last executing test programs: 2h43m51.468214068s ago: executing program 32 (id=32): ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000000)={0x2, 0x0, &(0x7f0000fff000/0x1000)=nil}) (async) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000000)={0x2, 0x0, &(0x7f0000fff000/0x1000)=nil}) munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x420380, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r1, 0x200000b, 0x2010, r2, 0x0) (async) r3 = mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r1, 0x200000b, 0x2010, r2, 0x0) ioctl$KVM_GET_REGS(r2, 0x8360ae81, &(0x7f0000000080)) (async) ioctl$KVM_GET_REGS(r2, 0x8360ae81, &(0x7f0000000080)) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x102, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x9) syz_kvm_setup_cpu$arm64(r2, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000400)=[{0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013debf, 0x9}}, @msr={0x14, 0x20, {0x603000000013c524, 0x80000000}}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0xbeb, 0x9, 0x6}}, @svc={0x122, 0x40, {0x84000001, [0xe6, 0x75f, 0xef4c, 0x2, 0x5]}}, @svc={0x122, 0x40, {0x40, [0x9, 0xff, 0x5, 0x3, 0x2]}}, @irq_setup={0x46, 0x18, {0x2, 0x341}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x4, 0xb, 0x3, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x4, 0x340000, 0x7}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x277}}, @code={0xa, 0x6c, {"000028d50028214e00e0e00d00008013809396d20000b8f2210080d2420080d2830180d2240180d2020000d4000008d5a05f93d20080b8f2c10180d2820180d2030080d2e40180d2020000d4000c000e007008d5000008d5"}}, @code={0xa, 0x54, {"008008d5007008d5000000f9000008d5007008d500b8a15e000400f8008696d200c0b0f2210180d2020080d2a30080d2e40080d2020000d40020204e000008d5"}}, @smc={0x1e, 0x40, {0xc5000020, [0x0, 0x6, 0x1b, 0xa018, 0x5]}}], 0x280}], 0x1, 0x0, &(0x7f0000000440)=[@featur1={0x1, 0x81}], 0x1) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000480)="5ac503d60f86fdace65f3df5abde72e312531547d8ab201507da3fd7581b65370d16479d11ff642885d7c417d92835d864deea82099aa5cd6dc8d21b81d53ca938346186d6a7510c", 0x0, 0x48) eventfd2(0x0, 0x80000) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x9) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34) openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x8000, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x8000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x18) munmap(&(0x7f0000e9c000/0x3000)=nil, 0x3000) r7 = mmap$KVM_VCPU(&(0x7f0000e4c000/0x10000)=nil, r1, 0x1000004, 0x10010, r2, 0x0) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x30) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000580)="b02a3b2d0252a6c6f9cc17e561c8c7d6f8786456190efeecf3257d6c5fcb6fb093c3be6f14411863de48d73ef76463be04abc99fffd1e73d49fd3744f0459a8ccff8a09276059ce1", 0x0, 0x48) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000580)="b02a3b2d0252a6c6f9cc17e561c8c7d6f8786456190efeecf3257d6c5fcb6fb093c3be6f14411863de48d73ef76463be04abc99fffd1e73d49fd3744f0459a8ccff8a09276059ce1", 0x0, 0x48) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000640)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000600)={0x10001, 0x7, 0x2}}) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x0) 2h43m44.207757862s ago: executing program 33 (id=33): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0xffffff7f, 0xff25) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) mmap$KVM_VCPU(&(0x7f0000ff2000/0xb000)=nil, 0x0, 0x1, 0x11, r5, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x101, 0x3000, 0x0, r0, 0xd}) 2h31m21.603822926s ago: executing program 34 (id=89): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) r7 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x10003, 0x0}) r8 = mmap$KVM_VCPU(&(0x7f0000cc6000/0x1000)=nil, 0x0, 0x0, 0x12, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="76bfb794980c463608064dc6fdebb3fecf47b01c9e1618486c30ac7d051106a25ea415412286634db64ffd05383c847ebad2a53e1338451baea1af50aaf66426a4394c3a74c5b233", 0x0, 0x48) r9 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}}) ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2e) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x12}) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x33) r13 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x5edc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) close(r1) 2h31m17.867567066s ago: executing program 35 (id=90): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r4, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008000000000000ff"]) close(0x3) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160003, &(0x7f0000000000)=0x7}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x3, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0}) ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x4, 0x0, &(0x7f0000000140)=0x3ff}) 2h21m45.887319281s ago: executing program 36 (id=110): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1b) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000000c0)={0x7, 0xa}) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x40) ioctl$KVM_CAP_ARM_USER_IRQ(r3, 0x4068aea3, &(0x7f0000000140)) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x38) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c02a, &(0x7f0000000180)}) r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000240)={0x1, 0x40}) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000280)={0x3, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r12, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r14, 0xae80, 0x0) 2h11m53.29054275s ago: executing program 37 (id=152): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c03a, &(0x7f00000000c0)=0x6}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000002c0)=[@uexit={0x0, 0x18, 0x5}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf20, 0x8, 0xd}}, @eret={0xe6, 0x18, 0x2}, @smc={0x1e, 0x40, {0x84000050, [0x632, 0x3, 0x0, 0x1, 0x4]}}, @uexit={0x0, 0x18, 0x9}, @hvc={0x32, 0x40, {0xc400000c, [0x0, 0x4, 0x9, 0xd, 0x13af]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4, 0x3, 0x8, 0x7, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0xdb}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x100, 0x401, 0x4}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0xfc}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x0, 0x2, 0x8}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x356}}, @uexit={0x0, 0x18, 0x7}], 0x218}, &(0x7f00000001c0)=[@featur1={0x1, 0x30}], 0x1) r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x1, 0xf, 0x3, 0x4, 0x1}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x425, 0x6, 0xa}}, @svc={0x122, 0x40, {0xc4000001, [0x40, 0x2, 0x5, 0xfff, 0xdf0]}}, @code={0xa, 0x6c, {"00e8a00e007008d5e03d95d200c0b0f2e10180d2820180d2630080d2840080d2020000d400000048000028d5007008d5007008d5000028d50000809a00a581d20060b0f2210180d2820180d2e30180d2640080d2020000d4"}}, @uexit={0x0, 0x18, 0xffffffffffffffff}, @eret={0xe6, 0x18, 0x16}, @code={0xa, 0xcc, {"a07e81d20040b0f2c10080d2a20080d2630180d2e40080d2020000d480b696d20000b0f2a10180d2420180d2630180d2240080d2020000d4c0d48bd20080b0f2210180d2a20080d2430180d2840080d2020000d440cf85d20060b8f2e10080d2020180d2a30180d2440080d2020000d420469cd20060b0f2610080d2220080d2e30180d2840180d2020000d4007008d5809689d20080b8f2210080d2a20080d2430080d2640080d2020000d4000008d500b4205e000000ab"}}, @smc={0x1e, 0x40, {0xc4000003, [0x8, 0x7ff, 0x9, 0xfffffffffffffffd, 0x1]}}, @hvc={0x32, 0x40, {0x80000000, [0x8, 0x7, 0x1ff, 0x7, 0x6]}}, @msr={0x14, 0x20, {0x603000000013e6c9, 0x1807c7f1}}, @uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x3eb}}, @msr={0x14, 0x20, {0x603000000013e643, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0xfff, 0xb}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x2, 0x80000000, 0x0, 0x2}}, @hvc={0x32, 0x40, {0x80008000, [0x7fffffff, 0x6, 0x1e8ceb1b, 0x2, 0x8001]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x314}}, @svc={0x122, 0x40, {0x84000006, [0x6, 0xbd5c, 0x7000000000000000, 0x100, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x10, 0x1, 0x2}}, @msr={0x14, 0x20, {0x603000000013c230, 0x31c}}, @mrs={0xbe, 0x18}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x33b}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0xe6}}, @msr={0x14, 0x20, {0x603000000013c081, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x32}}, @mrs={0xbe, 0x18, {0x603000000013dea6}}], 0x500}, &(0x7f0000000240)=[@featur1={0x1, 0x5}], 0x1) ioctl$KVM_ARM_VCPU_FINALIZE(r9, 0x4004aec2, &(0x7f0000000a00)=0x5) mmap$KVM_VCPU(&(0x7f0000cb2000/0x1000)=nil, r7, 0x8, 0x2010, r8, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100048, &(0x7f0000000000)=0x3}) r10 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_RUN(r10, 0xae80, 0x0) 2h11m47.443552044s ago: executing program 38 (id=153): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0x2000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000740)=@attr_other={0x0, 0x1, 0x1, &(0x7f0000000180)=0x4000000008}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000c0f000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000c0f000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3}) (async) ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3}) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2e) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100010, &(0x7f00000001c0)=0x4}) (async) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100010, &(0x7f00000001c0)=0x4}) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r16, 0x400454d0, 0x2d) (async) ioctl$KVM_CREATE_VM(r16, 0x400454d0, 0x2d) r17 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c807}}, @msr={0x14, 0x20, {0x603000000013e08e, 0xa}}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0x6d2, 0x2, 0x5}}], 0x68}, 0x0, 0x0) ioctl$KVM_RUN(r17, 0xae80, 0x0) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 2h1m59.461477566s ago: executing program 7 (id=164): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x4, 0x220) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2h1m36.286090543s ago: executing program 7 (id=166): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x19) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0}) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) eventfd2(0x8, 0x801) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000bde000/0x400000)=nil) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) ioctl$KVM_RUN(r16, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x2c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000140)=@arm64_fp_extra={0x60200000003000d5, &(0x7f0000000100)=0x7fffffff}) 2h1m7.42368713s ago: executing program 7 (id=168): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x0, 0x8000000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x30) ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, 0xffffffffffffffff) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x2710, 0x2c0, 0x0, &(0x7f0000000500)=[0x9, 0x5, 0xfffffffffffffffa, 0x7fff, 0x800, 0x9, 0x7, 0x2000, 0xb73d, 0x5, 0x7fff, 0xffff, 0x0, 0x8a, 0x305, 0x400, 0x2, 0x7ff, 0x7, 0x2, 0xfffffffffffffff8, 0x0, 0x38, 0x6, 0x5b6e7bba, 0x7, 0x8, 0x6, 0x8000, 0x3, 0xe, 0x3, 0xc, 0x4, 0x3, 0x2, 0x8, 0x80000001, 0x45e5, 0x40, 0x5, 0x3, 0xe, 0x5, 0x5f22, 0x9, 0x8270, 0x865, 0x9, 0x9, 0x8001, 0xfffffffffffffffc, 0x1, 0xd, 0x81, 0x6, 0x0, 0x100000000, 0x6, 0x6, 0xa00a, 0x4, 0x10001, 0x5b, 0x6d4, 0x6, 0x40, 0x7, 0xd, 0x8000000000000001, 0x6, 0xfffffffffffffffc, 0x8000000000000001, 0xffffffffffff5a26, 0xffffffff80000000, 0x4, 0xd, 0x40, 0x9, 0x9, 0x28e1, 0x8, 0xfffffffffffff926, 0x4, 0x6, 0x4, 0x7, 0xf, 0x8, 0xff, 0x6, 0x6, 0x8, 0x7, 0x3, 0x5319fb9, 0x8, 0x9, 0x100000000, 0x6, 0x7, 0x100000001, 0x8000000000000001, 0x9, 0x9, 0x0, 0x2, 0x3, 0x6, 0x7, 0x7, 0x2, 0x5, 0x100000000, 0x6, 0x4, 0xffffffffffffff00, 0xda, 0x51b3c898, 0x100000000, 0x0, 0x5, 0x101, 0x1ff, 0x6, 0xc, 0x2, 0xa]}) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) close(r6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000001c0)={0x9, 0x1ff}) 2h0m19.077192808s ago: executing program 39 (id=168): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x0, 0x8000000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x30) ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, 0xffffffffffffffff) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x2710, 0x2c0, 0x0, &(0x7f0000000500)=[0x9, 0x5, 0xfffffffffffffffa, 0x7fff, 0x800, 0x9, 0x7, 0x2000, 0xb73d, 0x5, 0x7fff, 0xffff, 0x0, 0x8a, 0x305, 0x400, 0x2, 0x7ff, 0x7, 0x2, 0xfffffffffffffff8, 0x0, 0x38, 0x6, 0x5b6e7bba, 0x7, 0x8, 0x6, 0x8000, 0x3, 0xe, 0x3, 0xc, 0x4, 0x3, 0x2, 0x8, 0x80000001, 0x45e5, 0x40, 0x5, 0x3, 0xe, 0x5, 0x5f22, 0x9, 0x8270, 0x865, 0x9, 0x9, 0x8001, 0xfffffffffffffffc, 0x1, 0xd, 0x81, 0x6, 0x0, 0x100000000, 0x6, 0x6, 0xa00a, 0x4, 0x10001, 0x5b, 0x6d4, 0x6, 0x40, 0x7, 0xd, 0x8000000000000001, 0x6, 0xfffffffffffffffc, 0x8000000000000001, 0xffffffffffff5a26, 0xffffffff80000000, 0x4, 0xd, 0x40, 0x9, 0x9, 0x28e1, 0x8, 0xfffffffffffff926, 0x4, 0x6, 0x4, 0x7, 0xf, 0x8, 0xff, 0x6, 0x6, 0x8, 0x7, 0x3, 0x5319fb9, 0x8, 0x9, 0x100000000, 0x6, 0x7, 0x100000001, 0x8000000000000001, 0x9, 0x9, 0x0, 0x2, 0x3, 0x6, 0x7, 0x7, 0x2, 0x5, 0x100000000, 0x6, 0x4, 0xffffffffffffff00, 0xda, 0x51b3c898, 0x100000000, 0x0, 0x5, 0x101, 0x1ff, 0x6, 0xc, 0x2, 0xa]}) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) close(r6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000001c0)={0x9, 0x1ff}) 1h35m39.674485458s ago: executing program 40 (id=240): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x8000, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2e) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r15 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r15}) ioctl$KVM_RUN(r14, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100048, &(0x7f0000000000)=0x3}) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r7, 0x40000) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1h21m49.006839976s ago: executing program 41 (id=252): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000240)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x200}}, @msr={0x14, 0x53, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x20000002) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bff000/0x400000)=nil) (async) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30) (async) r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000b40)=[@uexit={0x0, 0x18, 0xfffffffffffff3ec}, @hvc={0x32, 0x40, {0x10, [0x0, 0x0, 0x400, 0x10000, 0x200000000000000]}}, @code={0xa, 0x9c, {"000008d5607594d20080b0f2010080d2420080d2a30180d2c40080d2020000d40060e00d802d8fd20080b8f2c10180d2a20180d2e30080d2440080d2020000d4a06094d20020b8f2610080d2c20080d2030080d2c40180d2020000d400a0400d00a8310e807e96d20040b8f2e10080d2e20180d2a30080d2c40080d2020000d4000008d5007008d5"}}, @irq_setup={0x46, 0x18, {0x3, 0xb5}}, @uexit={0x0, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013e080, 0x7db}}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013df75}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0xc, 0xc74e, 0x2}}, @code={0xa, 0xcc, {"007008d580af8cd200e0b8f2410080d2620080d2c30180d2c40080d2020000d4007185d200e0b8f2e10080d2e20180d2c30080d2640180d2020000d4008008d520b09fd20080b0f2010080d2e20080d2c30180d2640080d2020000d4c06093d20000b8f2010080d2a20080d2030180d2840080d2020000d40004005e204b87d200e0b0f2e10080d2e20180d2a30180d2040180d2020000d440dd91d20040b0f2a10180d2620080d2630180d2040080d2020000d40000601e"}}, @mrs={0xbe, 0x18, {0x603000000013c300}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x3, 0x3, 0x1000}}, @irq_setup={0x46, 0x18, {0x3, 0x169}}, @svc={0x122, 0x40, {0x84000008, [0x2bc, 0x6, 0x2, 0x1, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x70, 0x40000000, 0x4}}, @mrs={0xbe, 0x18, {0x5889}}, @irq_setup={0x46, 0x18, {0x2, 0xe}}, @mrs={0xbe, 0x18, {0x603000000013e6c0}}], 0x378}, &(0x7f00000001c0)=[@featur1={0x1, 0x8e}], 0x1) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x4, 0x0, r13}) (async) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000200)={0xc, 0x2000, 0x2, r13}) (async) close(r12) (async) r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) (async) r15 