last executing test programs: 1h26m31.901862359s ago: executing program 32 (id=36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0xdddd0000, 0x5000, 0x1}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x10043, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x7e) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x4}) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, 0x0) r6 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) munmap(&(0x7f0000009000/0x3000)=nil, 0x3000) ioctl$KVM_GET_DEVICE_ATTR_vm(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0x5394, 0x7f, 0x2}}) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x20) r7 = eventfd2(0x0, 0x0) close(r7) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x600000c, 0x2011, r7, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000100)={0x6000, 0x102000, 0x1}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0xdddd0000, 0x5000, 0x1}) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x10043, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x7e) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x4}) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, 0x0) (async) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async) munmap(&(0x7f0000009000/0x3000)=nil, 0x3000) (async) ioctl$KVM_GET_DEVICE_ATTR_vm(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0x5394, 0x7f, 0x2}}) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x20) (async) eventfd2(0x0, 0x0) (async) close(r7) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x600000c, 0x2011, r7, 0x0) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000100)={0x6000, 0x102000, 0x1}) (async) 1h26m24.186226304s ago: executing program 33 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x1e) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x0, 0x0}) r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x2c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000100)=0x7fffffff}) 1h18m19.229201834s ago: executing program 34 (id=57): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0xc259, 0x2f3568a4bf776b36) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r9, 0x3}) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x8, &(0x7f0000000140)=0x4}) ioctl$KVM_CHECK_EXTENSION(r11, 0x40086602, 0x110e22ffff) r15 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r15, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000280)={0x10201, 0x6, 0xdddd1000, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r15, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0xa, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) 1h11m23.978628484s ago: executing program 4 (id=59): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000}) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2f) ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x84000050, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x8, 0xffffffffffffffff, 0x4521fde0b528c401}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x46) r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) ioctl$KVM_SET_VCPU_EVENTS(r12, 0xc018ae85, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r8, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) 1h10m47.446038591s ago: executing program 4 (id=95): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26) syz_kvm_vgic_v3_setup(r1, 0x2, 0x40) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 1h10m32.580073283s ago: executing program 4 (id=97): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0xe0a7}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) openat$kvm(0x0, 0x0, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f00000001c0), 0x101000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x2, 0x100) r10 = eventfd2(0x10000, 0x0) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000000)={r10, 0x3}) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000100)={r10, 0xb168, 0x0, r10}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) r11 = eventfd2(0x0, 0x0) close(r11) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r11, 0x0) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8}) 1h10m14.037593563s ago: executing program 4 (id=99): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0), 0xf001) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000000c0)=0x8, 0x8) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000001c0)=@attr_other) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r16 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r16}) ioctl$KVM_RUN(r15, 0xae80, 0x0) 1h9m27.119208114s ago: executing program 35 (id=99): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0), 0xf001) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000000c0)=0x8, 0x8) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000001c0)=@attr_other) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r16 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r16}) ioctl$KVM_RUN(r15, 0xae80, 0x0) 1h3m30.080780397s ago: executing program 2 (id=129): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x410402, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000040)={0x5, 0x0, &(0x7f0000ffd000/0x3000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve={0x6080000000150096, &(0x7f0000000080)=0x2}) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r3, 