866f4f29bbe65897b24293a69bb10c5d147f9cd0afeac963638c57ca237defd63a3cbde9bcba7d51f08d4c3414f9a700e0e25022ae583fa90873d7b0c218287698d4"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:04 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x300000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:04 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x80000000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = msgget(0x0, 0x23)
msgctl$IPC_RMID(r3, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r4 = mmap$binder(&(0x7f0000fde000/0x2000)=nil, 0x2000, 0x6, 0x6010, 0xffffffffffffffff, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f00000001c0)={r4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x80, 0x0)
ioctl$TIOCMBIC(r5, 0x5417, &(0x7f0000000180)=0x4)
openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0)

[  854.843329] IPVS: ftp: loaded support on port[0] = 21
[  854.860201] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:04 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x774, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:05 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4c7, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:05 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe00]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  855.057252] device bridge_slave_1 left promiscuous mode
[  855.062864] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.068048] *** Guest State ***
[  855.073054] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:35:05 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
getpeername$inet(r2, &(0x7f0000000180), &(0x7f0000000200)=0x10)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x4, 0x390, 0x1e0, 0x120, 0x120, 0x120, 0x0, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x4, &(0x7f0000000240), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@icmp={0x28, 'icmp\x00', 0x0, {0xc, 0x66, 0x3ff, 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x6, [0x6, 0xffffffff, 0xffffffffffffe9e5, 0x246e51f2, 0x8000, 0x1ff], 0x1, 0x101, 0x9}, {0xffffffff, [0x10000000000000, 0x7a7, 0x0, 0x70837207, 0x6, 0x8001], 0x100000000, 0x401, 0xdff}}}}, {{@uncond, 0x0, 0x98, 0xc0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@empty, @empty, 0xffffffff, 0xffffff00, 'yam0\x00', 'vlan0\x00', {0xff}, {0xff}, 0x89, 0x1, 0x10}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@icmp={0x28, 'icmp\x00', 0x0, {0xf, 0x8, 0xfffffffffffffffc, 0x1}}, @common=@ah={0x30, 'ah\x00', 0x0, {0x8001, 0xa9}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  855.110392] device bridge_slave_0 left promiscuous mode
[  855.116149] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  855.159664] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.166889] CR3 = 0x0000000000000000
[  855.185161] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  855.206028] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  855.218998] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  855.240798] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:05 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5bf, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  855.259911] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  855.300777] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  855.316097] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  855.332565] team0 (unregistering): Port device team_slave_1 removed
[  855.345602] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:05 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x45e, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  855.387530] team0 (unregistering): Port device team_slave_0 removed
[  855.399604] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  855.427870] bond0 (unregistering): Releasing backup interface bond_slave_1
[  855.435308] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  855.444515] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  855.459775] bond0 (unregistering): Releasing backup interface bond_slave_0
[  855.477415] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  855.496207] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  855.525207] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  855.546089] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  855.561986] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  855.584556] Interruptibility = 00000001  ActivityState = 00000000
[  855.604884] *** Host State ***
[  855.613314] bond0 (unregistering): Released all slaves
[  855.617685] RIP = 0xffffffff8120269c  RSP = 0xffff88017fdf7390
13:35:05 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x78c, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  855.635381] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  855.635398] FSBase=00007f9b60f02700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  855.656018] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  855.675989] CR0=0000000080050033 CR3=00000001d2ed7000 CR4=00000000001426f0
[  855.718450] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  855.727531] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  855.734543] *** Control State ***
[  855.748160] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  855.850147] EntryControls=0000d1ff ExitControls=002fefff
[  855.886181] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  855.905503] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  855.925992] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  855.942610]         reason=80000021 qualification=0000000000000000
[  855.955985] IDTVectoring: info=00000000 errcode=00000000
[  855.961593] TSC Offset = 0xfffffe33ba31257b
[  855.971694] EPT pointer = 0x00000001898c001e
[  856.636126] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.642604] bridge0: port 1(bridge_slave_0) entered disabled state
[  856.651684] device bridge_slave_0 entered promiscuous mode
[  856.700248] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.707164] bridge0: port 2(bridge_slave_1) entered disabled state
[  856.714533] device bridge_slave_1 entered promiscuous mode
[  856.761371] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  856.809171] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  856.954021] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  857.003319] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  857.234548] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  857.242228] team0: Port device team_slave_0 added
[  857.290447] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  857.299369] team0: Port device team_slave_1 added
[  857.343628] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  857.373129] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  857.402730] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  857.409829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  857.418194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  857.443241] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  857.450369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  857.458978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  857.725150] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.731549] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.738242] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.744592] bridge0: port 1(bridge_slave_0) entered forwarding state
[  857.752352] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  857.758868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  858.736389] 8021q: adding VLAN 0 to HW filter on device bond0
[  858.831260] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  858.925338] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  858.931618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  858.939845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  859.031186] 8021q: adding VLAN 0 to HW filter on device team0
13:35:09 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:09 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6d1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:09 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
r1 = syz_open_dev$vcsn(&(0x7f0000000300)='/dev/vcs#\x00', 0x2, 0x8000)