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r16, 0x4010aeac, &(0x7f0000000080)=@arm64_extra={0x603000000013df01, &(0x7f0000000000)=0x2}) 1h8m20.275693219s ago: executing program 42 (id=267): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c8}) r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x401c5820, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)=0x6}) 1h7m52.184374095s ago: executing program 43 (id=269): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000180)={0x80000000, 0x6000, 0x0, 0xffffffffffffffff, 0xf}) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[], 0x60}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 59m48.226031056s ago: executing program 3 (id=271): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYRESOCT=r4]) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r7, 0x4010aeab, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x603000000010003e, &(0x7f0000000100)=0x10}) 59m25.78430792s ago: executing program 3 (id=274): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r1) (async, rerun: 32) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (rerun: 32) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async, rerun: 64) r4 = eventfd2(0xfffffffe, 0x80000) (rerun: 64) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7ff, 0x4, 0x8, r4, 0xa}) (async) r5 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) (async, rerun: 32) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000008c0)={0x2000, 0x0, 0x4}) (async) r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df5b, 0x8000}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0xdfe8, 0x6}}, @msr={0x14, 0x20, {0x6030000000138004, 0x8000}}, @msr={0x14, 0x20, {0x603000000013800c, 0x8000}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xc0, 0x8, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x1, 0x7, 0x0, 0x800, 0x1}}, @msr={0x14, 0x20, {0x6030000000138024, 0x8000}}, @msr={0x14, 0x20, {0x603000000013802c, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138005, 0x8000}}, @msr={0x14, 0x20, {0x603000000013800d, 0x8000}}], 0x168}, 0x0, 0x0) (async, rerun: 64) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (rerun: 64) r13 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r13, 0xffffffffffffffff) (async, rerun: 64) syz_kvm_assert_reg(r11, 0x6030000000138010, 0x8000) (async, rerun: 64) syz_kvm_assert_reg(r11, 0x6030000000138012, 0x8000) syz_kvm_assert_reg(r11, 0x6030000000138004, 0x8000) (async, rerun: 32) syz_kvm_assert_reg(r11, 0x603000000013800c, 0x8000) (async, rerun: 32) syz_kvm_assert_reg(r11, 0x6030000000138014, 0x8000) (async, rerun: 32) syz_kvm_assert_reg(r11, 0x603000000013801c, 0x8000) (async, rerun: 32) syz_kvm_assert_reg(r11, 0x6030000000138024, 0x8000) syz_kvm_assert_reg(r11, 0x603000000013802c, 0x8000) syz_kvm_assert_reg(r11, 0x6030000000138005, 0x8000) syz_kvm_assert_reg(r11, 0x603000000013800d, 0x8000) 59m11.775872606s ago: executing program 2 (id=275): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20000000000032) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x0, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur2={0x1, 0x58}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 59m9.180370441s ago: executing program 3 (id=276): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xa) r1 = eventfd2(0x8d, 0x80000) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000080)={0x7ff, 0xffef4000, 0x8, r1, 0x4b8428d0b4e95208}) close(r1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r5, 0x2, 0x340) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="fb4149dd033be3ac2cc49cab8048a300000000000000010000005a9622175f3e521c8b000017449a7a835673312b54efb2aa7fc869d2260000000000002000", 0x0, 0xb2859484bb2984c6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r6, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x57) openat$kvm(0x0, &(0x7f0000000300), 0x0, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x28) r12 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r14, 0x4008ae6a, &(0x7f00000000c0)={0x836, 0x0, [{0xc, 0x2, 0x1, 0x0, @msi={0xebb, 0x394c794c, 0x7f, 0x801}}]}) r15 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x3e) ioctl$KVM_SET_USER_MEMORY_REGION(r15, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x4, 0x8000000, 0x1000, &(0x7f0000c0f000/0x1000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000002c0)={0x5000, 0x11d000}) r16 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) 58m59.407725036s ago: executing program 2 (id=277): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0xa000}) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x80000000009) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x22000, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r8, 0xb, 0x11, r6, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r10 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r10}) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x5000}) 58m44.047609661s ago: executing program 3 (id=278): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x2, 0x401, &(0x7f0000000280)=0x1}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0xe0a7}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r5, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0x33}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x80080, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0x8000000}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000080a0000}) syz_kvm_vgic_v3_setup(r6, 0x4, 0x220) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x24) r14 = eventfd2(0x8, 0x80800) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r14, 0xb}) munmap(&(0x7f0000f4b000/0x3000)=nil, 0x3000) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r14, 0x3}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x6, 0xffffffff80000000, 0x0}) 58m40.378466889s ago: executing program 2 (id=279): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@msr={0x14, 0xffffffda, {0xc64b8643e04e09e6, 0x190000}}], 0x20}, &(0x7f0000000000)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 58m26.416894203s ago: executing program 2 (id=280): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d1, 0x0}) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=[@featur2={0x1, 0x56}], 0x1) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r5, 0x2, 0x200) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r11, 0x40a0ae49, &(0x7f0000000040)={0x1fd, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x1ff}) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, 0x0) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 58m18.875514679s ago: executing program 3 (id=281): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7}) (async) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7}) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f0000000240)=[@featur1={0x1, 0xc}], 0x1) (async) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f0000000240)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) 57m38.80419374s ago: executing program 44 (id=280): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d1, 0x0}) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=[@featur2={0x1, 0x56}], 0x1) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r5, 0x2, 0x200) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r11, 0x40a0ae49, &(0x7f0000000040)={0x1fd, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x1ff}) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, 0x0) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 57m29.703672297s ago: executing program 45 (id=281): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7}) (async) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7}) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f0000000240)=[@featur1={0x1, 0xc}], 0x1) (async) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f0000000240)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) 43m16.575497727s ago: executing program 5 (id=325): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000140)=0x7}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616}) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=[@irq_setup={0x46, 0x18, {0x1, 0x238}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df53, 0x7ffc}}], 0x94}, &(0x7f0000000300)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_DIRTY_LOG(r12, 0x4010ae42, &(0x7f0000000100)={0x1, 0x0, &(0x7f0000d01000/0x4000)=nil}) ioctl$KVM_RUN(r10, 0xae80, 0x0) 42m53.066256113s ago: executing program 5 (id=327): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0}) (async) 42m51.205686854s ago: executing program 4 (id=328): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0}) 42m41.309025846s ago: executing program 5 (id=329): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async, rerun: 32) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (rerun: 32) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async, rerun: 64) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) (rerun: 64) ioctl$KVM_CHECK_EXTENSION(r4, 0x541b, 0x20000000000000ac) (async) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async, rerun: 32) ioctl$KVM_RUN(r8, 0xae80, 0x0) (rerun: 32) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (rerun: 32) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000f56000/0x3000)=nil, 0x930, 0x3000007, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 42m35.877307915s ago: executing program 4 (id=330): openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x3, 0xffffffffffffffff, 0x1}) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x53, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) r2 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f0000000440)=[@its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0x1, 0x5, 0x9, 0x3}}, @eret={0xe6, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x5}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x6, 0x2, 0x5}}, @msr={0x14, 0x20, {0x6030000000138010, 0x100000000}}, @uexit={0x0, 0x18, 0x9}, @smc={0x1e, 0x40, {0x800, [0x1, 0x0, 0x2, 0xcb, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x8, 0x7, 0x6}}, @hvc={0x32, 0x40, {0xc4000014, [0xd02, 0x91ec, 0x4, 0x2, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1c00, 0x5, 0x9}}, @code={0xa, 0x54, {"e00b90d200c0b8f2e10180d2c20080d2c30180d2a40080d2020000d4000008d5bf2003d50040204e000c000e0008403a007008d5007008d5008008d5008008d5"}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x8400000c, [0xfffffffffffffffa, 0x8, 0x0, 0xffffffffffffff1e, 0x1000]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x3f0}}, @mrs={0xbe, 0x18, {0x603000000013f080}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xc00, 0x0, 0x1}}], 0x2c4}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0xa2}], 0x1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x29) ioctl$KVM_RUN(r2, 0xae80, 0x0) 42m28.577613679s ago: executing program 5 (id=331): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0x0, 0x0, 0x202201, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xc0) r4 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) close(r4) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) r5 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0xe, 0x16831, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000001c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x1}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x40305839, &(0x7f0000000040)=@attr_other={0x0, 0xab, 0x7f, &(0x7f0000000240)=0x5}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) 42m26.000476889s ago: executing program 4 (id=332): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0x6, 0x5}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r2, 0x3}) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) syz_kvm_vgic_v3_setup(r4, 0x2, 0x0) close(r4) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a0c000/0x400000)=nil) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x3, 0x0, 0x2, r2, 0xb}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0xc, 0x2, 0x1, 0x0, @msi={0xebb, 0x394c794c, 0x7f, 0x800}}]}) close(r6) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae03, 0xbb) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2c) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r13, &(0x7f0000bfe000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000140)=@arm64_ccsidr={0x602000000011000b, &(0x7f00000000c0)=0x8000000}) r14 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) 42m5.048627157s ago: executing program 5 (id=333): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x25) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000f0a000/0x4000)=nil, 0x0, 0x0, 0x40010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r7, 0x20, &(0x7f0000000080)="589b64f0b17ae19c78aed0a4c20bdb504f232ad64958f82a", 0x0, 0x18) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x53, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r12, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 42m0.443834518s ago: executing program 4 (id=334): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000001000/0x4000)=nil, r6, 0x3000001, 0x13, r5, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@arm64={0xad, 0x40, 0xcd, '\x00', 0x100}) 41m43.644169894s ago: executing program 4 (id=335): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x930, 0x4, 0x4f833, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x5, 0x6, &(0x7f0000000200)=0x81}) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r9, 0x400454d9, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) 41m40.369948961s ago: executing program 5 (id=336): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xb6) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r7, 0x2, 0x40) ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CAP_ARM_MTE(r7, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_CREATE_VM(r10, 0xae03, 0xbb) r11 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x0, 0x8, 0x8010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="6c1a2afe7642be03357a7050eaa8fe731e29f45c52b3ab802002d0c128546b8d9bb96d531413dd29378d26f9aa64d353fd15a3a3177cd157afd2734fabdc659a810bfefa9dd6ac9d", 0x0, 0x48) 41m27.702811593s ago: executing program 4 (id=337): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x400c0, 0x0) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x21) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000ee0000/0x2000)=nil, r9, 0x3, 0x11, r8, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc0189436, 0x20004000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r15, &(0x7f00000001c0)=0x7ffffff, 0x648) 40m54.677662859s ago: executing program 46 (id=336): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xb6) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r7, 0x2, 0x40) ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CAP_ARM_MTE(r7, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_CREATE_VM(r10, 0xae03, 0xbb) r11 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x0, 0x8, 0x8010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="6c1a2afe7642be03357a7050eaa8fe731e29f45c52b3ab802002d0c128546b8d9bb96d531413dd29378d26f9aa64d353fd15a3a3177cd157afd2734fabdc659a810bfefa9dd6ac9d", 0x0, 0x48) 40m38.855863756s ago: executing program 47 (id=337): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x400c0, 0x0) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x21) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000ee0000/0x2000)=nil, r9, 0x3, 0x11, r8, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc0189436, 0x20004000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r15, &(0x7f00000001c0)=0x7ffffff, 0x648) 32m37.825706311s ago: executing program 7 (id=339): mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x8, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r4, 0xae00, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000000)={0x1, 0xe59b8351}) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x100000000000027) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x1, 0x1, r5}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x1, 0x0}) r9 = syz_kvm_vgic_v3_setup(r1, 0x3, 