0x200000a, 0x2010, r4, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0xc4000001, [0x100, 0xc9f, 0x9, 0x7f4b, 0x5]}}, @eret={0xe6, 0x18, 0x401}, @smc={0x1e, 0x40, {0x86000001, [0x0, 0xfffffffffffffe7d, 0xc, 0x7, 0x80000000]}}, @svc={0x122, 0x40, {0x0, [0x10001, 0x8001, 0x300, 0x2, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x5, 0x8, 0xf24}}, @irq_setup={0x46, 0x18, {0x0, 0x33c}}, @hvc={0x32, 0x40, {0xc4000003, [0x267, 0xd, 0x7, 0x9, 0x9]}}, @eret={0xe6, 0x18, 0xfffffffffffffff9}, @code={0xa, 0x84, {"00080078000028d5000028d5e0dd95d200a0b8f2e10180d2a20180d2c30080d2240080d2020000d4007008d50020c00c007008d5202189d20040b8f2810080d2a20180d2630080d2640080d2020000d460cd95d20060b0f2210080d2a20180d2430080d2240180d2020000d4007008d5"}}], 0x1f4}], 0x1, 0x0, &(0x7f0000000340)=[@featur1={0x1, 0x21}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000380)={0x1, 0x4, 0xf000, 0x1000, &(0x7f0000fdc000/0x1000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000003c0)={0x2, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000440)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000400)=0xf}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000004c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000480)=0x10001}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000540)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000500)=0x96a}) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000840)={0x0, &(0x7f0000000580)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0xf, 0xfe9, 0xe, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0x0, 0x8, 0xfffffeff}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x33c}}, @msr={0x14, 0x20, {0x603000000013e6de, 0x4e33e26b}}, @eret={0xe6, 0x18, 0x7}, @svc={0x122, 0x40, {0x86000001, [0x0, 0x9, 0xad, 0x9, 0xf8]}}, @mrs={0xbe, 0x18, {0x603000000013dce4}}, @svc={0x122, 0x40, {0xc4000001, [0xfffffffffffffffe, 0x7c54, 0x8001, 0x3, 0x5]}}, @irq_setup={0x46, 0x18, {0x1, 0x17d}}, @eret={0xe6, 0x18, 0xf}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0xc, 0xfffffff9, 0x1, 0x4}}, @eret={0xe6, 0x18, 0x1}, @svc={0x122, 0x40, {0x10, [0x10001, 0x4, 0x200, 0x2, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @smc={0x1e, 0x40, {0x1000000, [0x14, 0x5, 0x7fffffffffffffff, 0x5, 0x1]}}, @msr={0x14, 0x20, {0x603000000013deed, 0x7}}, @mrs={0xbe, 0x18, {0x603000000013dee2}}], 0x288}, &(0x7f0000000880)=[@featur1={0x1, 0x10}], 0x1) ioctl$KVM_GET_REGS(r6, 0x8360ae81, &(0x7f00000008c0)) ioctl$KVM_GET_SREGS(r6, 0x8000ae83, &(0x7f0000000980)) r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_SREGS(r7, 0x8000ae83, &(0x7f0000000ac0)) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000c40)={0x0, &(0x7f0000000c00)=[@mrs={0xbe, 0x18, {0x603000000013f667}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x1, 0x6, 0x1, 0x5, 0x3}}], 0x40}, &(0x7f0000000c80)=[@featur1={0x1, 0x44}], 0x1) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_REGS(r9, 0x8360ae81, &(0x7f0000000cc0)) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000dc0)=@attr_other={0x0, 0xd9c8, 0x2d, &(0x7f0000000d80)=0x100}) ioctl$KVM_GET_SREGS(r4, 0x8000ae83, &(0x7f0000000e00)) ioctl$KVM_GET_REG_LIST(r9, 0xc008aeb0, &(0x7f0000000f40)={0x6, [0x4, 0x4, 0x8, 0x8, 0x2, 0x1]}) r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000001000)={0x0, &(0x7f0000000f80)=[@smc={0x1e, 0x40, {0x4000000, [0x300000, 0x5, 0xced, 0x1, 0x233800]}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x741, 0x9, 0x8}}], 0x70}, &(0x7f0000001040)=[@featur1={0x1, 0x10}], 0x1) ioctl$KVM_GET_MP_STATE(r10, 0x8004ae98, &(0x7f0000001080)) 1h3m19.667849684s ago: executing program 2 (id=130): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, 0x0}) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_assert_reg(r8, 0x603000000013dce8, 0x8000) 1h3m4.389331879s ago: executing program 2 (id=131): mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000300)={0x1000020, 0x1}) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0xb, 0x13, 0xffffffffffffffff, 0x0) 1h2m50.717921506s ago: executing program 2 (id=132): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000080)={0xdddd0000, 0x102000}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) 1h2m36.860877111s ago: executing program 2 (id=133): munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0xfffffffffffffffa, 0x2, 0x4, 0xffffffffffffffff, 0x8a4fa382f1515d0b}) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_assert_reg(r9, 0x6, 0x8000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x60871, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) 1h2m20.788358148s ago: executing program 2 (id=134): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000000)={0x4, 0x5}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfd000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x48a, 0x1, 0x8000000000000000, 0x1, 0x8000400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = eventfd2(0x0, 0x80000) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x0, 0x110, r7, 0x0) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) 1h1m32.599889132s ago: executing program 36 (id=134): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000000)={0x4, 