write$UHID_INPUT(r1, &(0x7f0000000580)={0x8, "db0f8dc011152985cec84d4e8e92f6055235ab0c615c84305d2caa647f28daee9d711ada63cfeb97218fa8b12dd264d9b598a4b1794c2f2df9aa24c8b1338145968c1dcfe6073a0def0718b851826af71c0a8a941ea706fe631ef3b13cef0211c21ff88aa856f9c63b96d208cb64912334b9b12b94bd9968300d7794674ceae768e5c1b8e68689c1a7cce0d9570b9fe983d433202181fec0340ac41267ef5ff81794f4ec3aefd7fe42312b38b06884bb76fd90edab4ce871546d712b6a65e9297bbe3e34c73596687fec68a2c8280bc105d930f06a862b2e51d5a3155123b8c6d79e4b9aa5c4e3c93811ef7f177601de4e03ec27b33b26a63aed44f4f5471c21aacae0215226b125384a0e4aa7cd0c7425dbce9ebebf8aeba34dbe8dd4dfd79ad4b4f4316e0c8dc1cca9a09e9a98f851c9b8b1b95ebc6bbe1dc39fd7ddb6e3d202e4e2c4153e3f256fe304454741134ec86754b9ba138415b2b32428ee036df3b9741257eb4b820ef0458537bf5b0e625e9ceef82f0c4541958fe130f50f98a6e67d45e031136224c6031a31fcab00026ece7fc320e4d8d7e9c183957ab1a98e6c49e1daf47666a6bd7cbfb1af37f891612eb6db97d76f8679b24b4d362e018c60447dcfea125e228a857130bf87a952fc5d6a88003c71f07a8ae939ce050436e7ac27fb8af0227c1fd0b5e18b8d80d069d34bee3d8f0d6df38fe007e02494bfc6333a605f62786ca1ce844f1a9a6d7c323e055f0380a0edb3a903071f9f2317222f984ab992d7e8df4030e1e4836a171023252841b8485c39c37b2ce9c7813fdeec177e7f177c1843b948c1707a5b4963402d3a95045729f6c5d66f4e3a7dee5d562766cee39853dd0001b3bae508bf28648174b46f7be03a9aaa055f9a49abd3787752c81ba466d13d400e025ae94e3e8b2ebf2c61405bceeacccc647ef0968e8b9d65ca5bf2c7de0279d417e5a8c599f6dd0082fa74c9c4b02dfca0b148bbb15ab85e31919eaa1d4cba17b2c75236451170128d837a8f30021ad97da96e1238bd16500e89fe18bd5a6440456eef870a1acd487d89b05786e4e21cd1ea8697645dc085dd148e509e1ec7916f65e00bbd5721e5ac48d4ccda12faefb504c4e83b7173cc9499e91fda1c4bcb302a6128f0532003d0e5c128be825681049d4a41b65cbecbec2481806d294292a2eaa6d042ca13cbbaa6beb70688ae3e088c9b051343617f614729907305107e3c5aaea2ca2cf4e52658cf3ca09c8dd692927fdc731d95f0804231488adb39459d58eb13638532d50e33dac22a71151ec4e62ceb33205044fd6c86b03fd32f140e77ccb9fde24558794f70a47a032a67d884d8613aab4ec84b0509650e4ae8ec57ae13a6579f52e86b77d3333afe7cb0274b6d39b38bf1a126efa840934a3317857dabdde0b7813635e761e8da41f0def1effc5bd1ebf5c1bee32f6ed346959253c97be7c61a38575d4c9b0702ea6bfdbf71f140503b260bf70b6a5f524c43b9765f57c046a5f97308068a64aac35619d1356049d5184eabf3f361e1f97364e10f856db314014afb5bfa9175104d3023b637aa6c037c2b732e32125f858ad8c9d87609cd4418a265000134dd39760d2f1d6071d1d26276ae78fd41ae7dd17d715afdaa90009945d7a8c89e6b0b0507220c1f97caff7b04b1ec8b4c1e7b733285991f308f2b605ae64855957d7615437e4e8b652a0f2548133b12a34da47bb6e44ce14400c6bb1f0338c7e64400b94f4887a059e71fcef21b0410dda4717b0d7f0a1099acc4e24a1e03674b772b5f179796751439687d1d4c9127ae3fea531607c39ab49652afec78bc33acf41f004235439c842c417f796ae8fbf7b854bd011ec511a73751c14db38f719b9a626d25c062e5718f7e5cf508fd071f48bf0e039c88c0bc6b64a260cb34a44ae7c5db8f35cb951dd111d4862810e94a3093d8dfa089964367c32561d8bb02ffec7280798dce9c5f443eb7e437feea200ffa85423e5a7f886224f26546943926ff31d353820ea43e60ecbe6532fc2a490c944e98aa0db2efd9951246be57aa4352a62ab13b12352543d38ddfbb2d72e50983869480d8fd2e2f56040a6e6c0b4f43ea32524976ccbdb71d5bab9f456a0f711f39feeca072b4bd6c52a4014eded208158699d26637fbcdcc1426488b8a178b4b5b74250f632f111cadd5969c01cb284214bbee8c9bfcef42a078387ec699bb3e07ed99e35743dbcc9467e4e1bb2f31b7d16d2869334a5bc3436273a337b22ee59684aa3d0ec35147ff922aef5ff0f989afecf58b851b8e5759641fae64121d2d5a6de3fe477de4eb4a2ce375acf14d1bffd59e117ad794a2ea3159e325625138b539f0ec255da5ea382bed3e884ecbd2519e1473bbc85e7a729e593af51a1f7395b462087b57536137bac02c8ea0595ac5724ee2b71ff356c08674f06a0ac9dd7ff389b21c036a5c76f2e0bd62501f8090b6b1e04ace0092ccb3836caebacc1567a3ac46205cbe5163325468e3d51b76275b0b0b383db3397104908c9afd4e7b480c33f296c7272d27fb6f9d20088da18ed9c3b0748e3f3665c111a93f4f70a4f9f908cfd09cc2aa61a4b0ff640a99748e50743a3d3f63aabfaf6cf4bf60a1acc451783902df0f3d0e6166daefafdd8efc2d1b2052482cce644c24529d9edb4da0b6b08f401b6d3d43d221535a59311d7090b1808374bf6365b515df6c65450a1d1d9bb0b9b22855f09dc0cb7ec0c5be5e769cd65db4db02df4029f55dd00dd9d6ed27d430262c00da3ed2fd85dde0fb03ca80f8264d6928e85fcaaa77bf33313966fbe5261ee218b8994177f0577c49560cc1261160412241adf1cade714aa4c3ce103169acf2f3f81347bc93aeeb9f68eab2508481497db6952f7eb1f06a6a0ed268befa12d2c67f2f5c3bd0eda4782c841f6817da9ab40de328e282298b14350eb1c0dfa3e54341d32e1cf88239a2f74270d48d88ba1e5501e91b0fd529d2737af1e7eefbacb54ec0fe4ac7c775274696b7b034d0ab246456ecf0f27bfa3803213c7e4f6464daa4fbe8261ec6e1f0088e434c8c2f5d0eb57b50e7ec1598390b0a7309c35e4154ca4996d10e9e1c16784686cefb14756bb86441f87dada55b4309b4aa99aefbdb950a3088e5575abcc6cb79acf0be7d8665faec3710a20b3a69e6c9c8750a39b354cbd5779bc4da3307d77876bcbac1cd4a117c67da418f328247f9e683b74a7a4e2fec7918a9439b43d741ccf9c7266591514e3cd7b2218054caf22ea8d7e2803777c2bd1e0a4a30dc5db41fddee68934cf420c64699ca236bb6363b6b823610a7eda08a32a1a91bcae7eefb8ee035b1f6c540ddd7c497a146a38891314cd91d51aa6acdf12b4c512e7f862924a2341db9df4d98471543bd3479894e775cfdd31fd4f30df87f1c8812c6d2b10c8e9bc99bb5a427758e6bdae9105e13e84edabfb2667bb5f1868a268a7f45b14827090003363e5631af4be168f07f89ad0a5184cd1e3f30a85b3ca2885e2906f2c57d6027b95dcd27c0a4fa73765bb9c75efbc158864d479141c07bca1a674c3c356d9e6869ab41dce1cef751a2883128e510b16a0bdcfb279f00eea91e1e569b5fb92aba7724494a26821a896aab71f225c801a4644fd31ab7ad244bd5c2197b11ffcbe00221397c523c8397d843db3ec007202c8d6c101dc3e2202f2ddc489cada477be98b77efc7d456de9db1858a881d42dc53e81d38bc264ff8cf8f30d127ac990b380281bbd5c955b23973d813bf768b44c151a1d86ec8d6f4154e1a12811110ab648b7753783945297c386b254f1d2dc9dcad29caaaf31621c5ae5ec9ca36c2fc19c818b8b1b58fea07b6633acf4dc57c00281051ea6d791781fa1b459592fb6daba0f31aca2943fc3c5dd796a579f215b0fe07b9408b0ad89b6c2e7e9246cb13ca96e3a5d297bcb853e242bab7d8937e8ff3abae0f9f8473dd87083459e51c816ac045aa9cdfa44f75dc9b805973a4f35ea000aa1a5e348e502169c2f70ab2dfb919c5f7525f2160b149d3823b5c55496b579bdfe5686435b0f4e0095008d5132a9f54652adf56468281460ffe727f2a6aa12d027401889442aa7111fcee7657f137b5986ad43b9ca7e269ce5f5fb0008753d4726088d72b9d8b71b6fa48bb4a86ddb61b6500ff926788f4c235f22b8f857d2e917e19f5e3985bf15928aa3c9a1dea7a96141517705a5eb163876c0bdda2b6972b6d86c877d26a58bd6e11195360d9bc91a61640c0b016e1810572c4e8acdc707b0c82aa6059676e90805213bd7ff37550a00e29abee8caab36c3e41f17b85f5fc0e84f054bcbf06c52b47d8d6e26566b692bda6037bc621e8e97221ee755ddacb6e56f83a32164bc7e83f7620892b827cb45a056bf41bbddfa2b3204b448d82da036a1bc317260da6e90532dbd42f7559ecc4ed8e5e34176e5a6b2f85c0fa51ce6539b9f83877fb0bfb911e26acbf45df6aa5aa1f3f09c9a37e8cf8bcacee6951133d18f8f8d97a2aee5c0dc0329afb99a628b244afcb3f5db76c4b842147df92498713f2703c02cf9c8d7e151b0d5ce665d4e883a52de679766b8690723b1336cc541dd70f9b3fe910106743d034727cf4c33901ebba7e1823e955eab512a21b5a8d1a660eca2972a2162e3964143fe8b451ac26a8b48cbdbdae2be06a99be1053c62fff4a3d4664ea2f3a5bc9943eb7b19e6f081b2fe9d612e0c3e8ff02c741241bc5380d971bc77bd4dfdd8f686894e4a243249809ace131ea45272e80e4d307cf22a0d8228a40267dd6eae238236561b0227fb559e0c57f7c83b2df8fcd74e96148bb056678615376fc8a460694feae09793fc4c3f8547fa0847cd6ad59503d9f33fa4098ccc0be216cb1c672d5cbb034adda32dc6bb57733957927ce6ad0f21a5e73498fc49f569c7f761375bd0a61afdd9683b63c01321ba7e8b6480fd0e7fe692b3e263fd367ecc387d827d37e0b07f0c5b979698f48c020eea7a4a6d2f5cbeec68d5d617860df33dcb87b2e171c4a2f71ff039c6f64dda5b3a692b5bdf2aa4544829a1da567fa4849cae53fc2356b368a5e0ba0ddc0f60cdd0250cfac3e8a06416263dd57e73c4424b2ab947d6774ec854eef18113a30cd8caa0fe375179f029c9c06aa3d4355a7b51a93e184d1316b012d82d5e68e687f4270d82431fa6214df2ebc2f0c0d58536628364660329f74c481375f51d3755561d810c1f3459643ab46009bd083e5d11da8692a1daa32fb2815fe786f83de7ca14f594ce935dc07c500407344baaa0f7998ad2857a5df98bcb750fe2efa76124060754412342b98160e7eb237a250325497fc276a76921d9824f7d9be5060a970664178e6bb23f0e9af339447db46905389934e5cfbb8009e91ccab28d4ac635524980d679e203c9fae01c338ecd2e2b0b103892b82db3dea6269138410fe8aba84ee2bfc26533246258df4b0fe3839ed0174ddb46f778be20be08c01313d17094764b6ff0a71eaeb4f7851ba27687a21a0e9e8a7c6c3b5bb5118c467eb6f36025ed8a4455b0120b54e73f7c015b8b438d6bf9fe5c0696a200f188241fcc1415268ef877a8c07c7725b9cfecb26b342e4da30b5b6a598cadbb4f2f1ddcac91cffae8d3c21dcdcd3d34a904e9eed5ac95ed962cebea9685bbd1ee115f2c13e6ceef9662211c8ee9a9e232fb24195e6f06846f563e22bbd5b6cea06c331e836cd0901f15c54f9aa8c5e30f1b887dfbd127fe34c1d391b58fe33b60af91b7b70cfb821f47440775a3b4a1e565c01c5541", 0x1000}, 0x1006)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000340)=0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000000240)=ANY=[@ANYBLOB="b0169ce32256ae8a40764f713310493ccf00000000000085100000050000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r4 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x20, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={r4, r3, 0xc, 0x2}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x50, &(0x7f0000000080)}, 0x10)
ioctl$NBD_DO_IT(r4, 0xab03)