0x2a0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x32) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r11, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) ioctl$KVM_RESET_DIRTY_RINGS(r11, 0xaec7) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x0, 0xfffffffffffffffa, &(0x7f0000000080)=0x4}) 32m27.769707969s ago: executing program 7 (id=342): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xc) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x81, 0xfffffc01}}) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x20) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x13) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x4369, 0x5}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f00000000c0)={0xc0, 0x0, 0xe000}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15) r3 = eventfd2(0xfffffff9, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x2, 0x122232000, 0x1, r3, 0x2}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x3, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f00000001c0)=0x3}) ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x8000, 0x5, &(0x7f0000000240)=0x100}) r5 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f00000002c0)=[@eret={0xe6, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x1ff}}, @msr={0x14, 0x20, {0x603000000013df51, 0xffffffffffffffc0}}, @code={0xa, 0x9c, {"e0d086d20020b8f2410080d2820180d2430080d2240180d2020000d400d8a07ee0838ad20040b8f2210080d2820080d2a30180d2240080d2020000d4008008d50000251e0004005e0008203c603890d20080b0f2410080d2220080d2c30080d2840080d2020000d4007008d560438dd200c0b8f2810080d2a20080d2630180d2440080d2020000d4"}}, @eret={0xe6, 0x18, 0xffffffff}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x9c3, 0x7, 0x2}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x7f, 0x2, 0x1}}, @msr={0x14, 0x20, {0x603000000013c518, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x243}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0x8, 0x100, 0x41578f53, 0x2}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x161}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x27f}}, @code={0xa, 0xb4, {"e0c98dd20040b0f2c10080d2220180d2a30180d2840080d2020000d4007008d5000008d500d4a07e00dc202e206b85d20040b8f2010080d2020080d2230180d2440180d2020000d400b485d20000b0f2210180d2820180d2a30080d2c40080d2020000d4605d8ed20000b0f2210080d2a20080d2630080d2c40080d2020000d4007008d540279dd200a0b0f2c10080d2c20180d2830180d2440180d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x34f}}, @hvc={0x32, 0x40, {0x41000023, [0x100, 0x3, 0x342d, 0x81, 0x7fffffff]}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x1, 0xffffffff, 0xff, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0xa4}}, @msr={0x14, 0x20, {0x603000000013c2aa, 0x7}}, @hvc={0x32, 0x40, {0x84000006, [0x80000001, 0xff, 0x10000, 0x3e0, 0x1]}}, @msr={0x14, 0x20, {0x603000000013dead, 0x800}}, @its_send_cmd={0xaa, 0x28, {0x2, 0x1, 0x4, 0x3, 0x7, 0x6, 0x2}}, @eret={0xe6, 0x18, 0x1}], 0x498}], 0x1, 0x0, &(0x7f00000007c0)=[@featur2={0x1, 0x20}], 0x1) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x623200, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x19) r8 = ioctl$KVM_GET_STATS_FD_vm(r7, 0xaece) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000840)={0xb, 0x9d}) ioctl$KVM_GET_DIRTY_LOG(r8, 0x4010ae42, &(0x7f0000000880)={0x1, 0x0, &(0x7f0000c6e000/0x4000)=nil}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_ARM_SET_COUNTER_OFFSET(0xffffffffffffffff, 0x4010aeb5, &(0x7f00000008c0)={0x4ea05790, 0x58}) ioctl$KVM_DIRTY_TLB(r5, 0x4010aeaa, &(0x7f0000000900)={0x9, 0x7}) r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34) ioctl$KVM_CAP_PTP_KVM(r10, 0x4068aea3, &(0x7f0000000940)) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r9, 0x8000ae83, &(0x7f00000009c0)) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x7f) 32m17.494569771s ago: executing program 7 (id=344): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff}) r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x0) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r8 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x1fe, 0xdddc1000, 0x1, r8, 0x4}) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x5, 0x1}) 31m30.066608491s ago: executing program 48 (id=344): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff}) r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x0) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r8 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x1fe, 0xdddc1000, 0x1, r8, 0x4}) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x5, 0x1}) 28m54.644287325s ago: executing program 6 (id=360): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x8, 0x80800) r3 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r2, 0x2}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x4, r2, 0x3}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000000)={0x9, 0xffffffffffffff99}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000180)=0x10}) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r8, 0x2, 0x320) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r12, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, &(0x7f0000000100)={0x55}) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) 28m37.716678229s ago: executing program 6 (id=361): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x5, 0x4f832, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xa}}], 0x30}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_HALT_POLL(r8, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81}) (async) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r11, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) 28m28.025593546s ago: executing program 6 (id=362): write$eventfd(0xffffffffffffffff, &(0x7f0000000200)=0x8, 0x8) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x185203, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1e) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, 0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000a, 0x53033, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3000007, 0x1010, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000f2f000/0x3000)=nil, 0x0, 0x1000000, 0x11, r9, 0x0) r11 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) ioctl$KVM_CHECK_EXTENSION(r11, 0x541b, 0xac) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x2, 0x0}) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000c91000/0x4000)=nil, 0x0, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 28m19.649630944s ago: executing program 6 (id=363): openat$kvm(0x0, &(0x7f0000000240), 0x80, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x6, [0x4, 0x0, 0x2, 0x3, 0x800002179d422]}}, @mrs={0xbe, 0x18, {0x603000000013deb0}}], 0x58}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000340)=0x1}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) r9 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x218070195c17f3d1, 0x0}) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x8030aeb4, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x2080, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2e) (async) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000380)=[@smc={0x1e, 0x40, {0x80000002, [0x8, 0x7, 0x400, 0xffffffffffffff80, 0x101]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x2, 0x0, 0x6, 0x205}}], 0x68}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x4, 0x1c0) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) 28m7.15652203s ago: executing program 6 (id=364): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x22001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async, rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r9 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r6, 0x2, 0x100) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r11, 0x8040aeb6, 0x0) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x13, r12, 0x0) (async, rerun: 64) ioctl$KVM_RUN(r8, 0xae80, 0x0) (rerun: 64) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) 27m55.057613667s ago: executing program 6 (id=365): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x4}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0xf, 0x11, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x10010, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r2 = openat$kvm(0x0, &(0x7f0000000180), 0x208840, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1e) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x84000, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0x57) r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r14 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000000)={0x8, 0x0, 0x0, r14, 0x2}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) 27m6.865622604s ago: executing program 49 (id=365): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x4}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0xf, 0x11, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x10010, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r2 = openat$kvm(0x0, &(0x7f0000000180), 0x208840, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1e) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x84000, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0x57) r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r14 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000000)={0x8, 0x0, 0x0, r14, 0x2}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) 22m51.949495159s ago: executing program 8 (id=369): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xa0401, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x1, 0x0}) 22m41.008135332s ago: executing program 8 (id=370): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x601, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x82a40, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x5d, {0x1, 0x20000020}}], 0x18}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_SREGS(r7, 0x8000ae83, &(0x7f0000000180)) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140000, &(0x7f0000000000)=0x7}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_vgic_v3_setup(r10, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0xffffffff, 0x4, 0x0}) r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x4) ioctl$KVM_IRQ_LINE_STATUS(r12, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001}) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x8000000, 0x5000}) ioctl$KVM_RUN(r13, 0xae80, 0x0) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000a80)=[@smc={0x1e, 0x40, {0x80008000, [0x7f, 0xffffffffffffffff, 0x2000000000000009, 0x80, 0x9557]}}, @code={0xa, 0x84, {"c07598d20060b8f2410080d2020080d2230080d2640180d2020000d4008008d50050000e0010c05a0000202b007008d5e0c291d20040b8f2210080d2a20180d2230080d2240180d2020000d4007008d5008008d5e09295d20000b8f2610080d2220180d2030180d2040180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013c100}}, @mrs={0xbe, 0x18, {0x603000000013def1}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x122}}, @irq_setup={0x46, 0x18, {0x2, 0x272}}, @irq_setup={0x46, 0x18, {0x0, 0x13d}}, @msr={0x14, 0x20, {0x603000000013c2a8}}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x84000053, [0x5, 0x1, 0x6, 0x7, 0x73e]}}, @code={0xa, 0x9c, {"20fb94d20020b0f2a10180d2420180d2230080d2440180d2020000d4000028d5008008d5a07496d20080b0f2410180d2820080d2230180d2040180d2020000d4007008d5a09994d200a0b0f2a10080d2420080d2230180d2a40180d2020000d4000008d5000028d5000028d5806294d20060b0f2210080d2220080d2e30080d2a40180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0x5, 0x40, 0x5, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0xc, 0x20000, 0x1, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013df76}}, @smc={0x1e, 0x40, {0x1cc000408, [0x4, 0x6, 0x8, 0x0, 0xd7]}}, @mrs={0xbe, 0x18, {0x603000000013df79}}, @smc={0x1e, 0x40, {0xc5000020, [0x6, 0x4, 0x7, 0x1, 0xf5e5]}}, @code={0xa, 0x9c, {"007008d50084e00da0e886d20000b0f2a10080d2020080d2630080d2e40080d2020000d4001c602e000440b80018200ee05e8ad20040b8f2010080d2220080d2a30080d2e40080d2020000d4e06e89d20060b0f2210080d2c20080d2a30180d2840180d2020000d400000098403992d200e0b8f2c10180d2c20180d2a30080d2640180d2020000d4"}}, @code={0xa, 0x9c, {"a0e698d200e0b0f2210080d2620180d2430080d2040180d2020000d41f0000b1000028d50080000d0030005f60e19fd200a0b8f2010080d2c20180d2230180d2640080d2020000d40008203ce0ed85d200e0b0f2810080d2420080d2030080d2c40180d2020000d4e06186d200a0b8f2010080d2620080d2030180d2840080d2020000d40000c0a9"}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x15a}}, @hvc={0x32, 0x40, {0x84000001, [0x80000000000feb4, 0x1f2c, 0x30000000000000, 0x2, 0x3]}}, @code={0xa, 0x6c, {"007008d5030000d4000028d5a03680d200e0b0f2210080d2020180d2a30180d2c40180d2020000d40004000f008c002f007008d50000231e404b8bd200c0b0f2410180d2820080d2230180d2a40080d2020000d41f0000ab"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x1f4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0x0, 0x1, 0x80000000}}], 0x5bc}, &(0x7f0000000040)=[@featur2={0x1, 0x26}], 0x1) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000100)={0x8}) 22m25.426527716s ago: executing program 8 (id=371): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x1, 0x2, 0x1, 0x0, @adapter={0x7f, 0x5, 0x6, 0x7, 0x7}}]}) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b10000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_fw={0x6030000000140003, &(0x7f00000000c0)=0x5}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfd000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x400000000000007, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c025, &(0x7f00000000c0)=0x6}) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0xb, 0xffffffffffffffff, 0x1}) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x15) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x2eb01, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = syz_kvm_vgic_v3_setup(r15, 0x2, 0x80) ioctl$KVM_GET_DEVICE_ATTR(r16, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x3, 0x4, 0x0}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r13, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0xd000}) 22m9.510436815s ago: executing program 8 (id=372): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfd000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) r8 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x8, &(0x7f0000000280)=0x5}) r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x10002}) 21m45.100215761s ago: executing program 8 (id=373): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000000)={0x5, 0x7ff}) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f0000000440)={0x10001, 0x0, 0x80, &(0x7f0000000040)=[0x8, 0x7, 0x0, 0x8, 0xf0bd, 0xe, 0xc, 0x400, 0x3, 0x2, 0x3, 0x80000001, 0x7, 0x8, 0x5da, 0x2, 0x1ff, 0x8, 0x1, 0x7fffffffffffffff, 0x3, 0x8, 0x6, 0x200, 0x3, 0x40, 0x2, 0x7, 0x5, 0x1, 0xc, 0x0, 0x22, 0x4, 0x6, 0x6, 0x81, 0x4, 0x0, 0x66b6, 0x8000000000000001, 0x3e8, 0xfffffffffffffffb, 0xd, 0x1ff, 0x7fffffffffffffff, 0x40, 0x2400000000000, 0xfff, 0x55b6fe6, 0x4, 0x8000000000000001, 0x6, 0x6, 0x7, 0xffff, 0x0, 0x0, 0x2, 0x2, 0x9, 0x2eb, 0x8, 0xffffffffffffffff, 0x6, 0x0, 0x1e0ef1ee, 0x1, 0xffffffffffff3b31, 0x2, 0x8001, 0x7, 0x7, 0x6bc54604, 0x8, 0x0, 0xfffffffffffffc00, 0x4, 0x10, 0x0, 0x3, 0xedd6, 0x0, 0x4, 0x3e0, 0xf86, 0x2, 0x0, 0xe, 0x40, 0x280000000000000, 0x6, 0x9, 0xfffffffffffffd4b, 0x4, 0xffff, 0xe, 0x0, 0xb, 0x8, 0x80000000, 0x7ff, 0x6, 0x9, 0xfffffffffffffffd, 0xc, 0xe9, 0x1, 0x3, 0x3, 0x39df, 0xc1, 0x8, 0x9, 0x100000000, 0xffffffff, 0x9, 0x81, 0x4, 0x100, 0x4, 0xcda00000, 0x5, 0x101, 0x4, 0xdb, 0xb59, 0x71d]}) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000480)={0x1, 0x0, 0x8080000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x5}) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000840)={0x0, &(0x7f0000000540)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x7, 0x7, 0x6, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013df54}}, @code={0xa, 0x9c, {"000008d5007008d5a02287d200a0b8f2e10180d2820080d2430080d2440180d2020000d40000402ce09892d20020b0f2010180d2820080d2c30080d2c40180d2020000d400a4e00de0799ad20040b8f2a10180d2620180d2830180d2640080d2020000d480229dd200c0b8f2810180d2220080d2a30180d2840180d2020000d4008008d500086078"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x48, 0x5, 0x1}}, @eret={0xe6, 