13:35:09 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:09 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x647, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:09 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1100]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  859.607293] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  859.674948] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:09 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0xfffffffffffffd6f, &(0x7f0000000200)}, 0x10)

13:35:09 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  859.725146] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  859.734723] *** Guest State ***
[  859.743987] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  859.750737] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  859.780665] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  859.799864] CR3 = 0x0000000000000000
[  859.808480] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  859.822284] RFLAGS=0x00000002         DR7 = 0x0000000000000400
13:35:09 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x200000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:09 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000802000000bf010000000000009500000000000000150100000200000000000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)
sendmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)="d68ece06519df74757bd33929f3d9feebd7c697cd1c10c46697eb520c1838456ece2c5223a900f78e9ad9a0919b8ec0ef41b8b62285c699a65bce6fc6aadc83dc60797e40f5f40e0d6ceeef688d165163be390be43ffce4cda5dd45a82556d26f203523628e278390121d5337ee01662086ccf75c9d3a370da4b920be477a794dfd135b14a485153fc654b13da32bc5727195c6fb58d87918f8b9786f68916d75e74717b94465622c0f0697f4d2925ca9513c565c6e51d920354305131dfe84294fa3c58aea68555a5c2a200016e29b1c855687d79482fc1ef3d69aaf81d53f0821b55576e95395201b5b0337843b63da509cec1a54eca", 0xf7}, {&(0x7f0000000580)="74af4f0b83f53d6f8841172a074d015439b80ecdfd5eaa63d9943ca4e7781dd19f375b9a1ebb214c4997a8dcd145d822ac68fe67a9168f2df1aecde3def138ab12ce2d7c11cb5a03ff0f00f873b675acb45eba8b6cd1fdda1a6954a4d68c4fc6750da43dc9eb32de5917615e0e6dd757c910b63867f96c71b945974ecf037d56d1e83fd2c755df0ac85bb8573e9d6e365128ade4692fb8fe9e49c771d749caa425c88affeb8c44da84919d023093ecf9e42433b1d946f43a21024a8f2f2ae5ddbd37bd82d32ab384e972fbb47c497eeeeab50d03cef9a2c10e22269d3ce777c1518baae4a025d5e1b3d883fdb7860012f8", 0xf1}, {&(0x7f0000000680)="bdc023a09ec128feb54e17515059f85b52d2c62305a0e9a3838b1845a704928b6b3286f426943d994a4e9108cadc6db0b2621ec6b91bbba952019f0e495ba361f8beeb759595503868df8ceac16ccfbf72cdde463b3914fa0864b3a8ed845de975029f3215f17d1914f834adb1983f4e82425fcbe16c074ceb2d498359154a442b87679b5a2bd96ea477eb8c778b933b8f53dc3293f4d6a6c7b9b1175feba12be1bc706b6cf0b722f1a4595532bcd57621303750e3ada90752ae18b99bad99f016266fd599c8", 0xc6}, {&(0x7f0000000200)="0bf0c054677aa1d7cc4946704ae5c3c8304bbb113b17d3e5dc9683f9b2469e25579510f9cf2db498adcad772596b78f1394dc2d42bbd673bc83e325069650b8f47119898eec9779e1b34951c33087f", 0x4f}, {&(0x7f0000000180)="81d19d831e26e7e68c89cc86063687e04897d9e47ace002cc24dd43bc3efef113308cb4b96617ab886433263eb6b423e09b94178f7517bda40cd042b8a8a6a", 0x3f}, {&(0x7f0000000280)="3aaf85fd18d7ad08e088df40bc5528573d90e0deb27227742c1c846715", 0x1d}], 0x6, &(0x7f0000000780)=[{0x100, 0x104, 0x8001, "c409ffe8bbb5af68ff4cd3b1320308abb37d9a98f576f23d511e80cee061d7b498ff65c4e58d67b2f73bbf6f7a6de92bd867500eb3ed4742471e0a51b937517f93a2758ec640ea62db4804c9ecfa269fd92663bad00a9fe19a443d038c0898b5c745871da4510edf28c4e65fdeb20a843b948de639a7b397e451ac68203acb43c2bcde728a5f2ba9f380a2c2c4ee6c969e7b40f5bccca0a2bd9256569867c237aa0653fcb88e1f5748d96ccffe8481034fb475cafea4dcb27470c13be5737278ab66b062bfb3afebbc375c6b5fc7301b716b543749190836b7751c7902f602e0d9a2bbe59616960258c43bdd4ef1"}, {0x28, 0x107, 0x8000, "64a798bcb1c666d3f91d174ad270179fcbf25f"}], 0x128, 0x24000010}, 0x48000)

[  859.826726] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  859.830921] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  859.846269] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  859.854380] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  859.864905] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:09 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  859.878691] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  859.902001] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  859.911945] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  859.926658] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  859.943160] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  859.957360] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  859.969311] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:10 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)
socketpair(0x10, 0x0, 0x9, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000240)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000600)={{{@in=@dev, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000700)=0xe8)
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000800)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x58, r3, 0x300, 0x70bd27, 0x25dfdbfd, {}, [{{0x8, 0x1, r4}, {0x3c, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x1)

13:35:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  859.983947] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.001044] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  860.007978] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.017797] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  860.024692] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  860.033759] Interruptibility = 00000001  ActivityState = 00000000
[  860.050110] *** Host State ***
[  860.056365] RIP = 0xffffffff8120269c  RSP = 0xffff8801bfcd7390
[  860.065029] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
13:35:10 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7e6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:10 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x3f)
open(&(0x7f0000000000)='./file0\x00', 0x290000, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0xfffffe5e, &(0x7f0000000080)}, 0x10)

[  860.093283] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  860.103472] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  860.110038] CR0=0000000080050033 CR3=00000001bda0e000 CR4=00000000001426e0
[  860.117680] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  860.124607] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  860.126423] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.136316] *** Control State ***
[  860.142868] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  860.176911] EntryControls=0000d1ff ExitControls=002fefff
[  860.183805] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  860.203612] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  860.231175] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
13:35:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x88)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c)
sendmmsg(r1, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x1c, &(0x7f0000000680), 0x3ba, &(0x7f0000002000)=[{0x10, 0x1c00}], 0x10}}], 0x2, 0x8000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:35:10 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1900000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:10 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x456, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000ffffffffa0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:10 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x10000, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

[  860.249556]         reason=80000021 qualification=0000000000000000
[  860.259771] IDTVectoring: info=00000000 errcode=00000000
[  860.272548] TSC Offset = 0xfffffe31391e40f5
[  860.285558] EPT pointer = 0x00000001d226401e
[  860.378708] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.397534] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:10 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x200, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000200)={@empty, @broadcast, <r3=>0x0}, &(0x7f0000000240)=0xc)
setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000000280)={@empty, r3}, 0x14)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000300)=0x7)

13:35:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  860.424138] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:10 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6f0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  860.486815] *** Guest State ***
[  860.504306] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  860.528067] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  860.541920] CR3 = 0x0000000000000000
[  860.546124] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  860.552297] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  860.555902] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.558525] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  860.582007] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:35:10 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x1887050000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  860.597530] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  860.599567] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.613458] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  860.613477] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  860.613496] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  860.613515] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:10 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7d2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:10 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000a00200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  860.613529] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  860.613549] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  860.670111] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:35:10 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r0)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000280)=0x6)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x1, 0x40081)
getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c0000000000000000008510f00002000000bf0100000000000000005501000000000000b7000000000000009500000000000000000000000000000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x50, &(0x7f0000000080)}, 0x10)

[  860.707226] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  860.746005] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  860.752146] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  860.771829] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  860.787562] Interruptibility = 00000001  ActivityState = 00000000
[  860.792452] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.803173] *** Host State ***
[  860.812374] RIP = 0xffffffff8120269c  RSP = 0xffff88018905f390
[  860.820374] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  860.830558] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  860.834177] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  860.850887] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  860.866500] CR0=0000000080050033 CR3=00000001b7504000 CR4=00000000001426e0
[  860.885852] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  860.892867] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  860.899727] *** Control State ***
[  860.903376] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  860.912352] EntryControls=0000d1ff ExitControls=002fefff
[  860.918315] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  860.925257] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  860.932645] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  860.940061]         reason=80000021 qualification=0000000000000000
[  860.946488] IDTVectoring: info=00000000 errcode=00000000
[  860.951948] TSC Offset = 0xfffffe30cebedeaf
[  860.956450] EPT pointer = 0x00000001d891801e
13:35:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:11 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4b9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:11 executing program 3:
syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x6, 0x4002)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xa5, 0x22200)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:11 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
setsockopt$inet_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000040), 0x4)
r3 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x5, 0x2000)
connect$pppoe(r3, &(0x7f0000000180)={0x18, 0x0, {0x0, @remote, 'ip_vti0\x00'}}, 0x1e)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bind$rds(r0, &(0x7f00000001c0)={0x2, 0x4e24, @broadcast}, 0x10)

13:35:11 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x696, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  861.057388] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f757465000000000000ff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  861.112365] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.148385] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:11 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000000300)=ANY=[@ANYBLOB="bf1600000a0000008504000005009b781c63d9a2ea58d437b936c07b94c700003c00000000000000bf61000000000000851000300200000292f60edd0000010001000100000000000000d0b2e98b3665d1319fac5ef409400d34218a58689cbe32999207278586e94cad0b99306aa24837e6ba777d4a91e9b4d60dddbe2b1c4aa5f5b1e5350c4d3e20716c6f352208a07d0cf995df8e71e42b4c7f337d03c97e98a1882f000000000000000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:11 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x2000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  861.193697] *** Guest State ***
[  861.202696] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  861.226483] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.234498] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:35:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:11 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4049fe)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  861.257116] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.271247] CR3 = 0x0000000000000000
[  861.287579] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  861.294041] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  861.317710] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  861.322598] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  861.325045] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  861.344254] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.354773] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.363860] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.373946] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.386063] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.390506] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.395204] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  861.405230] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:11 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:11 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7e9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  861.413230] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  861.430935] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  861.447197] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
13:35:11 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206, 0x0, 0x0, [], 0x0, 0xfffffffffffffffc}, 0x1b5)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:11 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfc]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  861.483190] EFER =     0x0000000000000000  PAT = 0x0007040600070406
13:35:11 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6ea, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  861.539741] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.556860] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  861.606007] Interruptibility = 00000001  ActivityState = 00000000
[  861.613837] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  861.622231] *** Host State ***
[  861.632051] RIP = 0xffffffff8120269c  RSP = 0xffff8801c1a27390
[  861.638811] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  861.645495] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  861.655160] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  861.661792] CR0=0000000080050033 CR3=00000001869f6000 CR4=00000000001426f0
[  861.669928] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  861.678710] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  861.685460] *** Control State ***
[  861.689462] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  861.696983] EntryControls=0000d1ff ExitControls=002fefff
[  861.702663] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  861.709922] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  861.726379] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  861.733156]         reason=80000021 qualification=0000000000000000
[  861.748770] IDTVectoring: info=00000000 errcode=00000000
[  861.754365] TSC Offset = 0xfffffe306f444866
[  861.759137] EPT pointer = 0x00000001d7e3a01e
[  861.777600] *** Guest State ***
[  861.780924] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  861.796468] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  861.806546] CR3 = 0x0000000000000000
[  861.810486] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  861.816910] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  861.822919] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  861.830704] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  861.839493] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.855371] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.864184] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.872625] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.881262] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  861.889311] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  861.897378] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  861.905363] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  861.913440] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  861.921509] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  861.927989] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  861.935441] Interruptibility = 00000001  ActivityState = 00000000
[  861.941793] *** Host State ***
[  861.944994] RIP = 0xffffffff8120269c  RSP = 0xffff8801cab77390
[  861.951051] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  861.957611] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000003000
[  861.965398] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  861.971430] CR0=0000000080050033 CR3=00000001869f6000 CR4=00000000001426e0
[  861.978553] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  861.985236] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  861.991377] *** Control State ***
[  861.994854] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  862.001671] EntryControls=0000d1ff ExitControls=002fefff
13:35:12 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
socketpair$inet(0x2, 0x80000, 0xfff, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x0, &(0x7f00000003c0)=0x7, 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000140)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x7, @mcast2, 0xfffffffffffff801}}, [0x5, 0x9, 0x2, 0x7fff, 0x80000001, 0x100, 0x0, 0x200, 0x7, 0x4aa4, 0x7, 0x5, 0x4, 0x3, 0x10001]}, &(0x7f0000000240)=0x100)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000340)=0x3)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={r4, @in6={{0xa, 0x4e21, 0x4575, @empty, 0x3f}}, 0x7, 0x1, 0x2, 0xf8c, 0x41}, 0x98)

13:35:12 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/qat_adf_ctl\x00', 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000300)={0x77359400}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)
r3 = open(&(0x7f0000000180)='./file0\x00', 0x4000, 0x40)
socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000240))
openat$cgroup_ro(r3, &(0x7f0000000200)='cpuacct.usage_all\x00', 0x0, 0x0)

13:35:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000000000500", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:12 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6a1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x20000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:12 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7cf, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  862.007197] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  862.014139] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  862.020959] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  862.027599]         reason=80000021 qualification=0000000000000000
[  862.033924] IDTVectoring: info=00000000 errcode=00000000
[  862.039551] TSC Offset = 0xfffffe306f444866
[  862.043880] EPT pointer = 0x00000001d7e3a01e
[  862.133238] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  862.170257] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000a0008000", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  862.171838] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:12 executing program 3:
recvmmsg(0xffffffffffffffff, &(0x7f0000005e80)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/31, 0x1f}, {&(0x7f0000000240)}, {&(0x7f0000000280)=""/62, 0x3e}, {&(0x7f0000000300)=""/18, 0x12}, {&(0x7f0000000340)=""/1, 0x1}, {&(0x7f0000000380)=""/176, 0xb0}], 0x6, &(0x7f0000001080)=""/4096, 0x1000}, 0x1}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000600)=""/148, 0x94}, {&(0x7f00000006c0)=""/109, 0x6d}, {&(0x7f0000000740)=""/86, 0x56}, {&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f00000007c0)=""/198, 0xc6}, {&(0x7f0000000440)=""/38, 0x26}], 0x6, 0x0, 0x0, 0x3}, 0x200000}, {{&(0x7f0000000940)=@xdp={0x2c, 0x0, <r0=>0x0}, 0x80, &(0x7f0000000dc0)=[{&(0x7f00000009c0)=""/223, 0xdf}, {&(0x7f0000000ac0)=""/132, 0x84}, {&(0x7f0000000b80)=""/14, 0xe}, {&(0x7f0000000bc0)=""/207, 0xcf}, {&(0x7f0000000cc0)=""/63, 0x3f}, {&(0x7f0000000d00)=""/188, 0xbc}], 0x6, &(0x7f0000000e40)=""/83, 0x53, 0xcef}, 0x24000000}, {{&(0x7f0000000ec0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000003080)=[{&(0x7f0000000f40)=""/191, 0xbf}], 0x1, &(0x7f00000030c0)=""/243, 0xf3, 0x7}, 0xfffffffffffeffff}, {{&(0x7f00000031c0)=@in={0x2, 0x0, @rand_addr}, 0x80, &(0x7f0000004500)=[{&(0x7f0000003240)=""/97, 0x61}, {&(0x7f00000032c0)=""/125, 0x7d}, {&(0x7f0000003340)=""/237, 0xed}, {&(0x7f0000003440)=""/23, 0x17}, {&(0x7f0000003480)=""/28, 0x1c}, {&(0x7f00000034c0)=""/19, 0x13}, {&(0x7f0000003500)=""/4096, 0x1000}], 0x7, &(0x7f0000004580)=""/247, 0xf7, 0x34f3}, 0x101}, {{0x0, 0x0, &(0x7f00000049c0)=[{&(0x7f0000004680)=""/13, 0xd}, {&(0x7f00000046c0)=""/154, 0x9a}, {&(0x7f0000004780)=""/1, 0x1}, {&(0x7f00000047c0)=""/219, 0xdb}, {&(0x7f00000048c0)=""/164, 0xa4}, {&(0x7f0000004980)=""/29, 0x1d}], 0x6, &(0x7f0000004a40)=""/162, 0xa2, 0x39f}, 0x1ff}, {{&(0x7f0000004b00)=@l2, 0x80, &(0x7f0000005e00)=[{&(0x7f0000004b80)=""/206, 0xce}, {&(0x7f0000004c80)=""/4096, 0x1000}, {&(0x7f0000005c80)=""/209, 0xd1}, {&(0x7f0000005d80)=""/120, 0x78}], 0x4, &(0x7f0000005e40)=""/12, 0xc, 0x4}, 0xcd}], 0x7, 0x102, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206, 0x0, 0x0, [], r0}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

13:35:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000007fffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:12 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
r3 = memfd_create(&(0x7f0000000040)="5e656d302fdf656d3176626f786e657431656d308963707573657474727573746564757365726e6f6465762c00", 0x7)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000440)={0x0, 0x0, 0x2080})
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000140), &(0x7f0000000180)=0x14)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xb8ff0000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  862.283174] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:12 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
pwritev(r0, &(0x7f0000000740)=[{&(0x7f0000000180)="a8539a21378d751976cab9acb863bf422b7311d740841357009d2cf934d951b3fbd7984676fe7a5564eae2543f0e35a8f31b", 0x32}, {&(0x7f0000000200)="cb70362224fe2002b6d1cbf602c20c6a76852274e1d7f5bafd5aae2f4d6344bdb5f626fb7144fff8cba82c6a2d2a02c1a750bf32c3673fc31e182c56cd7ee911ee7b8cfabc0ed3a58a8874ac1e25252cd7cc42360f4857c692a120875d23afe2932932ac606116bbd243ab71b3802c34660ccc7cae4f010b1c9d414581044de6520541e0cd4f6b237f10fb8240842bed65f8dd43b5bf9b964bfea2c8d548063895a78d5bffa71aa3b66f3dfd53b6", 0xae}, {&(0x7f0000000300)="a6ebb7224e5d43ff03", 0x9}, {&(0x7f0000000340)="c4b9197706a333d04e55f37a2eba87b3aa13f89e01375a7914469d54780fce5de646c99dd490f2ac6dd064747f4de84b82eef86dd1b45f08558aa472", 0x3c}, {&(0x7f0000000380)="77098066ad48d28a562a37150fb936961be3ebaa41b712ade8dd5de8c53aff2b7d9ae285263c4378b3129e0835765b73b9fe372682ae6dcd6ebcd0a2a02d505a0e5bf1965b94bd58f519c19e5e3475f31931a464952b697fcd81a43304115413b0e81f9f55b6cd8cbae51a65f58f7080019c40039e60c55bff25f573c3", 0x7d}, {&(0x7f0000000400)="a1879d89ff7327c5ae3c4c8fdf0acf01fde27441e9b6b7c4db3fddfc256b9cd824775ffb2f24d050a454121861bfebe156ede1845554faa1c43dd2b8f234662d951b4bac7552dd", 0x47}, {&(0x7f0000000580)="42d66cf6934dc7ced19c4212471e35ff4f30ce89d3a63dd08cd5db40d06b2c9426004433d62f9a99e846586cb1b0de7e3b9ec029549bbacab1665a8ebcc109fb65bc866ac7bec387034cd5ccc2b485939eb0a8934ec3bba77d16158101a92def2fb752f7e253c69ed26ffb40b30d315fca02c778a1cf84903ebb39d9ae0af967f0a9f4532927f354d2f011b1f8a73a4958d0d4062890", 0x96}, {&(0x7f0000000640)="70d5cc4e8d7ded835a04cf0857d6bc539524772aaf64afa017bfa4bebee44559f6fac55c379ffe1dc11cefad2f71a34844dabfa6ea2ceeff6ba80c619d7fe6f363bc75b174d2afe567849918bbfd4aa436c7725ae098fc1ba5ba8146480405cf74ae87005a02dbf8a4fc9ea619adc250b1b841ce8bdaeea15f74ae3c145115b424a183f3156da123cf41c90c132b68bef1cdb983862ac72b72fee6fcac78a0d27eeee5c7b158f822f10dfe26a7528da0bb0d4545de0f673e65c0e04304827ca07a5379ff9303da8719de621a026dcea01b184ddc7abd748d832f62c640390d", 0xdf}], 0x8, 0x2f)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