0x18, 0x75d0}, @uexit={0x0, 0x18, 0x9}, @hvc={0x32, 0x40, {0x1000000, [0x6b9, 0x5, 0x10000, 0x8, 0x6c8]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x36e}}, @uexit={0x0, 0x18, 0x4}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x32}}, @svc={0x122, 0x40, {0x40, [0xb, 0x2, 0xe9ee, 0x5, 0x2]}}, @svc={0x122, 0x40, {0xc400000c, [0x1, 0x3d3, 0xffffffffffffff12, 0x7fffffffffffffff, 0x1]}}, @hvc={0x32, 0x40, {0x80008000, [0x0, 0x3, 0x2, 0x3, 0x8]}}, @hvc={0x32, 0x40, {0x84000004, [0x8, 0x7f, 0xb2, 0x8, 0x8]}}, @eret={0xe6, 0x18, 0x5}], 0x2fc}, &(0x7f0000000880)=[@featur2={0x1, 0x80}], 0x1) ioctl$KVM_RUN(r1, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000008c0)={0x10002, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) (async) ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000940)=@other={0x7, &(0x7f0000000900)=0x100000000}) (async) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000980)={0x2, 0xeeee0000, 0x100, 0x1, 0xc2}) (async) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f00000009c0)={0x3, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(0xffffffffffffffff, 0x40a0ae49, &(0x7f0000000a00)={0x10001, 0x6, 0xdddd1000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0xc, r2}) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000ac0)={0xffffffff, 0xfffffff9}) (async) ioctl$KVM_RUN(r1, 0xae80, 0x0) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000b00)={0xd000, 0x19000, 0x1}) (async) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xd) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000b40)={0x101ff, 0x1, 0x8080000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0x2, r2}) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f0000000c00)={0xf95b}) (async) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xb) ioctl$KVM_ASSIGN_SET_MSIX_NR(r5, 0x4008ae73, &(0x7f0000000c40)={0xc46, 0x9}) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000c80), 0x10540, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000cc0)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000d40)=@attr_other={0x0, 0x0, 0x1, &(0x7f0000000d00)=0x8}) (async) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d80), 0x9ca6d76c4fbeffa9, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2b) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_API_VERSION(r6, 0xae00, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000dc0)={0x40, 0x5}) 21m36.005893397s ago: executing program 8 (id=374): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454d0, 0x2d) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7}) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) close(r9) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x80000000000024) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) openat$kvm(0x0, 0x0, 0xc0002, 0x0) r14 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0x4) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYRES16=r9], 0x60}], 0x1, 0x0, 0x0, 0x0) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x2) 20m48.078987609s ago: executing program 50 (id=374): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454d0, 0x2d) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7}) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) close(r9) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x80000000000024) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) openat$kvm(0x0, 0x0, 0xc0002, 0x0) r14 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0x4) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYRES16=r9], 0x60}], 0x1, 0x0, 0x0, 0x0) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x2) 19m34.576195737s ago: executing program 0 (id=380): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000180)=[@code={0xa, 0x84, {"007008d50040c01a000008d5609695d20060b0f2010180d2020080d2a30080d2840080d2020000d40014c05a801a88d20020b8f2e10180d2420080d2c30180d2640180d2020000d40000029e0098202e000c40fce0a591d20080b8f2210180d2420080d2e30080d2e40080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x6, 0x9, 0x7fffffff, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c801}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x10000, 0x2}}, @code={0xa, 0x84, {"008008d50094200e007008d5409a84d200e0b0f2210080d2420080d2630180d2040180d2020000d440b887d20020b0f2210180d2220180d2830180d2440080d2020000d4003c205e0040271e406c8ad200a0b8f2010180d2820180d2430080d2040180d2020000d4000008d5007008d5"}}, @uexit={0x0, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0x10, 0xd7a2, 0x6, 0x2}}, @code={0xa, 0x9c, {"000008d5000028d5007f84d20020b0f2010180d2820080d2230080d2640080d2020000d4801993d20000b8f2410180d2820180d2830180d2840080d2020000d400d4202e0000181e1004201e603184d20000b0f2010080d2020180d2230180d2040080d2020000d4e07b87d20020b0f2010080d2620180d2830180d2a40180d2020000d40024000f"}}, @uexit={0x0, 0x18, 0xd1}, @mrs={0xbe, 0x18, {0x603000000013def3}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xb, 0xa1, 0x1, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c021}}, @smc={0x1e, 0x40, {0x8400000c, [0x3, 0x3f44, 0x1, 0x2, 0x70000000]}}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0xb4, {"000028d500a0df0d40358bd200c0b8f2c10180d2220080d2830080d2040180d2020000d440e39dd200e0b8f2010080d2c20080d2e30080d2840180d2020000d4000008d5204a9cd20080b0f2810080d2e20080d2230180d2440180d2020000d4406587d20000b0f2410180d2220180d2c30080d2240180d2020000d4000cc0da007685d200a0b8f2610180d2c20080d2e30180d2240180d2020000d400d0005f"}}, @smc={0x1e, 0x40, {0xc4000014, [0x100000001, 0x81, 0x0, 0xe00000, 0xbf8]}}, @eret={0xe6, 0x18, 0x5}], 0x428}, &(0x7f0000000040)=[@featur2={0x1, 0x20}], 0x1) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_REGS(r4, 0x4360ae82, &(0x7f00000005c0)={[0x0, 0x79987a6c, 0x1, 0x6, 0xfffffffffffffffa, 0x7, 0x7, 0x0, 0x5, 0x3ff, 0x0, 0xc, 0x6, 0x3, 0x1, 0x2], 0x2, 0x8001}) 19m26.858347329s ago: executing program 0 (id=381): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil}) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, &(0x7f0000000340)=@attr_arm64={0x0, 0x2, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8030aeb4, 0x0) 19m19.49920968s ago: executing program 0 (id=382): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r3, 0x0, 0x3, r3}) r4 = eventfd2(0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0x4020940d, 0x20000000) r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000000)={0x7}) r10 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r10}) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000000c0)={0x8}) ioctl$KVM_SIGNAL_MSI(r9, 0x4020aea5, &(0x7f0000000000)={0x6000}) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000080)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, 0xffffffffffffffff) ioctl$KVM_RUN(r5, 0xae80, 0x0) 19m5.956878769s ago: executing program 0 (id=383): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x30) r4 = eventfd2(0xd16, 0x80000) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r7 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r7, 0x2}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r7, 0x3}) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000040)={r4, 0x2, 0x0, r7}) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000000)={0x17b6434f}) (async) write$eventfd(r2, &(0x7f00000001c0)=0xffffff7f, 0xff25) 18m54.655927484s ago: executing program 0 (id=384): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000000000000007) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x400000f, 0x10, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0, 0x69de83e3bc200dbe, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ee8000/0x1000)=nil, 0x930, 0x8, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30) r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000280)=@attr_other={0x0, 0x3, 0x4, 0x0}) r7 = eventfd2(0xb, 0x80001) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r8 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x300, &(0x7f0000000080)=0x4}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000001c0)=0x8, 0xe) r9 = openat$kvm(0x0, &(0x7f00000002c0), 0x408602, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_HAS_DEVICE_ATTR_vm(r10, 0x4018aee3, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x7, 0x8}}) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8}) ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000240)) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) 18m26.488820019s ago: executing program 0 (id=385): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0xc007000000000000) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x84000053, [0x80000000000, 0x6, 0xf1, 0x6f4, 0x1]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) 17m39.307119726s ago: executing program 51 (id=385): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0xc007000000000000) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x84000053, [0x80000000000, 0x6, 0xf1, 0x6f4, 0x1]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) 8m31.319304303s ago: executing program 1 (id=429): mmap$KVM_VCPU(&(0x7f0000748000/0x2000)=nil, 0x930, 0x8, 0x10, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000e15000/0x3000)=nil, 0x930, 0x100000c, 0x4010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x0, 0x2000004, 0x80010, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000d46000/0x1000)=nil, 0x930, 0x2, 0x20010, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x2b4101, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x52}) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000000c0)=@arm64_ccsidr={0x6020000000110002, &(0x7f0000000080)=0x8}) 8m21.875556247s ago: executing program 1 (id=430): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008000000000000ff"]) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x200000, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff}) 8m15.967273413s ago: executing program 9 (id=431): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r8, 0x3, 0x11, r6, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r9, 0xfffffffffffffffe) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r9, 0xffffffffffffffff) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r11, 0x4008ae6a, &(0x7f00000002c0)={0x0, 0x100000}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r12, 0x4010aeab, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000140)=0x7}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00']) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) 8m6.662156848s ago: executing program 1 (id=432): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x2, 0x100) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000100)={0x55}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 8m0.510132434s ago: executing program 9 (id=433): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async, rerun: 64) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (rerun: 64) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x1000002, 0x30, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 7m54.297289748s ago: executing program 1 (id=434): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f00000000c0), 0x54}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) munmap(&(0x7f0000ed0000/0x2000)=nil, 0x2000) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r8, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x33da, 0xffffff47}) syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f00000000c0), 0x54}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8}) (async) munmap(&(0x7f0000ed0000/0x2000)=nil, 0x2000) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) ioctl$KVM_HAS_DEVICE_ATTR_vm(r8, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x33da, 0xffffff47}) (async) syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe) (async) 7m51.177673407s ago: executing program 9 (id=435): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r3, 0x4018aee3, &(0x7f0000000100)=@attr_irq_timer={0x0, 0x1, 0x0, 0x0}) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x943, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x613, 0x0, 0x0}) 7m40.323852297s ago: executing program 1 (id=436): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x200000, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000966000/0x3000)=nil, 0x930, 0x2, 0x4000010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000ff"]) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x51) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xfffffffffffffffe) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c036, &(0x7f0000000100)=0x78b}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) 7m39.496392615s ago: executing program 9 (id=437): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xc) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0xa5) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) 7m30.305752882s ago: executing program 9 (id=438): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur2={0x1, 0xf}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x4, 0x0}) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_sve={0x6080000000150537, 0x0}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x240) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) 7m27.971986551s ago: executing program 1 (id=439): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60000, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60000, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1) r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f00000000c0)={0x2851edb2}) (async) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f00000000c0)={0x2851edb2}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x7}) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0}) (async) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0}) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0x401c5820, 0x8000000000000001) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) (async) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r16, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) 7m21.391922143s ago: executing program 9 (id=440): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000f8f000/0x2000)=nil, 0x0, 0x2, 0x110, 0xffffffffffffffff, 0x0) (rerun: 64) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a9c000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) (async, rerun: 64) r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (rerun: 64) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x800, [0x69e, 0x1, 0x4, 0x3, 0x20000000]}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x4, 0x220) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5a3, 0x5, &(0x7f0000000280)=0x9}) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x8, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async) r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) 6m41.213879862s ago: executing program 52 (id=439): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60000, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60000, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1) r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f00000000c0)={0x2851edb2}) (async) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f00000000c0)={0x2851edb2}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x7}) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0}) (async) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0}) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0x401c5820, 0x8000000000000001) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) (async) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r16, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) 6m32.938596132s ago: executing program 53 (id=440): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000f8f000/0x2000)=nil, 0x0, 0x2, 0x110, 0xffffffffffffffff, 0x0) (rerun: 64) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a9c000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) (async, rerun: 64) r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (rerun: 64) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x800, [0x69e, 0x1, 0x4, 0x3, 0x20000000]}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x4, 0x220) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5a3, 