13:35:12 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x4d9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  862.405138] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  862.408655] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
13:35:12 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x23, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xff000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  862.539313] *** Guest State ***
[  862.542688] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  862.577966] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:12 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:12 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000002a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  862.613667] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  862.633889] CR3 = 0x0000000000000000
[  862.645984] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  862.662154] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  862.672550] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  862.679820] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  862.689230] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  862.697930] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:12 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x502, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  862.707967] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  862.717192] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  862.725709] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  862.734627] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  862.758769] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  862.785592] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
13:35:12 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x81, 0x129000)
accept4$packet(0xffffffffffffffff, &(0x7f0000000740)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000780)=0x14, 0x7f79d7e8a34a99b)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000007c0)={0x0, <r4=>0x0}, &(0x7f0000000800)=0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000840)={{{@in=@remote, @in=@loopback, 0x4e20, 0x2, 0x4e23, 0xfffffffffffffffd, 0x2, 0x20, 0xa0, 0x4, r3, r4}, {0x0, 0x800000000000, 0x3, 0x3ff, 0x5, 0x5, 0x5, 0x1}, {0x3, 0xfff, 0x9, 0x2}, 0x3ff, 0x6e6bbd, 0x3, 0x0, 0x2, 0x2}, {{@in6=@loopback, 0x4d6, 0x32}, 0xa, @in=@multicast1, 0x3502, 0x3, 0x3, 0x0, 0xf18, 0xffff, 0xd3f8}}, 0xe8)

[  862.826564] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  862.852074] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
13:35:12 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xfec00000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  862.871038] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  862.887817] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  862.921444] Interruptibility = 00000001  ActivityState = 00000000
[  862.948162] *** Host State ***
[  862.962236] RIP = 0xffffffff8120269c  RSP = 0xffff8801867c7390
[  862.982890] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  862.991164] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  862.999596] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  863.009539] CR0=0000000080050033 CR3=0000000187ede000 CR4=00000000001426f0
[  863.019084] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  863.039881] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  863.046878] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  863.053183] *** Control State ***
[  863.064733] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  863.084107] EntryControls=0000d1ff ExitControls=002fefff
[  863.094613] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  863.104333] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  863.130347] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  863.138582]         reason=80000021 qualification=0000000000000000
[  863.145079] IDTVectoring: info=00000000 errcode=00000000
[  863.150763] TSC Offset = 0xfffffe2fb84a7c76
[  863.155292] EPT pointer = 0x00000001c7b1501e
[  863.171113] *** Guest State ***
[  863.181413] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  863.190487] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  863.199642] CR3 = 0x0000000000000000
[  863.203490] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  863.209658] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  863.215679] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  863.222998] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  863.231994] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.240063] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.248213] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.256340] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.264655] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.272832] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  863.280899] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  863.288981] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  863.296996] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  863.304963] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  863.311429] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  863.318952] Interruptibility = 00000001  ActivityState = 00000000
[  863.325171] *** Host State ***
[  863.329168] RIP = 0xffffffff8120269c  RSP = 0xffff880188dd7390
[  863.335163] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  863.341652] FSBase=00007f9b60ee1700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  863.349488] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  863.355365] CR0=0000000080050033 CR3=0000000187ede000 CR4=00000000001426f0
[  863.363247] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  863.370015] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  863.377157] *** Control State ***
[  863.380691] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  863.387538] EntryControls=0000d1ff ExitControls=002fefff
13:35:13 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netfilter\x00')
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000140)={0x7, 0x2, 0x0, 0x5, 0x8158, 0x1, 0x5, 0x4e, 0xfffffffffffffff8, 0x4, 0x4}, 0xb)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, 0x4, 0xfff, 0x0, 0x0, 0x5, 0x0, 0x4})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:13 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r2 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x22002)
ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000200)=0x5)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:13 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:13 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6ae, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0xe3b0]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:13 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000300", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  863.393019] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  863.400105] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  863.407811] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  863.414415]         reason=80000021 qualification=0000000000000000
[  863.420855] IDTVectoring: info=00000000 errcode=00000000
[  863.426388] TSC Offset = 0xfffffe2fb84a7c76
[  863.430805] EPT pointer = 0x00000001c7b1501e
13:35:13 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0))
r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x5, 0x1093c1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

13:35:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x5daaed1238]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  863.652015] *** Guest State ***
[  863.652035] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  863.689572] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
13:35:13 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000000200)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b70000000000000095000000000000006bc792"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  863.711174] CR3 = 0x0000000000000000
[  863.721048] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  863.731030] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  863.742220] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  863.750631] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:35:13 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x40000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  863.764614] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.778551] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.796946] IPVS: ftp: loaded support on port[0] = 21
13:35:13 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
dup2(r0, r0)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

13:35:13 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x559, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  863.824851] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.847375] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.915703] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  863.927252] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  863.939086] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  863.988778] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  864.014760] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  864.023639] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  864.032150] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  864.039454] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  864.059551] Interruptibility = 00000001  ActivityState = 00000000
[  864.074857] *** Host State ***
[  864.078800] RIP = 0xffffffff8120269c  RSP = 0xffff8801867c7390
[  864.087627] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  864.094805] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  864.117136] device bridge_slave_1 left promiscuous mode
[  864.122827] bridge0: port 2(bridge_slave_1) entered disabled state
[  864.156993] device bridge_slave_0 left promiscuous mode
[  864.162501] bridge0: port 1(bridge_slave_0) entered disabled state
[  864.169031] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  864.182002] CR0=0000000080050033 CR3=00000001c8ae9000 CR4=00000000001426e0
[  864.202193] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  864.210157] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  864.216493] *** Control State ***
[  864.220181] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  864.227326] EntryControls=0000d1ff ExitControls=002fefff
[  864.232990] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  864.240316] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000
[  864.276083] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  864.285108]         reason=80000021 qualification=0000000000000000
[  864.306011] IDTVectoring: info=00000000 errcode=00000000
[  864.313959] team0 (unregistering): Port device team_slave_1 removed
[  864.323956] TSC Offset = 0xfffffe2f1fb17f4b
[  864.339555] EPT pointer = 0x00000001c492e01e
[  864.344712] team0 (unregistering): Port device team_slave_0 removed
[  864.374425] bond0 (unregistering): Releasing backup interface bond_slave_1
[  864.393582] bond0 (unregistering): Releasing backup interface bond_slave_0
13:35:14 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
prctl$setendian(0x14, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:14 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7cb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:14 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000200)="4ef258dc75ab2117b1b25998687f208778ba6580")
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
lremovexattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@random={'btrfs.', 'loeth0@(,\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

13:35:14 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x18000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  864.446316] bond0 (unregistering): Released all slaves
13:35:14 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf010000000000009500000000000000150100000002a857bde6288027bea9ef2b0172102a000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  864.555876] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  864.671331] *** Guest State ***
[  864.674902] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  864.701948] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  864.742694] CR3 = 0x0000000000000000
[  864.754817] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  864.782332] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  864.796143] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  864.846009] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  864.856161] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  864.892000] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  864.919683] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  864.930277] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  864.938563] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  864.946752] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  864.954850] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  864.963217] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  864.971437] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  864.979769] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  864.986397] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  864.995027] Interruptibility = 00000001  ActivityState = 00000000
[  865.001636] *** Host State ***
[  865.005000] RIP = 0xffffffff8120269c  RSP = 0xffff880184727390
[  865.012205] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  865.018832] FSBase=00007f9b60f23700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  865.026848] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  865.032891] CR0=0000000080050033 CR3=00000001c402e000 CR4=00000000001426e0
[  865.040647] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  865.047563] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  865.053804] *** Control State ***
[  865.065898] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  865.080707] EntryControls=0000d1ff ExitControls=002fefff
[  865.092087] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  865.108336] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  865.117303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  865.124160]         reason=80000021 qualification=0000000000000000
[  865.130731] IDTVectoring: info=00000000 errcode=00000000
[  865.137435] TSC Offset = 0xfffffe2e918af589
[  865.141906] EPT pointer = 0x00000001c84f301e
[  865.157768] *** Guest State ***
[  865.161180] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  865.196040] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  865.210167] CR3 = 0x0000000000000000
[  865.223494] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  865.249254] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  865.266042] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  865.275973] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  865.295977] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  865.311905] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  865.320960] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  865.329171] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  865.345898] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  865.353895] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  865.366423] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  865.374436] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  865.397210] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  865.405250] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  865.413844] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  865.421609] Interruptibility = 00000001  ActivityState = 00000000
[  865.428650] *** Host State ***
[  865.431869] RIP = 0xffffffff8120269c  RSP = 0xffff8801bb5ef390
[  865.438175] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  865.444604] FSBase=00007f9b60ee1700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  865.452703] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  865.459001] CR0=0000000080050033 CR3=00000001c402e000 CR4=00000000001426f0
[  865.466277] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  865.472968] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  865.480271] *** Control State ***
[  865.483743] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  865.490768] EntryControls=0000d1ff ExitControls=002fefff
[  865.496476] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  865.503441] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  865.510442] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  865.517279]         reason=80000021 qualification=0000000000000000
[  865.523632] IDTVectoring: info=00000000 errcode=00000000
[  865.523640] TSC Offset = 0xfffffe2e918af589
[  865.523652] EPT pointer = 0x00000001c84f301e
[  865.823687] bridge0: port 1(bridge_slave_0) entered blocking state
[  865.830265] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.838094] device bridge_slave_0 entered promiscuous mode
[  865.886968] bridge0: port 2(bridge_slave_1) entered blocking state
[  865.893470] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.901325] device bridge_slave_1 entered promiscuous mode
[  865.949519] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  865.994639] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  866.135517] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  866.183303] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  866.406244] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  866.413705] team0: Port device team_slave_0 added
[  866.451998] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  866.459493] team0: Port device team_slave_1 added
[  866.487459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  866.518646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  866.549884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  866.579310] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  866.587318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  866.595296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  866.893262] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.899731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  866.906493] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.912851] bridge0: port 1(bridge_slave_0) entered forwarding state
[  866.921119] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  867.566726] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  868.242826] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.335059] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  868.431598] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  868.437998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  868.444989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  868.542283] 8021q: adding VLAN 0 to HW filter on device team0
13:35:19 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:19 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x2000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:19 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x79b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x9, 0x0)
getsockopt$packet_buf(r2, 0x107, 0x2, &(0x7f0000001080)=""/4096, &(0x7f0000000200)=0x1000)

13:35:19 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x506, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000d40), 0x0, &(0x7f0000000880)}, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x2, 0x6, 0x3, 0x9, 0xa81, 0x1f, 0x6, 0x2, 0x2, 0x1, 0x4, 0x7ff, 0xfffffffffffffff9}, {0x7d45, 0x7ff, 0x0, 0x3bb2, 0x4d, 0x6, 0x3, 0x7, 0x1, 0x8, 0xfffffffffffffffd, 0x3743, 0x7}, {0x100000001, 0xffff, 0x8, 0x7, 0xf7, 0x9, 0x7fff, 0x200, 0x4, 0x532, 0x8, 0x2, 0x1}], 0x9})
socketpair(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00')
ioctl$EVIOCGUNIQ(r4, 0x80404508, &(0x7f0000000140)=""/120)
getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000240), &(0x7f0000000280)=0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='selinux.}\x00', r3}, 0x10)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000480), 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000300), &(0x7f0000000340)=0x4)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f00000005c0)=ANY=[@ANYRES32=<r5=>0x0, @ANYBLOB="4001010000000000003b9a747d8c6710dbd909966c8213c57a07b22091a64bec2e3439176b7e91d42fb9a9987914877747b09679bfa4d147a08c0c37a85422be6164c195ebfc6e6d859726ea08031eecdf5631c0c97c120f47a7fda578d9f5caed981774f3349d0ab3af453484cc3b85036b97b073f44d414f3d4d0ef34a786a3c0bf7a75f41833f63e88fbbaf4dacee4a35158f6eed809a2904096964c4acbcfd53472745eefdb41dd288d9225dcf2d2c51d1cda7f7057485d913b5db7dff1dafc46bf91d1a62eb1740b881520bedb3be282c2b4e0ebbfced392b97370237706cf950919051df24123630df8f1621bf83ee5274"], &(0x7f0000000040)=0x48)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000002c0)={0x7ff, 0x8208, 0x5, 0x3, r5}, 0x10)

[  869.096037] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000000300)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c002112c545c5486c010a23b318cebd0acf000000000000bf610000000000008510000002000000bf01000000000000950000000000000015010000000000003cc871857661f505657a3d573dcc6ba502f91bdf6bc7fb9ef2a05ba8d7f650babb258e69be2768cf22f82532458c47b0546b74b938080bc28f60232bfb8f1b3ebd642aacc15f834554860715c511bf181061d7a34791d4c381b5a3b6ad98142d25ca6473d25f593cd2a0981bf609d15f4676255314ac4e055074fe5d2bc1e051bf257f000f3e084a1eb1c7875c7f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffff9c, 0x28, &(0x7f0000000180)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={r2, 0xff, 0x8}, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  869.174998] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  869.204974] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:19 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000400", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e21}, 0x10)
shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000fdc000/0x2000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x2000, 0x0)

[  869.253480] kernel msg: ebtables bug: please report to author: Wrong nr of counters
13:35:19 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x91ffffff00000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8000000000, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206, 0x40f00}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xd5, 0x400800)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000001080)=""/4096)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000300)={0x4, 0x0, [{0x4, 0x0, 0x0, 0x0, @adapter={0x80000001, 0x100000000, 0x60000000000000, 0x7, 0xffffffffffffffe0}}, {0x7fa2, 0x4, 0x0, 0x0, @sint={0xd2f2, 0x3}}, {0x5, 0x7, 0x0, 0x0, @sint={0x100000001, 0x81}}, {0xfff, 0x6e68b954c9e5a2b1, 0x0, 0x0, @adapter={0x100000000, 0x0, 0x79, 0x7, 0x7fff00000000}}]})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)={'team0\x00', <r2=>0x0})
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000240)={@dev={0xac, 0x14, 0x14, 0x21}, @local, r2}, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400203)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c000000000000fe37b9e800000000e18510000002000000bf0100000000000095000300000000000000000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x50, &(0x7f0000000080)}, 0x10)

[  869.390276] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.418074] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.434016] *** Guest State ***
13:35:19 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x15)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x40000, 0x0)
ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000580)={[], 0x2, 0x800, 0xab, 0x0, 0x4, 0x0, 0x2000, [], 0x9})
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={<r1=>0x0, 0x2fb}, &(0x7f0000000240)=0xc)
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000340))
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000280)={r1, 0xfff}, &(0x7f0000000300)=0x8)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x50, &(0x7f0000000080)}, 0x10)

13:35:19 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x727, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  869.438537] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  869.447079] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  869.460325] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  869.476776] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.485156] CR3 = 0x0000000000000000
13:35:19 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  869.491012] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  869.491505] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.517233] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  869.536090] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xb, 0x2000000000000150, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x3, 0xaf, 0x0, 0x80000000000}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  869.585996] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  869.608588] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.623473] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:19 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x38, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:19 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x1802000000000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  869.631780] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.641714] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.650999] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.669117] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.672223] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
13:35:19 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'broute\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  869.696787] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  869.722087] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  869.731178] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
13:35:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000052800003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  869.731692] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  869.739877] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  869.760079] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  869.767535] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  869.775191] Interruptibility = 00000001  ActivityState = 00000000
[  869.790678] *** Host State ***
[  869.798325] RIP = 0xffffffff8120269c  RSP = 0xffff8801d776f390
[  869.810123] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  869.811937] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  869.827010] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000033000
[  869.860224] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  869.867173] CR0=0000000080050033 CR3=00000001d4b22000 CR4=00000000001426f0
[  869.874555] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  869.884586] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  869.896323] *** Control State ***
[  869.902763] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  869.910354] EntryControls=0000d1ff ExitControls=002fefff
[  869.918847] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  869.926963] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  869.933621] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  869.940412]         reason=80000021 qualification=0000000000000000
[  869.946964] IDTVectoring: info=00000000 errcode=00000000
[  869.952428] TSC Offset = 0xfffffe2c04ed54a2
[  869.956810] EPT pointer = 0x00000001cd5be01e
[  869.965367] *** Guest State ***
[  869.968972] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  869.977908] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  869.977925] CR3 = 0x0000000000000000
[  869.977935] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  869.977948] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[  869.977965] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  869.977980] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  869.978001] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.978024] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.990646] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  869.990675] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.049191] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.057929] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  870.066048] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  870.074027] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  870.082056] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  870.090105] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  870.096587] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  870.104059] Interruptibility = 00000001  ActivityState = 00000000
[  870.110349] *** Host State ***
[  870.113549] RIP = 0xffffffff8120269c  RSP = 0xffff8801cb38f390
[  870.119584] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  870.126204] FSBase=00007f9b60f02700 GSBase=ffff8801daf00000 TRBase=fffffe0000033000
[  870.134012] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  870.140021] CR0=0000000080050033 CR3=00000001d4b22000 CR4=00000000001426e0
[  870.147121] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87c01360
[  870.153795] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  870.159930] *** Control State ***
[  870.163415] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  870.170244] EntryControls=0000d1ff ExitControls=002fefff
[  870.175881] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  870.183001] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[  870.190696] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  870.197586]         reason=80000021 qualification=0000000000000000
[  870.203959] IDTVectoring: info=00000000 errcode=00000000
13:35:20 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2002, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:35:20 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x46e, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:20 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0xa0018000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast2}}, &(0x7f0000000280)=0xe8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0xfffffffffffffffe, 0x0, 0x0, 0x40f00, 0x0, [], r1, 0xfffffffffffffffe}, 0x48)
r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x80000, 0x0)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000200), &(0x7f0000000240)=0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000080)}, 0x10)

13:35:20 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000a00100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:20 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x7, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

[  870.209463] TSC Offset = 0xfffffe2c04ed54a2
[  870.213789] EPT pointer = 0x00000001cd5be01e
13:35:20 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
ppoll(&(0x7f0000000240)=[{r0, 0x8010}, {r0, 0xb004}, {r0, 0x2000}, {r0, 0x2120}, {r0, 0x100}, {r0, 0x3108}], 0x6, &(0x7f0000000280), &(0x7f0000000300)={0x8}, 0x8)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x9, 0x800)
bind$bt_l2cap(r2, &(0x7f0000000200)={0x1f, 0x80000000, {0xdf, 0xfff, 0x2, 0x3f, 0x99, 0x4ac}, 0xffffffff, 0x80000001}, 0xe)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x50, &(0x7f0000000080)}, 0x10)

13:35:20 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f75746500000000000600", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  870.298345] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  870.309309] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.319080] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.375893] *** Guest State ***
[  870.385209] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
13:35:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x800, 0x75, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x80, 0x101081)
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={<r2=>0x0, 0x5, 0x3, [0x4, 0x7b, 0x1]}, &(0x7f0000000340)=0xe)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000380)={r2, 0x8001, 0x4, 0x5, 0x7ff, 0x1}, 0x14)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000003c0)={<r3=>0x0})
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000400)={r3, 0x11})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x1}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r4, 0x50, &(0x7f0000000080)}, 0x10)
r5 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x44100)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x2040480001, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6)