0x5, &(0x7f0000000280)=0x9}) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x8, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async) r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) 14.832147853s ago: executing program 2 (id=441): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe3) 996.197563ms ago: executing program 3 (id=442): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0xf}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3) 0s ago: executing program 2 (id=443): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x90) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): [ 375.950539][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 422.193475][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:1636' (ED25519) to the list of known hosts. [ 584.257316][ T25] audit: type=1400 audit(583.500:61): avc: denied { name_bind } for pid=3307 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 586.127029][ T25] audit: type=1400 audit(585.370:62): avc: denied { execute } for pid=3308 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 586.163001][ T25] audit: type=1400 audit(585.410:63): avc: denied { execute_no_trans } for pid=3308 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 611.299557][ T25] audit: type=1400 audit(610.550:64): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 611.334421][ T25] audit: type=1400 audit(610.580:65): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 611.416951][ T3308] cgroup: Unknown subsys name 'net' [ 611.467413][ T25] audit: type=1400 audit(610.710:66): avc: denied { unmount } for pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 611.857973][ T3308] cgroup: Unknown subsys name 'cpuset' [ 611.962569][ T3308] cgroup: Unknown subsys name 'rlimit' [ 612.849003][ T25] audit: type=1400 audit(612.100:67): avc: denied { setattr } for pid=3308 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 612.868431][ T25] audit: type=1400 audit(612.110:68): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 612.893100][ T25] audit: type=1400 audit(612.140:69): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 614.071452][ T3316] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 614.091320][ T25] audit: type=1400 audit(613.340:70): avc: denied { relabelto } for pid=3316 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.110500][ T25] audit: type=1400 audit(613.360:71): avc: denied { write } for pid=3316 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 614.300160][ T25] audit: type=1400 audit(613.550:72): avc: denied { read } for pid=3308 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.322429][ T25] audit: type=1400 audit(613.560:73): avc: denied { open } for pid=3308 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.368007][ T3308] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 664.713637][ T25] audit: type=1400 audit(663.960:74): avc: denied { execmem } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 669.284150][ T25] audit: type=1400 audit(668.530:75): avc: denied { read } for pid=3320 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 669.297896][ T25] audit: type=1400 audit(668.540:76): avc: denied { read } for pid=3319 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 669.322755][ T25] audit: type=1400 audit(668.570:77): avc: denied { open } for pid=3320 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 669.398922][ T25] audit: type=1400 audit(668.630:78): avc: denied { mounton } for pid=3320 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 669.674205][ T25] audit: type=1400 audit(668.920:79): avc: denied { module_request } for pid=3320 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 670.791516][ T25] audit: type=1400 audit(670.040:80): avc: denied { sys_module } for pid=3319 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 694.323450][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 694.553743][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 694.919041][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 695.409069][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 712.004599][ T3319] hsr_slave_0: entered promiscuous mode [ 712.030928][ T3319] hsr_slave_1: entered promiscuous mode [ 713.058186][ T3320] hsr_slave_0: entered promiscuous mode [ 713.089323][ T3320] hsr_slave_1: entered promiscuous mode [ 713.118422][ T3320] debugfs: 'hsr0' already exists in 'hsr' [ 713.126602][ T3320] Cannot create hsr debugfs directory [ 718.427324][ T25] audit: type=1400 audit(717.620:81): avc: denied { create } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 718.436708][ T25] audit: type=1400 audit(717.670:82): avc: denied { write } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 718.492237][ T25] audit: type=1400 audit(717.740:83): avc: denied { read } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 718.593505][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 718.921075][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 719.161387][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 719.521779][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 720.933446][ T3320] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 721.178253][ T3320] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 721.396965][ T3320] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 721.561129][ T3320] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 733.748707][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 735.580628][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 790.820168][ T3319] veth0_vlan: entered promiscuous mode [ 791.214600][ T3319] veth1_vlan: entered promiscuous mode [ 793.140738][ T3319] veth0_macvtap: entered promiscuous mode [ 793.202226][ T3320] veth0_vlan: entered promiscuous mode [ 793.651001][ T3319] veth1_macvtap: entered promiscuous mode [ 794.181726][ T3320] veth1_vlan: entered promiscuous mode [ 796.001889][ T3370] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.018155][ T3370] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.033342][ T3370] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.042363][ T3370] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.877450][ T3320] veth0_macvtap: entered promiscuous mode [ 797.653143][ T3320] veth1_macvtap: entered promiscuous mode [ 798.391556][ T25] audit: type=1400 audit(797.640:84): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 798.534327][ T25] audit: type=1400 audit(797.780:85): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.btsDkx/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 798.822701][ T25] audit: type=1400 audit(798.070:86): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 799.276010][ T25] audit: type=1400 audit(798.510:87): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.btsDkx/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 799.381374][ T25] audit: type=1400 audit(798.630:88): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.btsDkx/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 799.812848][ T3434] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.851835][ T3434] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.858772][ T3434] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.909221][ T3358] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.022510][ T25] audit: type=1400 audit(799.270:89): avc: denied { unmount } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 800.309558][ T25] audit: type=1400 audit(799.550:90): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 800.467737][ T25] audit: type=1400 audit(799.710:91): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=3769 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 800.770685][ T25] audit: type=1400 audit(800.020:92): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 800.911867][ T25] audit: type=1400 audit(800.120:93): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 802.289503][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 813.786246][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 813.792823][ T25] audit: type=1400 audit(813.020:98): avc: denied { read } for pid=3474 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 813.937452][ T25] audit: type=1400 audit(813.140:99): avc: denied { open } for pid=3474 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 814.401889][ T25] audit: type=1400 audit(813.650:100): avc: denied { ioctl } for pid=3474 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 829.783511][ T25] audit: type=1400 audit(829.030:101): avc: denied { write } for pid=3492 comm="syz.1.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 901.228534][ T25] audit: type=1400 audit(900.470:102): avc: denied { execute } for pid=3538 comm="syz.1.19" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4680 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1055.712551][ T3583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1056.022748][ T3583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1066.649003][ T3590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1066.928889][ T3590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1084.792557][ T3583] hsr_slave_0: entered promiscuous mode [ 1084.890422][ T3583] hsr_slave_1: entered promiscuous mode [ 1084.914211][ T3583] debugfs: 'hsr0' already exists in 'hsr' [ 1084.966224][ T3583] Cannot create hsr debugfs directory [ 1094.384344][ T3590] hsr_slave_0: entered promiscuous mode [ 1094.521037][ T3590] hsr_slave_1: entered promiscuous mode [ 1094.631165][ T3590] debugfs: 'hsr0' already exists in 'hsr' [ 1094.634416][ T3590] Cannot create hsr debugfs directory [ 1099.477289][ T3583] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1100.082939][ T3583] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1100.268903][ T3583] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1100.776665][ T3583] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1111.399881][ T3590] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1111.781071][ T3590] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1112.177465][ T3590] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1112.494071][ T3590] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1122.442392][ T3370] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1123.824472][ T3370] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1125.404140][ T3370] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1126.894390][ T3370] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1145.310517][ T3370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1145.409834][ T3370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1145.501794][ T3370] bond0 (unregistering): Released all slaves [ 1146.969800][ T3370] hsr_slave_0: left promiscuous mode [ 1147.032889][ T3370] hsr_slave_1: left promiscuous mode [ 1147.428927][ T3370] veth1_macvtap: left promiscuous mode [ 1147.435683][ T3370] veth0_macvtap: left promiscuous mode [ 1147.455559][ T3370] veth1_vlan: left promiscuous mode [ 1147.469981][ T3370] veth0_vlan: left promiscuous mode [ 1162.693683][ T3583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1166.639368][ T3370] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.017024][ T3370] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.980354][ T3370] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.877798][ T3590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1170.392383][ T3370] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1188.267808][ T3370] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1188.797431][ T3370] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1188.987836][ T3370] bond0 (unregistering): Released all slaves [ 1191.391125][ T3370] hsr_slave_0: left promiscuous mode [ 1191.467446][ T3370] hsr_slave_1: left promiscuous mode [ 1191.996182][ T3370] veth1_macvtap: left promiscuous mode [ 1192.017604][ T3370] veth0_macvtap: left promiscuous mode [ 1192.044104][ T3370] veth1_vlan: left promiscuous mode [ 1192.057292][ T3370] veth0_vlan: left promiscuous mode [ 1277.367401][ T3583] veth0_vlan: entered promiscuous mode [ 1278.109965][ T3583] veth1_vlan: entered promiscuous mode [ 1280.458752][ T3583] veth0_macvtap: entered promiscuous mode [ 1280.839323][ T3583] veth1_macvtap: entered promiscuous mode [ 1283.666038][ T3668] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.671243][ T3668] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.688859][ T3668] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.949581][ T3358] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1284.908177][ T3590] veth0_vlan: entered promiscuous mode [ 1286.297887][ T3590] veth1_vlan: entered promiscuous mode [ 1289.608647][ T3590] veth0_macvtap: entered promiscuous mode [ 1290.058531][ T3590] veth1_macvtap: entered promiscuous mode [ 1292.913740][ T3370] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.920010][ T3370] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.991761][ T3668] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1293.043036][ T3667] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1432.796136][ T25] audit: type=1400 audit(1431.960:103): avc: denied { append } for pid=3868 comm="syz.2.54" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1502.552420][ T25] audit: type=1400 audit(1501.750:104): avc: denied { map } for pid=3904 comm="syz.3.60" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1502.576410][ T25] audit: type=1400 audit(1501.820:105): avc: denied { execute } for pid=3904 comm="syz.3.60" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1832.838286][ T4084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1833.184622][ T4084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1837.527043][ T4086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1837.880334][ T4086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1846.622044][ T3365] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1848.350338][ T3365] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1849.742525][ T3365] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1851.539414][ T3365] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1870.913688][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1871.010246][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1871.103426][ T3365] bond0 (unregistering): Released all slaves [ 1873.228262][ T3365] hsr_slave_0: left promiscuous mode [ 1873.290549][ T3365] hsr_slave_1: left promiscuous mode [ 1873.846551][ T3365] veth1_macvtap: left promiscuous mode [ 1873.847893][ T3365] veth0_macvtap: left promiscuous mode [ 1873.862003][ T3365] veth1_vlan: left promiscuous mode [ 1873.900465][ T3365] veth0_vlan: left promiscuous mode [ 1890.841312][ T4084] hsr_slave_0: entered promiscuous mode [ 1890.901376][ T4084] hsr_slave_1: entered promiscuous mode [ 1892.153123][ T4086] hsr_slave_0: entered promiscuous mode [ 1892.203609][ T4086] hsr_slave_1: entered promiscuous mode [ 1892.291593][ T4086] debugfs: 'hsr0' already exists in 'hsr' [ 1892.307271][ T4086] Cannot create hsr debugfs directory [ 1895.512120][ T3365] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1897.201606][ T3365] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1898.948577][ T3365] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1900.193215][ T3365] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1921.308549][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1921.431294][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1921.493809][ T3365] bond0 (unregistering): Released all slaves [ 1922.693761][ T3365] hsr_slave_0: left promiscuous mode [ 1922.740230][ T3365] hsr_slave_1: left promiscuous mode [ 1922.892992][ T3365] veth1_macvtap: left promiscuous mode [ 1922.903205][ T3365] veth0_macvtap: left promiscuous mode [ 1922.928385][ T3365] veth1_vlan: left promiscuous mode [ 1922.932650][ T3365] veth0_vlan: left promiscuous mode [ 1936.501704][ T4084] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1937.618004][ T4084] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1938.162549][ T4084] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1939.311830][ T4084] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1942.592457][ T4086] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1942.970285][ T4086] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1943.264644][ T4086] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1943.593120][ T4086] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1966.440345][ T4084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1971.761480][ T4086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2094.258679][ T4084] veth0_vlan: entered promiscuous mode [ 2095.360054][ T4084] veth1_vlan: entered promiscuous mode [ 2099.821859][ T4086] veth0_vlan: entered promiscuous mode [ 2100.392504][ T4084] veth0_macvtap: entered promiscuous mode [ 2101.530515][ T4084] veth1_macvtap: entered promiscuous mode [ 2102.092095][ T4086] veth1_vlan: entered promiscuous mode [ 2106.780727][ T4078] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2106.848464][ T4101] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2106.943563][ T3358] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2106.950656][ T3358] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2108.580765][ T4086] veth0_macvtap: entered promiscuous mode [ 2109.793933][ T4086] veth1_macvtap: entered promiscuous mode [ 2115.569380][ T2154] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2115.607177][ T3668] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2115.608539][ T3668] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2115.617701][ T3668] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2360.112499][ T4101] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2362.898222][ T4101] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2365.369486][ T4101] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2367.923576][ T4101] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2399.384501][ T4101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2399.766443][ T4101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2400.098701][ T4101] bond0 (unregistering): Released all slaves [ 2403.888037][ T4101] hsr_slave_0: left promiscuous mode [ 2404.059000][ T4101] hsr_slave_1: left promiscuous mode [ 2405.072870][ T4101] veth1_macvtap: left promiscuous mode [ 2405.074180][ T4101] veth0_macvtap: left promiscuous mode [ 2405.077378][ T4101] veth1_vlan: left promiscuous mode [ 2405.078788][ T4101] veth0_vlan: left promiscuous mode [ 2438.102803][ T25] audit: type=1400 audit(2437.310:106): avc: denied { setattr } for pid=4476 comm="syz.4.121" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2508.952203][ T4419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2509.417617][ T4419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2554.061651][ T4419] hsr_slave_0: entered promiscuous mode [ 2554.121699][ T4419] hsr_slave_1: entered promiscuous mode [ 2554.222365][ T4419] debugfs: 'hsr0' already exists in 'hsr' [ 2554.295917][ T4419] Cannot create hsr debugfs directory [ 2579.683036][ T4419] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2580.284021][ T4419] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2580.700743][ T4419] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2581.250023][ T4419] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2620.611008][ T4419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2803.692940][ T4419] veth0_vlan: entered promiscuous mode [ 2805.292555][ T4419] veth1_vlan: entered promiscuous mode [ 2809.452877][ T4419] veth0_macvtap: entered promiscuous mode [ 2810.132376][ T4419] veth1_macvtap: entered promiscuous mode [ 2814.677619][ T3365] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2814.707212][ T3365] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2814.738932][ T3668] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2814.778460][ T4101] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2944.329124][ T4431] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2946.764607][ T4431] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2949.113785][ T4431] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2951.508477][ T4431] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2977.087408][ T4431] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2977.759821][ T4431] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2978.090702][ T4431] bond0 (unregistering): Released all slaves [ 2980.830344][ T4431] hsr_slave_0: left promiscuous mode [ 2980.997910][ T4431] hsr_slave_1: left promiscuous mode [ 2981.638034][ T4431] veth1_macvtap: left promiscuous mode [ 2981.641526][ T4431] veth0_macvtap: left promiscuous mode [ 2981.658735][ T4431] veth1_vlan: left promiscuous mode [ 2981.666911][ T4431] veth0_vlan: left promiscuous mode [ 3014.472296][ T4199] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3016.004548][ T4199] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3017.659253][ T4199] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3018.854246][ T4199] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3041.112463][ T4199] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3041.317010][ T4199] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3041.387019][ T4199] bond0 (unregistering): Released all slaves [ 3043.022180][ T4199] hsr_slave_0: left promiscuous mode [ 3043.130882][ T4199] hsr_slave_1: left promiscuous mode [ 3043.490999][ T4199] veth1_macvtap: left promiscuous mode [ 3043.508979][ T4199] veth0_macvtap: left promiscuous mode [ 3043.513425][ T4199] veth1_vlan: left promiscuous mode [ 3043.538551][ T4199] veth0_vlan: left promiscuous mode [ 3103.526509][ T4781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3103.858554][ T4781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3108.172137][ T4784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3108.484566][ T4784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3141.326258][ T4781] hsr_slave_0: entered promiscuous mode [ 3141.353334][ T4781] hsr_slave_1: entered promiscuous mode [ 3145.261798][ T4784] hsr_slave_0: entered promiscuous mode [ 3145.341841][ T4784] hsr_slave_1: entered promiscuous mode [ 3145.428598][ T4784] debugfs: 'hsr0' already exists in 'hsr' [ 3145.445795][ T4784] Cannot create hsr debugfs directory [ 3162.189086][ T4781] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3162.871569][ T4781] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3163.361163][ T4781] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3164.160733][ T4781] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3171.774489][ T4784] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3172.303447][ T4784] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3172.934213][ T4784] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3173.666990][ T4784] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3205.920400][ T4781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3212.463268][ T4784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3376.058581][ T4781] veth0_vlan: entered promiscuous mode [ 3377.628939][ T4781] veth1_vlan: entered promiscuous mode [ 3383.138830][ T4784] veth0_vlan: entered promiscuous mode [ 3384.220483][ T4781] veth0_macvtap: entered promiscuous mode [ 3385.617550][ T4781] veth1_macvtap: entered promiscuous mode [ 3385.851694][ T4784] veth1_vlan: entered promiscuous mode [ 3392.513935][ T4101] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3392.527283][ T4101] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3392.538429][ T4101] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3392.573974][ T3457] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3392.809796][ T4784] veth0_macvtap: entered promiscuous mode [ 3393.908540][ T4784] veth1_macvtap: entered promiscuous mode [ 3400.993337][ T3365] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3401.019002][ T3457] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3401.048560][ T3457] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3401.102012][ T4078] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3636.871041][ T3365] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3639.789613][ T3365] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3642.232826][ T3365] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3644.869195][ T3365] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3686.627596][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3687.371166][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3687.979173][ T3365] bond0 (unregistering): Released all slaves [ 3692.927754][ T3365] hsr_slave_0: left promiscuous mode [ 3693.206537][ T3365] hsr_slave_1: left promiscuous mode [ 3694.455535][ T3365] veth1_macvtap: left promiscuous mode [ 3694.587546][ T3365] veth0_macvtap: left promiscuous mode [ 3694.611081][ T3365] veth1_vlan: left promiscuous mode [ 3694.639681][ T3365] veth0_vlan: left promiscuous mode [ 3838.151054][ T5124] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3838.690948][ T5124] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3891.443158][ T5124] hsr_slave_0: entered promiscuous mode [ 3891.641169][ T5124] hsr_slave_1: entered promiscuous mode [ 3923.909321][ T5124] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3924.731974][ T5124] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3925.537159][ T5124] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3926.238003][ T5124] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3977.891697][ T5124] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4211.688367][ T5124] veth0_vlan: entered promiscuous mode [ 4317.836199][ T4793] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4318.556831][ T4793] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4319.356550][ T4793] bond0 (unregistering): Released all slaves [ 4323.268126][ T4793] hsr_slave_0: left promiscuous mode [ 4323.420967][ T4793] hsr_slave_1: left promiscuous mode [ 4324.579132][ T4793] veth0_vlan: left promiscuous mode [ 4472.024464][ T5428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4472.879497][ T5428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4522.980070][ T25] audit: type=1400 audit(4522.200:107): avc: denied { map } for pid=5540 comm="syz.8.216" path="pipe:[14540]" dev="pipefs" ino=14540 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 4534.492249][ T5428] hsr_slave_0: entered promiscuous mode [ 4534.682852][ T5428] hsr_slave_1: entered promiscuous mode [ 4583.668869][ T5428] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4584.503103][ T5428] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4585.260859][ T5428] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4585.937302][ T5428] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4637.183337][ T5428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4926.512250][ T3358] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4927.293360][ T3358] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4927.830354][ T3358] bond0 (unregistering): Released all slaves [ 4932.309036][ T3358] hsr_slave_0: left promiscuous mode [ 4932.449297][ T3358] hsr_slave_1: left promiscuous mode [ 5078.431724][ T5708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5078.966910][ T5708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5139.920542][ T5708] hsr_slave_0: entered promiscuous mode [ 5140.050439][ T5708] hsr_slave_1: entered promiscuous mode [ 5154.473195][ T5679] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5156.606224][ T5679] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5159.373368][ T5679] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5161.551386][ T5679] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5194.970404][ T5679] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5195.150550][ T5679] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5195.231978][ T5679] bond0 (unregistering): Released all slaves [ 5199.087191][ T5679] hsr_slave_0: left promiscuous mode [ 5199.336987][ T5679] hsr_slave_1: left promiscuous mode [ 5199.933296][ T5679] veth1_macvtap: left promiscuous mode [ 5199.944199][ T5679] veth0_macvtap: left promiscuous mode [ 5200.067794][ T5679] veth1_vlan: left promiscuous mode [ 5200.069692][ T5679] veth0_vlan: left promiscuous mode [ 5242.058635][ T5708] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 5242.777676][ T5708] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 5243.414412][ T5708] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 5244.081065][ T5708] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 5279.573417][ T5708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5287.619031][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5288.080695][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5338.344047][ T5800] hsr_slave_0: entered promiscuous mode [ 5338.551865][ T5800] hsr_slave_1: entered promiscuous mode [ 5338.779171][ T5800] debugfs: 'hsr0' already exists in 'hsr' [ 5338.782198][ T5800] Cannot create hsr debugfs directory [ 5380.421683][ T5800] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 5381.084245][ T5800] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 5381.919937][ T5800] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 5382.503507][ T5800] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 5426.239557][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5510.933387][ T5710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5511.112542][ T5710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5511.272515][ T5710] bond0 (unregistering): Released all slaves [ 5515.247846][ T5710] hsr_slave_0: left promiscuous mode [ 5515.707843][ T5710] hsr_slave_1: left promiscuous mode [ 5621.814250][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5622.229592][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5631.593181][ T5800] veth0_vlan: entered promiscuous mode [ 5632.733776][ T5800] veth1_vlan: entered promiscuous mode [ 5636.918528][ T5800] veth0_macvtap: entered promiscuous mode [ 5637.780077][ T5800] veth1_macvtap: entered promiscuous mode [ 5642.091257][ T5710] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5642.093687][ T5710] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5642.113026][ T5710] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5642.221047][ T5159] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5676.328165][ T5957] hsr_slave_0: entered promiscuous mode [ 5676.556996][ T5957] hsr_slave_1: entered promiscuous mode [ 5718.592704][ T5957] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 5719.413953][ T5957] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 5719.973258][ T5957] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 5720.583910][ T5957] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 5772.454173][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5946.483930][ T4101] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5949.218458][ T4101] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5951.552878][ T4101] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5954.151342][ T4101] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5988.043956][ T4101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5988.644212][ T4101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5989.090540][ T4101] bond0 (unregistering): Released all slaves [ 5993.449551][ T4101] hsr_slave_0: left promiscuous mode [ 5993.660362][ T4101] hsr_slave_1: left promiscuous mode [ 5994.645346][ T4101] veth1_macvtap: left promiscuous mode [ 5994.662347][ T4101] veth0_macvtap: left promiscuous mode [ 5994.709330][ T4101] veth1_vlan: left promiscuous mode [ 5994.768015][ T4101] veth0_vlan: left promiscuous mode [ 6111.082997][ T4101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6111.249330][ T4101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6111.320286][ T4101] bond0 (unregistering): Released all slaves [ 6114.739241][ T4101] hsr_slave_0: left promiscuous mode [ 6115.067507][ T4101] hsr_slave_1: left promiscuous mode [ 6166.724560][ T6176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6167.103628][ T6176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6210.513559][ T6176] hsr_slave_0: entered