13:35:20 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x8001a0]}}, 0x1c)
tkill(r0, 0x1000000000016)

[  870.418303] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  870.421475] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.435077] CR3 = 0x0000000000000000
[  870.439551] RSP = 0x0000000000000000  RIP = 0x000000000000fff0
[  870.459191] RFLAGS=0x00000002         DR7 = 0x0000000000000400
13:35:20 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000008000a0ffffffff00", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

[  870.465487] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.479806] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  870.496031] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
13:35:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r1, 0x50, &(0x7f0000000300)}, 0xfffffffffffffebc)

[  870.512314] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.530884] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.546070] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.549927] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.561185] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.571562] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  870.585054] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.630069] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  870.652972] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  870.664150] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  870.672876] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  870.681013] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  870.688089] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  870.695531] Interruptibility = 00000001  ActivityState = 00000000
[  870.701810] *** Host State ***
[  870.705009] RIP = 0xffffffff8120269c  RSP = 0xffff8801b839f390
[  870.711131] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  870.717628] FSBase=00007f9b60f23700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[  870.725436] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  870.731498] CR0=0000000080050033 CR3=00000001b9f92000 CR4=00000000001426f0
[  870.738622] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87c01360
[  870.745294] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  870.751548] *** Control State ***
[  870.755010] PinBased=0000003f CPUBased=b5986dfe SecondaryExec=000000c2
[  870.761753] EntryControls=0000d1ff ExitControls=002fefff
[  870.767329] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  870.774245] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
13:35:20 executing program 4:
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='nv\x00', 0x3)
sendto$inet6(r3, &(0x7f0000000280), 0xfffffffffffffedd, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}, 0x1c)
tkill(r0, 0x1000000000016)

13:35:20 executing program 5:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x6a9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:20 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000003, 0x2040000008b)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={"62726f7574650000000000000000000000000100", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000100), 0x0, [{}]}, 0x88)

13:35:20 executing program 0:
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x40000100000003, &(0x7f0000000200)=<r1=>0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r2, 0x48204)
io_submit(r1, 0x5b0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])

13:35:20 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="0f20c06635010000000f22c0baf80c66b8744a8b8f66efbafc0cb80800efbad104b83cd4ef0fc76b000f01f20f38c988d10867807300080fc72b66b9800000c00f326635010000000f30baa100b80500ef", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0xb1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fcb000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000001c0)="ba4000b000ee82cd14baf80c66b868ddef8266efbafc0c66b89f00000066ef0f323e0f01cf650f01bc83b6baf80c66b8166df48666efbafc0cb80d00ef0f4b2c670f01cb640f01b3363c", 0x4a}], 0x1, 0x4, &(0x7f0000000280)=[@flags, @cr0={0x0, 0x80000011}], 0x2)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000002c0)='trusted.overlay.nlink\x00', &(0x7f0000000300)={'L-', 0x2}, 0x28, 0x1)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r3=>0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x0, r3})

13:35:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000480)=""/206}, 0x48)
socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xa, &(0x7f0000001000)=ANY=[@ANYBLOB="bf1600000000000085100000050000003c00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
io_setup(0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = eventfd(0xac3)
io_cancel(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x7fff, r0, &(0x7f0000000200)="a6563801b7bc558b8ac0de40951946bd131e82226cba871ddd7da7d1910ad2d7e2841a45aa272bfc6b", 0x29, 0xe249, 0x0, 0x1, r3}, &(0x7f0000000280))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f0000000080)}, 0x10)