promiscuous mode [ 6210.649922][ T6176] hsr_slave_1: entered promiscuous mode [ 6214.647524][ T6219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6215.068907][ T6219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6246.692125][ T6176] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 6247.301818][ T6176] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 6248.221050][ T6176] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 6248.950588][ T6176] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 6262.681594][ T6219] hsr_slave_0: entered promiscuous mode [ 6262.852159][ T6219] hsr_slave_1: entered promiscuous mode [ 6262.933810][ T6219] debugfs: 'hsr0' already exists in 'hsr' [ 6263.021680][ T6219] Cannot create hsr debugfs directory [ 6293.792903][ T6176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6300.283154][ T6219] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 6301.068022][ T6219] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 6301.753398][ T6219] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 6302.486797][ T6219] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 6343.332320][ T6219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6445.834263][ T6176] veth0_vlan: entered promiscuous mode [ 6447.062573][ T6176] veth1_vlan: entered promiscuous mode [ 6451.639436][ T6176] veth0_macvtap: entered promiscuous mode [ 6452.388721][ T6176] veth1_macvtap: entered promiscuous mode [ 6456.708666][ T5962] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6456.770288][ T4793] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6456.773215][ T4793] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6456.774049][ T4793] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6533.541765][ T6219] veth0_vlan: entered promiscuous mode [ 6534.851803][ T6219] veth1_vlan: entered promiscuous mode [ 6539.690536][ T6219] veth0_macvtap: entered promiscuous mode [ 6540.682400][ T6219] veth1_macvtap: entered promiscuous mode [ 6545.718423][ T5837] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6545.748199][ T4941] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6545.856916][ T5962] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6545.911435][ T5381] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6788.002765][ T3457] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6790.352280][ T3457] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6792.743940][ T3457] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6794.783853][ T3457] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6826.704249][ T3457] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6826.881881][ T3457] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6827.050199][ T3457] bond0 (unregistering): Released all slaves [ 6828.937580][ T3457] hsr_slave_0: left promiscuous mode [ 6829.052683][ T3457] hsr_slave_1: left promiscuous mode [ 6829.612983][ T3457] veth1_macvtap: left promiscuous mode [ 6829.687682][ T3457] veth0_macvtap: left promiscuous mode [ 6829.702303][ T3457] veth1_vlan: left promiscuous mode [ 6829.703821][ T3457] veth0_vlan: left promiscuous mode [ 6870.691117][ T3457] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6873.694255][ T3457] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6875.506373][ T3457] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6876.832939][ T3457] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6902.159129][ T3457] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6902.567358][ T3457] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6902.888199][ T3457] bond0 (unregistering): Released all slaves [ 6906.448471][ T3457] hsr_slave_0: left promiscuous mode [ 6906.587953][ T3457] hsr_slave_1: left promiscuous mode [ 6907.347036][ T3457] veth1_macvtap: left promiscuous mode [ 6907.348485][ T3457] veth0_macvtap: left promiscuous mode [ 6907.362257][ T3457] veth1_vlan: left promiscuous mode [ 6907.363752][ T3457] veth0_vlan: left promiscuous mode [ 6952.803040][ T6540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6953.159872][ T6540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6961.751599][ T6555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6962.132977][ T6555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6994.162007][ T6540] hsr_slave_0: entered promiscuous mode [ 6994.210808][ T6540] hsr_slave_1: entered promiscuous mode [ 7004.347913][ T6555] hsr_slave_0: entered promiscuous mode [ 7004.368909][ T6555] hsr_slave_1: entered promiscuous mode [ 7004.399354][ T6555] debugfs: 'hsr0' already exists in 'hsr' [ 7004.402382][ T6555] Cannot create hsr debugfs directory [ 7031.677662][ T6540] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 7032.439632][ T6540] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 7034.691631][ T6540] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 7035.487884][ T6540] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 7048.619104][ T6555] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 7049.179070][ T6555] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 7049.787661][ T6555] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 7050.502469][ T6555] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 7072.138719][ T6540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7082.183517][ T6555] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7199.723276][ T6540] veth0_vlan: entered promiscuous mode [ 7200.800421][ T6540] veth1_vlan: entered promiscuous mode [ 7204.614370][ T6540] veth0_macvtap: entered promiscuous mode [ 7205.280039][ T6540] veth1_macvtap: entered promiscuous mode [ 7209.516546][ T5159] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7209.550123][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7209.590431][ T4793] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7209.606184][ T4793] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7213.382108][ T6555] veth0_vlan: entered promiscuous mode [ 7215.783984][ T6555] veth1_vlan: entered promiscuous mode [ 7220.683764][ T6555] veth0_macvtap: entered promiscuous mode [ 7221.479553][ T6555] veth1_macvtap: entered promiscuous mode [ 7226.310338][ T3434] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7226.313072][ T3434] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7226.437883][ T3434] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7226.480938][ T3434] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7400.968970][ T4101] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7405.716322][ T4101] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7407.949928][ T4101] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7409.991213][ T4101] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7435.681951][ T4101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7436.426511][ T4101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7436.668617][ T4101] bond0 (unregistering): Released all slaves [ 7439.310159][ T4101] hsr_slave_0: left promiscuous mode [ 7439.428106][ T4101] hsr_slave_1: left promiscuous mode [ 7440.259215][ T4101] veth1_macvtap: left promiscuous mode [ 7440.335551][ T4101] veth0_macvtap: left promiscuous mode [ 7440.365414][ T4101] veth1_vlan: left promiscuous mode [ 7440.390596][ T4101] veth0_vlan: left promiscuous mode [ 7476.373493][ T4101] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7477.970233][ T4101] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7479.478936][ T4101] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7480.612304][ T4101] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7502.724060][ T4101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7503.053460][ T4101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7503.271877][ T4101] bond0 (unregistering): Released all slaves [ 7505.177794][ T4101] hsr_slave_0: left promiscuous mode [ 7505.230727][ T4101] hsr_slave_1: left promiscuous mode [ 7505.691223][ T4101] veth1_macvtap: left promiscuous mode [ 7505.708667][ T4101] veth0_macvtap: left promiscuous mode [ 7505.720391][ T4101] veth1_vlan: left promiscuous mode [ 7505.726940][ T4101] veth0_vlan: left promiscuous mode [ 7565.400536][ T6858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7566.450722][ T6858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7569.449480][ T6863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7569.817720][ T6863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7602.049769][ T6858] hsr_slave_0: entered promiscuous mode [ 7602.104236][ T6858] hsr_slave_1: entered promiscuous mode [ 7605.191600][ T6863] hsr_slave_0: entered promiscuous mode [ 7605.274071][ T6863] hsr_slave_1: entered promiscuous mode [ 7605.343736][ T6863] debugfs: 'hsr0' already exists in 'hsr' [ 7605.436457][ T6863] Cannot create hsr debugfs directory [ 7638.838741][ T6858] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 7639.734228][ T6858] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 7640.492534][ T6858] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 7642.016561][ T6858] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 7647.738687][ T6863] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 7648.061693][ T6863] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 7648.457712][ T6863] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 7648.873586][ T6863] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 7674.501182][ T6858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7679.352785][ T6863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7814.849656][ T6858] veth0_vlan: entered promiscuous mode [ 7815.892101][ T6858] veth1_vlan: entered promiscuous mode [ 7820.648657][ T6863] veth0_vlan: entered promiscuous mode [ 7821.158212][ T6858] veth0_macvtap: entered promiscuous mode [ 7822.328498][ T6858] veth1_macvtap: entered promiscuous mode [ 7822.766307][ T6863] veth1_vlan: entered promiscuous mode [ 7827.930615][ T6178] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7828.226796][ T6178] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7828.573943][ T6883] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7828.601510][ T6883] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7829.390541][ T6863] veth0_macvtap: entered promiscuous mode [ 7830.794326][ T6863] veth1_macvtap: entered promiscuous mode [ 7836.886548][ T4941] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7836.927897][ T4941] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7836.982168][ T4941] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7836.987116][ T4941] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8159.428816][ T7285] kvm [7285]: Failed to find VMA for hva 0x20c01000 [ 8492.519915][ T7398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8493.072361][ T7398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8511.203341][ T7407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8511.688696][ T7407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8543.861851][ T7398] hsr_slave_0: entered promiscuous mode [ 8544.012935][ T7398] hsr_slave_1: entered promiscuous mode [ 8544.124331][ T7398] debugfs: 'hsr0' already exists in 'hsr' [ 8544.256965][ T7398] Cannot create hsr debugfs directory [ 8555.357041][ T6867] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8557.449131][ T6867] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8559.422974][ T6867] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8561.773153][ T6867] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8567.721142][ T7407] hsr_slave_0: entered promiscuous mode [ 8567.840748][ T7407] hsr_slave_1: entered promiscuous mode [ 8567.874516][ T7407] debugfs: 'hsr0' already exists in 'hsr' [ 8567.878752][ T7407] Cannot create hsr debugfs directory [ 8593.433187][ T6867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8593.871003][ T6867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8594.170809][ T6867] bond0 (unregistering): Released all slaves [ 8598.462635][ T6867] hsr_slave_0: left promiscuous mode [ 8598.608051][ T6867] hsr_slave_1: left promiscuous mode [ 8599.338287][ T6867] veth1_macvtap: left promiscuous mode [ 8599.348725][ T6867] veth0_macvtap: left promiscuous mode [ 8599.379330][ T6867] veth1_vlan: left promiscuous mode [ 8599.402492][ T6867] veth0_vlan: left promiscuous mode [ 8637.802800][ T6867] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8639.970838][ T6867] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8640.207785][ T7398] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 8640.510186][ T7398] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 8642.130754][ T6867] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8642.312644][ T7398] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 8642.882763][ T6867] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8643.282597][ T7398] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 8670.930487][ T6867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8671.254263][ T6867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8671.453851][ T6867] bond0 (unregistering): Released all slaves [ 8674.089208][ T6867] hsr_slave_0: left promiscuous mode [ 8674.138962][ T6867] hsr_slave_1: left promiscuous mode [ 8674.717496][ T6867] veth1_macvtap: left promiscuous mode [ 8674.721994][ T6867] veth0_macvtap: left promiscuous mode [ 8674.760336][ T6867] veth1_vlan: left promiscuous mode [ 8674.768209][ T6867] veth0_vlan: left promiscuous mode [ 8696.540363][ T7407] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 8697.073208][ T7407] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 8697.609981][ T7407] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 8698.004541][ T7407] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 8708.183012][ T7398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8727.490451][ T7407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8826.122894][ T7398] veth0_vlan: entered promiscuous mode [ 8826.924407][ T7398] veth1_vlan: entered promiscuous mode [ 8830.308849][ T7398] veth0_macvtap: entered promiscuous mode [ 8830.917266][ T7398] veth1_macvtap: entered promiscuous mode [ 8834.033739][ T6883] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8834.058899][ T6883] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8834.176854][ T6883] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8834.192132][ T6883] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8849.856540][ T7407] veth0_vlan: entered promiscuous mode [ 8850.754282][ T7407] veth1_vlan: entered promiscuous mode [ 8854.834324][ T7407] veth0_macvtap: entered promiscuous mode [ 8855.430492][ T7407] veth1_macvtap: entered promiscuous mode [ 8859.418292][ T5962] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8859.446721][ T5962] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8859.506668][ T3434] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8859.508043][ T3434] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8957.248583][ T5455] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8959.499668][ T5455] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8961.463767][ T5455] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8963.630782][ T5455] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8992.528893][ T5455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8992.900460][ T5455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8993.097994][ T5455] bond0 (unregistering): Released all slaves [ 8995.337687][ T5455] hsr_slave_0: left promiscuous mode [ 8995.508807][ T5455] hsr_slave_1: left promiscuous mode [ 8996.190136][ T5455] veth1_macvtap: left promiscuous mode [ 8996.193483][ T5455] veth0_macvtap: left promiscuous mode [ 8996.238313][ T5455] veth1_vlan: left promiscuous mode [ 8996.285492][ T5455] veth0_vlan: left promiscuous mode [ 9105.328937][ T7724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9105.603768][ T7724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9144.104060][ T7724] hsr_slave_0: entered promiscuous mode [ 9144.244614][ T7724] hsr_slave_1: entered promiscuous mode [ 9174.329436][ T7724] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 9174.771330][ T7724] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 9175.233888][ T7724] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 9175.912320][ T7724] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 9212.049569][ T7724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9226.412603][ T5962] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9228.062329][ T5962] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9229.581351][ T5962] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9231.200746][ T5962] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9254.143506][ T5962] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9255.021416][ T5962] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9255.583846][ T5962] bond0 (unregistering): Released all slaves [ 9258.446186][ T5962] hsr_slave_0: left promiscuous mode [ 9258.527317][ T5962] hsr_slave_1: left promiscuous mode [ 9259.268192][ T5962] veth1_macvtap: left promiscuous mode [ 9259.278917][ T5962] veth0_macvtap: left promiscuous mode [ 9259.300523][ T5962] veth1_vlan: left promiscuous mode [ 9259.337458][ T5962] veth0_vlan: left promiscuous mode [ 9335.993446][ T7888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9336.214250][ T7888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9364.673672][ T7888] hsr_slave_0: entered promiscuous mode [ 9364.783794][ T7888] hsr_slave_1: entered promiscuous mode [ 9364.828384][ T7888] debugfs: 'hsr0' already exists in 'hsr' [ 9364.857545][ T7888] Cannot create hsr debugfs directory [ 9393.550522][ T7724] veth0_vlan: entered promiscuous mode [ 9393.960719][ T7888] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 9394.497739][ T7888] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 9395.166711][ T7888] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 9395.764438][ T7888] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 9396.423166][ T7724] veth1_vlan: entered promiscuous mode [ 9400.092068][ T7724] veth0_macvtap: entered promiscuous mode [ 9400.479231][ T7724] veth1_macvtap: entered promiscuous mode [ 9403.718955][ T6560] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9403.727627][ T6560] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9403.798849][ T6560] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9403.830746][ T6560] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9425.999935][ T7888] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9547.099261][ T7888] veth0_vlan: entered promiscuous mode [ 9548.323112][ T7888] veth1_vlan: entered promiscuous mode [ 9551.341733][ T7888] veth0_macvtap: entered promiscuous mode [ 9551.940853][ T7888] veth1_macvtap: entered promiscuous mode [ 9555.216900][ T6883] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9555.284145][ T5159] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9555.348519][ T5159] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9555.352614][ T5159] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9609.580206][ T6178] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9611.753686][ T6178] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9614.283421][ T6178] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9616.671024][ T6178] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9645.090678][ T6178] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9645.547401][ T6178] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9645.847710][ T6178] bond0 (unregistering): Released all slaves [ 9648.177556][ T6178] hsr_slave_0: left promiscuous mode [ 9648.419353][ T6178] hsr_slave_1: left promiscuous mode [ 9649.049424][ T6178] veth1_macvtap: left promiscuous mode [ 9649.053821][ T6178] veth0_macvtap: left promiscuous mode [ 9649.071383][ T6178] veth1_vlan: left promiscuous mode [ 9649.097466][ T6178] veth0_vlan: left promiscuous mode [ 9727.863285][ T8127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9728.208192][ T8127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9760.899386][ T8127] hsr_slave_0: entered promiscuous mode [ 9760.950515][ T8127] hsr_slave_1: entered promiscuous mode [ 9784.214621][ T6560] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9786.221925][ T6560] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9787.772135][ T6560] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9789.829220][ T6560] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9796.593163][ T8127] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 9797.721092][ T8127] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 9798.214056][ T8127] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 9799.014219][ T8127] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 9811.507745][ T6560] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9811.897966][ T6560] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9812.077762][ T6560] bond0 (unregistering): Released all slaves [ 9813.897664][ T6560] hsr_slave_0: left promiscuous mode [ 9813.948605][ T6560] hsr_slave_1: left promiscuous mode [ 9814.239987][ T6560] veth1_macvtap: left promiscuous mode [ 9814.243310][ T6560] veth0_macvtap: left promiscuous mode [ 9814.262750][ T6560] veth1_vlan: left promiscuous mode [ 9814.276969][ T6560] veth0_vlan: left promiscuous mode [ 9846.820463][ T8127] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9868.064369][ T8236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9868.561011][ T8236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9893.902511][ T8236] hsr_slave_0: entered promiscuous mode [ 9894.026438][ T8236] hsr_slave_1: entered promiscuous mode [ 9894.067744][ T8236] debugfs: 'hsr0' already exists in 'hsr' [ 9894.076566][ T8236] Cannot create hsr debugfs directory [ 9914.973657][ T8236] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 9915.401139][ T8236] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 9915.736871][ T8236] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 9916.127527][ T8236] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 9937.728870][ T8127] veth0_vlan: entered promiscuous mode [ 9939.091880][ T8127] veth1_vlan: entered promiscuous mode [ 9942.681787][ T8236] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9942.730795][ T8127] veth0_macvtap: entered promiscuous mode [ 9943.298578][ T8127] veth1_macvtap: entered promiscuous mode [ 9946.169485][ T8138] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9946.180799][ T8138] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9946.211041][ T8138] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9946.218207][ T8138] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9958.480612][ T8375] kvm [8375]: Failed to find VMA for hva 0x21016000 [10064.128005][ T8236] veth0_vlan: entered promiscuous mode [10064.972494][ T8236] veth1_vlan: entered promiscuous mode [10067.623474][ T8236] veth0_macvtap: entered promiscuous mode [10067.949776][ T8236] veth1_macvtap: entered promiscuous mode [10071.393435][ T5455] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10071.412538][ T5455] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10071.441367][ T5455] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10071.468542][ T5455] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10514.173417][ T8712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10514.579088][ T8712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10525.990770][ T8719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10526.417515][ T8719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10550.874314][ T8712] hsr_slave_0: entered promiscuous mode [10550.980585][ T8712] hsr_slave_1: entered promiscuous mode [10551.147693][ T8712] debugfs: 'hsr0' already exists in 'hsr' [10551.156181][ T8712] Cannot create hsr debugfs directory [10562.803274][ T8719] hsr_slave_0: entered promiscuous mode [10562.862131][ T8719] hsr_slave_1: entered promiscuous mode [10562.894182][ T8719] debugfs: 'hsr0' already exists in 'hsr' [10562.958344][ T8719] Cannot create hsr debugfs directory [10589.288612][ T8712] netdevsim netdevsim2 netdevsim0: renamed from eth0 [10591.236806][ T8712] netdevsim netdevsim2 netdevsim1: renamed from eth1 [10593.558508][ T8712] netdevsim netdevsim2 netdevsim2: renamed from eth2 [10595.358531][ T8712] netdevsim netdevsim2 netdevsim3: renamed from eth3 [10606.723842][ T8719] netdevsim netdevsim3 netdevsim0: renamed from eth0 [10607.344316][ T8719] netdevsim netdevsim3 netdevsim1: renamed from eth1 [10607.872446][ T8719] netdevsim netdevsim3 netdevsim2: renamed from eth2 [10608.344277][ T8719] netdevsim netdevsim3 netdevsim3: renamed from eth3 [10634.351863][ T8712] 8021q: adding VLAN 0 to HW filter on device bond0 [10645.080223][ T8719] 8021q: adding VLAN 0 to HW filter on device bond0 [10784.299332][ T8712] veth0_vlan: entered promiscuous mode [10785.720490][ T8712] veth1_vlan: entered promiscuous mode [10789.951415][ T8712] veth0_macvtap: entered promiscuous mode [10790.914346][ T8712] veth1_macvtap: entered promiscuous mode [10797.049677][ T8719] veth0_vlan: entered promiscuous mode [10797.171853][ T5944] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10797.178055][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10797.238040][ T5944] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10797.338589][ T8867] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10799.913451][ T8719] veth1_vlan: entered promiscuous mode [10806.582233][ T8719] veth0_macvtap: entered promiscuous mode [10807.639252][ T8719] veth1_macvtap: entered promiscuous mode [10812.545985][ T5159] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10812.650737][ T5159] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10812.662584][ T5159] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10812.693738][ T5159] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10830.060957][ T27] INFO: task syz.9.440:8687 blocked for more than 430 seconds. [10830.110328][ T27] Not tainted syzkaller #0 [10830.146390][ T27] Blocked by coredump. [10830.146945][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [10830.147468][ T27] task:syz.9.440 state:D stack:0 pid:8687 tgid:8686 ppid:8236 task_flags:0x40044c flags:0x00000018 [10830.148955][ T27] Call trace: [10830.149453][ T27] __switch_to+0x584/0xb20 (T) [10830.151454][ T27] __schedule+0x1eec/0x33a4 [10830.152032][ T27] schedule+0xac/0x27c [10830.152540][ T27] schedule_timeout+0x5c/0x1e4 [10830.152948][ T27] do_wait_for_common+0x28c/0x444 [10830.153366][ T27] wait_for_completion+0x44/0x5c [10830.153841][ T27] __synchronize_srcu+0x2a4/0x320 [10830.154311][ T27] synchronize_srcu+0x3cc/0x4f0 [10830.341687][ T27] __mmu_notifier_release+0x424/0x614 [10830.342328][ T27] exit_mmap+0xb8/0xbb8 [10830.342803][ T27] __mmput+0x10c/0x528 [10830.343273][ T27] mmput+0x70/0xac [10830.343748][ T27] exit_mm+0x158/0x258 [10830.344198][ T27] do_exit+0x788/0x2378 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [10830.463556][ T27] do_group_exit+0x1d4/0x2ac [10830.470019][ T27] get_signal+0x1440/0x1554 [10830.470736][ T27] do_signal+0x23c/0x4dd0 [10830.471247][ T27] do_notify_resume+0xb0/0x270 [10830.471692][ T27] el0_svc+0xb8/0x164 [10830.472159][ T27] el0t_64_sync_handler+0x84/0x12c [10830.472588][ T27] el0t_64_sync+0x198/0x19c [10830.592625][ T27] [10830.592625][ T27] Showing all locks held in the system: [10830.605908][ T27] 1 lock held by khungtaskd/27: [10830.606471][ T27] #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [10830.609002][ T27] 1 lock held by syslogd/3115: [10830.609404][ T27] 2 locks held by getty/3185: [10830.650358][ T27] #0: c6f0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [10830.729170][ T27] #1: a3ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [10830.730860][ T27] 1 lock held by syz-executor/3308: [10830.731224][ T27] 3 locks held by kworker/u4:9/5159: [10830.731550][ T27] 3 locks held by kworker/u4:4/6883: [10830.731896][ T27] 3 locks held by kworker/u4:2/8138: [10830.732263][ T27] 2 locks held by syz.1.439/8682: [10830.732565][ T27] 3 locks held by kworker/u4:0/8692: [10830.732889][ T27] 1 lock held by dhcpcd-run-hook/8932: [10830.733218][ T27] 2 locks held by udevd/8943: [10830.733526][ T27] 1 lock held by syz-executor/8944: [10830.733960][ T27] [10830.734226][ T27] ============================================= [10830.734226][ T27] [10851.177048][ T27] INFO: task syz.9.440:8687 blocked for more than 451 seconds. [10851.193874][ T27] Not tainted syzkaller #0 [10851.206761][ T27] Blocked by coredump. [10851.207314][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [10851.207603][ T27] task:syz.9.440 state:D stack:0 pid:8687 tgid:8686 ppid:8236 task_flags:0x40044c flags:0x00000018 [10851.208402][ T27] Call trace: [10851.208656][ T27] __switch_to+0x584/0xb20 (T) [10851.209190][ T27] __schedule+0x1eec/0x33a4 [10851.209679][ T27] schedule+0xac/0x27c [10851.210149][ T27] schedule_timeout+0x5c/0x1e4 [10851.210577][ T27] do_wait_for_common+0x28c/0x444 [10851.210959][ T27] wait_for_completion+0x44/0x5c [10851.211457][ T27] __synchronize_srcu+0x2a4/0x320 [10851.211931][ T27] synchronize_srcu+0x3cc/0x4f0 [10851.212400][ T27] __mmu_notifier_release+0x424/0x614 [10851.212840][ T27] exit_mmap+0xb8/0xbb8 [10851.213317][ T27] __mmput+0x10c/0x528 [10851.213775][ T27] mmput+0x70/0xac [10851.214242][ T27] exit_mm+0x158/0x258 [10851.338005][ T27] do_exit+0x788/0x2378 [10851.377287][ T27] do_group_exit+0x1d4/0x2ac [10851.377979][ T27] get_signal+0x1440/0x1554 [10851.378535][ T27] do_signal+0x23c/0x4dd0 [10851.379015][ T27] do_notify_resume+0xb0/0x270 [10851.379481][ T27] el0_svc+0xb8/0x164 [10851.379950][ T27] el0t_64_sync_handler+0x84/0x12c [10851.380428][ T27] el0t_64_sync+0x198/0x19c [10851.436998][ T27] [10851.436998][ T27] Showing all locks held in the system: [10851.437681][ T27] 1 lock held by khungtaskd/27: [10851.438051][ T27] #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [10851.439941][ T27] 1 lock held by syslogd/3115: [10851.440318][ T27] 2 locks held by getty/3185: [10851.440623][ T27] #0: c6f0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [10851.442220][ T27] #1: a3ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [10851.443904][ T27] 2 locks held by kworker/u4:9/5159: [10851.444264][ T27] 3 locks held by kworker/u4:15/5455: [10851.444580][ T27] 3 locks held by kworker/u4:1/6560: [10851.516688][ T27] #0: fff0000072d78d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4 [10851.518557][ T27] #1: fff0000072d64548 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8 [10851.520165][ T27] #2: fff0000072d65e58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c [10851.521738][ T27] 3 locks held by kworker/u4:4/6883: [10851.522148][ T27] 2 locks held by syz.1.439/8682: [10851.522502][ T27] 3 locks held by kworker/u4:6/8849: [10851.522818][ T27] 2 locks held by udevd/8943: [10851.523141][ T27] 2 locks held by cmp/8954: [10851.523522][ T27] [10851.523772][ T27] ============================================= [10851.523772][ T27] VM DIAGNOSIS: 06:57:28 Registers: info registers vcpu 0 CPU#0 PC=ffff800080453b84 X00=0000000000000000 X01=ffff80008736205f X02=0000000000000008 X03=0000000000000000 X04=0000000000000001 X05=0000000000000001 X06=0000000000000000 X07=ffff80008198836c X08=00000000000000c0 X09=0000000000000000 X10=00000000000000d5 X11=ffff800087fe5a20 X12=d5f000000d9ba830 X13=0000000000000028 X14=0000000000004000 X15=00000000000000fe X16=0000000002aab243 X17=00000000314522ed X18=0fff0000072d78e5 X19=0000000000000000 X20=0000000000000000 X21=ffff80008198836c X22=ffff80008c3313a8 X23=0000000000000000 X24=0000000000000001 X25=0000000000000000 X26=ffff8000876e7570 X27=00000000000000c0 X28=0000000000000000 X29=ffff800080007c00 X30=ffff800080453b64 SP=ffff800080007bb0 PSTATE=604020c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0500000000000000:0500000000000000 Z01=0000000500000000:0000000000000000 Z02=0000000000000005:0000000000000000 Z03=00d000a800000000:0000000000000000 Z04=0000000000000000:0000000000000002 Z05=0000000000000005:0000000000000002 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffed7f01a0:0000ffffed7f01a0 Z17=ffffff80ffffffd0:0000ffffed7f0170 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000