[  870.780952] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  870.787627]         reason=80000021 qualification=0000000000000000
[  870.793940] IDTVectoring: info=00000000 errcode=00000000
[  870.799486] TSC Offset = 0xfffffe2b82816f76
[  870.803817] EPT pointer = 0x00000001bced101e
[  870.878847] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.891031] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  870.908423] kernel msg: ebtables bug: please report to author: Wrong nr of counters
[  870.923201] ==================================================================
[  870.930936] BUG: KASAN: use-after-free in __list_add_valid+0x8f/0xac
[  870.937436] Read of size 8 at addr ffff8801d7cfbda0 by task syz-executor3/13773
[  870.944872] 
[  870.946508] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  870.954993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  870.964342] Call Trace:
[  870.966946]  dump_stack+0x244/0x39d
[  870.970587]  ? dump_stack_print_info.cold.1+0x20/0x20
[  870.975776]  ? printk+0xa7/0xcf
[  870.979094]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[  870.983864]  print_address_description.cold.7+0x9/0x1ff
[  870.989233]  kasan_report.cold.8+0x242/0x309
[  870.993647]  ? __list_add_valid+0x8f/0xac
[  870.997804]  __asan_report_load8_noabort+0x14/0x20
[  871.002741]  __list_add_valid+0x8f/0xac
[  871.006726]  bpf_prog_kallsyms_add+0x200/0x9b0
[  871.011316]  ? bpf_patch_insn_single+0x2c0/0x2c0
[  871.016109]  ? set_memory_ro+0x7b/0xa0
[  871.020004]  ? _set_memory_wb+0xa0/0xa0
[  871.023994]  bpf_check+0x4fcb/0x6310
[  871.027729]  ? fixup_bpf_calls+0x1ad0/0x1ad0
[  871.032148]  ? ktime_get+0x400/0x400
[  871.035874]  ? memset+0x31/0x40
[  871.039157]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  871.044693]  ? bpf_obj_name_cpy+0x17c/0x1c0
[  871.049021]  bpf_prog_load+0x113d/0x1cc0
[  871.053094]  ? bpf_prog_new_fd+0x60/0x60
[  871.057178]  ? __might_fault+0x12b/0x1e0
[  871.061246]  ? lock_downgrade+0x900/0x900
[  871.065415]  ? perf_trace_sched_process_exec+0x860/0x860
[  871.070871]  ? usercopy_warn+0x110/0x110
[  871.074962]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  871.080517] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.087609] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.094548] Oops: 0000 [#1] PREEMPT SMP KASAN
[  871.099047] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.107528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.116893] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.122345] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.141246] RSP: 0018:ffff880184a1f3d0 EFLAGS: 00010046
[  871.146606] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.153872] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.161184] RBP: ffff880184a1f548 R08: ffff8801bab2a380 R09: ffffed003b5e5b4f
[  871.168462] R10: ffffed003b5e5b4f R11: ffff8801daf2da7b R12: 1ffff10030943e9c
[  871.175727] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.183008] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.191244] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.197136] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.204415] Call Trace:
[  871.207031] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.214123] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.221092] Oops: 0000 [#2] PREEMPT SMP KASAN
[  871.225583] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.234061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.243458] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.248912] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.267819] RSP: 0018:ffff880184a1ece8 EFLAGS: 00010046
[  871.273193] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.280460] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.287728] RBP: ffff880184a1ee60 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.294994] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943dbf
[  871.302290] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.309558] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.317781] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.323655] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.330933] Call Trace:
[  871.333532] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.340623] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.347562] Oops: 0000 [#3] PREEMPT SMP KASAN
[  871.352078] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.360559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.369939] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.375388] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.394306] RSP: 0018:ffff880184a1e5f8 EFLAGS: 00010046
[  871.399662] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.406930] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.414198] RBP: ffff880184a1e770 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.421465] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943ce1
[  871.428731] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.436008] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.444226] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.450103] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.457370] Call Trace:
[  871.459989] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.467081] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.474019] Oops: 0000 [#4] PREEMPT SMP KASAN
[  871.478537] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.487017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.496384] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.501842] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.520738] RSP: 0018:ffff880184a1df08 EFLAGS: 00010046
[  871.526095] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.533362] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.540627] RBP: ffff880184a1e080 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.547897] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943c03
[  871.555167] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.562440] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.570673] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.576550] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.583815] Call Trace:
[  871.586426] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.593520] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.600459] Oops: 0000 [#5] PREEMPT SMP KASAN
[  871.604965] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.613462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.622826] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.628288] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.647195] RSP: 0018:ffff880184a1d818 EFLAGS: 00010046
[  871.652557] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.659822] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.667090] RBP: ffff880184a1d990 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.674356] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943b25
[  871.681626] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.688936] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.697166] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.703045] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.710308] Call Trace:
[  871.712904] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.720006] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.726949] Oops: 0000 [#6] PREEMPT SMP KASAN
[  871.731445] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.739930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.749296] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.754746] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.773644] RSP: 0018:ffff880184a1d128 EFLAGS: 00010046
[  871.779003] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.786268] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.793533] RBP: ffff880184a1d2a0 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.800805] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943a47
[  871.808098] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.815370] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.823604] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.829485] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.836754] Call Trace:
[  871.839356] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.846475] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.853428] Oops: 0000 [#7] PREEMPT SMP KASAN
[  871.857930] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.866420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.875794] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  871.881250] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  871.900147] RSP: 0018:ffff880184a1ca38 EFLAGS: 00010046
[  871.905509] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  871.912779] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  871.920046] RBP: ffff880184a1cbb0 R08: ffff8801bab2a380 R09: 0000000000000001
[  871.927317] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943969
[  871.934588] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  871.941859] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  871.950085] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  871.955964] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  871.963229] Call Trace:
[  871.965834] BUG: unable to handle kernel paging request at ffffc9000192c030
[  871.972935] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  871.979880] Oops: 0000 [#8] PREEMPT SMP KASAN
[  871.984373] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  871.992865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.002237] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.007687] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.026585] RSP: 0018:ffff880184a1c348 EFLAGS: 00010046
[  872.031947] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.039213] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.046484] RBP: ffff880184a1c4c0 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.053749] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff1003094388b
[  872.061015] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.068286] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.076509] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.082386] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.089660] Call Trace:
[  872.092273] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.099367] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.106323] Oops: 0000 [#9] PREEMPT SMP KASAN
[  872.110821] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.119305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.128671] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.134123] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.153023] RSP: 0018:ffff880184a1bc58 EFLAGS: 00010046
[  872.158388] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.165663] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.172936] RBP: ffff880184a1bdd0 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.180205] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff100309437ad
[  872.187473] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.194746] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.202973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.208855] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.216125] Call Trace:
[  872.218724] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.225818] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.232760] Oops: 0000 [#10] PREEMPT SMP KASAN
[  872.237341] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.245824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.255189] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.260640] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.279542] RSP: 0018:ffff880184a1b568 EFLAGS: 00010046
[  872.284901] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.292177] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.299445] RBP: ffff880184a1b6e0 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.306711] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff100309436cf
[  872.313978] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.321248] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.329471] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.335351] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.342619] Call Trace:
[  872.345221] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.352314] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.359256] Oops: 0000 [#11] PREEMPT SMP KASAN
[  872.363837] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.372323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.381689] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.387144] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.406045] RSP: 0018:ffff880184a1ae78 EFLAGS: 00010046
[  872.411414] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.418691] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.425958] RBP: ffff880184a1aff0 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.433226] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff100309435f1
[  872.440492] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.447763] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.455987] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.461866] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.469132] Call Trace:
[  872.471736] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.478832] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.485780] Oops: 0000 [#12] PREEMPT SMP KASAN
[  872.490366] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.498848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.508216] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.513670] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.532570] RSP: 0018:ffff880184a1a788 EFLAGS: 00010046
[  872.537938] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.545207] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.552473] RBP: ffff880184a1a900 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.559740] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943513
[  872.567008] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.574281] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.582507] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.588384] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.595660] Call Trace:
[  872.598265] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.605356] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.612306] Oops: 0000 [#13] PREEMPT SMP KASAN
[  872.616889] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.625372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.634745] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.640197] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.659096] RSP: 0018:ffff880184a1a098 EFLAGS: 00010046
[  872.664458] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.671728] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.678996] RBP: ffff880184a1a210 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.686266] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943435
[  872.693532] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.700806] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.709032] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.714909] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.722183] Call Trace:
[  872.724784] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.731881] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.738828] Oops: 0000 [#14] PREEMPT SMP KASAN
[  872.743420] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.751902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.761273] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.766725] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.785623] RSP: 0018:ffff880184a199a8 EFLAGS: 00010046
[  872.791157] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.798438] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.805703] RBP: ffff880184a19b20 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.812972] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943357
[  872.820238] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.827513] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.835737] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.841617] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.848884] Call Trace:
[  872.851494] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.858590] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.865538] Oops: 0000 [#15] PREEMPT SMP KASAN
[  872.870123] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  872.878608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.887974] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  872.893937] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  872.912848] RSP: 0018:ffff880184a192b8 EFLAGS: 00010046
[  872.918210] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  872.925483] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  872.932751] RBP: ffff880184a19430 R08: ffff8801bab2a380 R09: 0000000000000001
[  872.940017] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030943279
[  872.947287] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  872.954561] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  872.962788] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  872.968666] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  872.975936] Call Trace:
[  872.978542] BUG: unable to handle kernel paging request at ffffc9000192c030
[  872.985635] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  872.992575] Thread overran stack, or stack corrupted
[  872.997677] Oops: 0000 [#16] PREEMPT SMP KASAN
[  873.002262] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  873.010748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  873.020114] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  873.025565] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  873.044466] RSP: 0018:ffff880184a18bc8 EFLAGS: 00010046
[  873.049826] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  873.057094] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  873.064360] RBP: ffff880184a18d40 R08: ffff8801bab2a380 R09: 0000000000000001
[  873.071632] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff1003094319b
[  873.078905] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  873.086187] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  873.094419] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  873.100300] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  873.107571] Call Trace:
[  873.110179] usercopy: Kernel memory overwrite attempt detected to process stack (offset 0, size 1)!
[  873.119535] ------------[ cut here ]------------
[  873.124290] kernel BUG at mm/slab.c:4425!
[  873.128446] invalid opcode: 0000 [#17] PREEMPT SMP KASAN
[  873.133897] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  873.142388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  873.151765] RIP: 0010:__check_heap_object+0xa7/0xb5
[  873.156785] Code: 48 c7 c7 b5 cc ef 88 e8 57 e4 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 b5 cc ef 88 e8 bd ec 0a 00 44 89 e9 48 c7 c7 70 cd
[  873.175691] RSP: 0018:ffff880184a173b0 EFLAGS: 00010046
[  873.181055] RAX: 0000000000000001 RBX: 1ffff10030942e7d RCX: 000000000000000c
[  873.188327] RDX: ffff880184a16200 RSI: 0000000000000002 RDI: ffff880184a17558
[  873.197941] RBP: ffff880184a173b0 R08: ffff8801bab2a380 R09: ffff8801da98ae00
[  873.205209] R10: 0000000000001111 R11: 0000000000000000 R12: ffff880184a17558
[  873.212478] R13: 0000000000000002 R14: ffffea0006128580 R15: 0000000000000001
[  873.219752] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  873.227975] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  873.233852] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  873.241121] Call Trace:
[  873.243720]  ? bpf_prog_kallsyms_find+0x298/0x4a0
[  873.248584]  ? spurious_kernel_fault_check+0xf0/0xf0
[  873.253689]  ? bpf_prog_kallsyms_find+0x289/0x4a0
[  873.258542]  ? search_module_extables+0x98/0xe0
[  873.263212]  ? bpf_prog_kallsyms_find+0x289/0x4a0
[  873.268058]  ? bpf_prog_kallsyms_find+0x289/0x4a0
[  873.272902]  ? search_exception_tables+0x47/0x50
[  873.277676]  ? fixup_exception+0xb1/0xde
[  873.281741]  ? no_context+0x23f/0x9c0
[  873.285548]  ? pgtable_bad+0x130/0x130
[  873.289443]  ? console_unlock+0x832/0x1190
[  873.293684]  ? __bad_area_nosemaphore+0x30c/0x3a0
[  873.298533]  ? bad_area_nosemaphore+0x2d/0x40
[  873.303030]  ? __do_page_fault+0x212/0xe40
[  873.307270]  ? mark_held_locks+0x130/0x130
[  873.311516]  ? do_page_fault+0xed/0x7d1
[  873.315494]  ? vmalloc_sync_all+0x30/0x30
[  873.319645]  ? error_entry+0x76/0xd0
[  873.323363]  ? trace_hardirqs_off_caller+0xbb/0x300
[  873.328385]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  873.333938]  ? trace_hardirqs_on_caller+0x310/0x310
[  873.338960]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  873.344504]  ? irq_work_queue+0x36/0x1d0
[  873.348569]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  873.354114]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  873.358966]  ? page_fault+0x1e/0x30
[  873.362603]  ? bpf_prog_kallsyms_find+0x421/0x4a0
[  873.367465] BUG: unable to handle kernel paging request at ffffc9000192c030
[  873.374561] PGD 1da948067 P4D 1da948067 PUD 1da949067 PMD 1d407e067 PTE 0
[  873.381499] Thread overran stack, or stack corrupted
[  873.386602] Oops: 0000 [#18] PREEMPT SMP KASAN
[  873.391188] CPU: 1 PID: 13773 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181018+ #97
[  873.399669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  873.409035] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  873.414487] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  873.433388] RSP: 0018:ffff880184a16f00 EFLAGS: 00010046
[  873.438765] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  873.446033] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  873.453303] RBP: ffff880184a17078 R08: ffff8801bab2a380 R09: 0000000000000001
[  873.460575] R10: ffffed003b5e5b4f R11: ffff8801bab2a380 R12: 1ffff10030942e02
[  873.467844] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  873.475120] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  873.483357] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  873.489235] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  873.496500] Call Trace:
[  873.499075] Modules linked in:
[  873.502266] CR2: ffffc9000192c030
[  873.505722] ---[ end trace 8363951eec71c302 ]---
[  873.510486] RIP: 0010:bpf_prog_kallsyms_find+0x289/0x4a0
[  873.515943] Code: 03 42 80 3c 30 00 0f 85 b1 01 00 00 4d 8b 6f 50 49 8d 7d 30 48 89 fa 48 c1 ea 03 42 80 3c 32 00 0f 85 ab 01 00 00 49 8d 7d 02 <4d> 8b 65 30 48 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 32
[  873.534843] RSP: 0018:ffff880184a1f3d0 EFLAGS: 00010046
[  873.540203] RAX: 0000000000000000 RBX: ffff8801d7cfbd70 RCX: ffffffff818bc5b1
[  873.547475] RDX: 1ffff92000325806 RSI: 0000000000000008 RDI: ffffc9000192c002
[  873.554752] RBP: ffff880184a1f548 R08: ffff8801bab2a380 R09: ffffed003b5e5b4f
[  873.562019] R10: ffffed003b5e5b4f R11: ffff8801daf2da7b R12: 1ffff10030943e9c
[  873.569289] R13: ffffc9000192c000 R14: dffffc0000000000 R15: ffff8801d7cfbd70
[  873.576562] FS:  00007f85a066b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  873.584783] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  873.590664] CR2: ffffc9000192c030 CR3: 00000001d7009000 CR4: 00000000001426e0
[  873.597937] Kernel panic - not syncing: Fatal exception in interrupt
[  873.605316] Kernel Offset: disabled
[  873.608940] Rebooting in 86400 seconds..