0x5}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfd000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x48a, 0x1, 0x8000000000000000, 0x1, 0x8000400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = eventfd2(0x0, 0x80000) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x0, 0x110, r7, 0x0) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) 50m10.261022037s ago: executing program 5 (id=187): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) ioctl$KVM_CHECK_EXTENSION(r4, 0x541b, 0x20000000000000ac) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2d) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f00000000c0)={0x7, 0x4}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x3, 0x400001, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x6, 0x2}}) r10 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0}) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2e) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x13}) r14 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x1) ioctl$KVM_IRQ_LINE_STATUS(r15, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001}) r16 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) ioctl$KVM_RUN(r16, 0xae80, 0x0) 49m42.434590574s ago: executing program 5 (id=190): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@mrs={0xbe, 0x18, {0x603000000013c520}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 49m37.447970458s ago: executing program 6 (id=191): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) (async, rerun: 32) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) (rerun: 32) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) syz_kvm_vgic_v3_setup(r5, 0x0, 0x0) (async, rerun: 64) close(0x4) (async, rerun: 64) close(0x5) (async) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x0) (async, rerun: 64) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) (rerun: 64) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) mmap$KVM_VCPU(&(0x7f0000c26000/0x3000)=nil, 0x0, 0x280000b, 0x11, r2, 0x0) (async) r7 = mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x100000a, 0x1010, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="0d01f754ffffffffffffa29ea6abf4e7456637c4b85400005a3e0500000052449ac869d02627e70000000f000000000000250aef00", 0x0, 0x48) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x40049409, 0x28) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000100), 0x115af0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0}) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df19, &(0x7f0000000280)=0x1}) (async) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) (async, rerun: 32) ioctl$KVM_RUN(r12, 0xae80, 0x0) (rerun: 32) 49m26.508707162s ago: executing program 5 (id=192): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x9}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r4, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) close(r9) close(r10) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil}) close(r12) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000ff70a6db800000000000003800"/24], 0x18}], 0x1, 0x0, 0x0, 0x0) r13 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000d5a000/0x1000)=nil, 0x930, 0x6800002, 0x10, r13, 0x0) 49m23.898565815s ago: executing program 6 (id=193): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x20) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000340), 0x40, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0xb, 0x11, r7, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea656e4a29cec291baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb3000", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x7c}}], 0x28}, 0x0, 0x0) r14 = syz_kvm_vgic_v3_setup(r11, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x18000, 0x2, &(0x7f00000001c0)=0x2}) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000100)=0x800}) r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x6800, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r17, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYRES8=r2, @ANYRES16=r12, @ANYRES32=r0, @ANYRESOCT=r16, @ANYRESOCT=r15, @ANYRES64=0x0, @ANYRES8, @ANYRES64=r3, @ANYRESDEC=r8, @ANYRES32=r2]) r18 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r19, 0x4010ae68, 0x0) 49m11.72838484s ago: executing program 5 (id=194): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000c40)=[@mrs={0xbe, 0x18, {0x603000000013d000}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x7, 0x1, 0x100000, 0x80000000, 0x3}}, @smc={0x1e, 0x40, {0xc400000e, [0x5, 0x3, 0x2, 0x7, 0x9]}}, @eret={0xe6, 0x18, 0x2}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x5ee, 0xfffffffffffffffe, 0xb}}, @smc={0x1e, 0x40, {0x84000052, [0x1, 0x75, 0x3c64b453, 0xe981]}}, @svc={0x122, 0x40, {0x80000000, [0xbd, 0x5, 0x3, 0x4, 0x3]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x1af}}, @msr={0x14, 0x20, {0x603000000013df58, 0xffffffffffffffff}}, @smc={0x1e, 0x40, {0x80000002, [0xfffffffffffffff7, 0x0, 0x93, 0x0, 0x6]}}, @hvc={0x32, 0x40, {0x84000014, [0x4, 0x7, 0x9, 0x9e3, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x8, 0x3, 0x2, 0x99f, 0x6, 0x3}}, @svc={0x122, 0x40, {0x7b001004, [0x1, 0x9, 0x8, 0x0, 0x56]}}, @irq_setup={0x46, 0x18, {0x4, 0x279}}, @hvc={0x32, 0x40, {0xc4000053, [0x6e6, 0x8, 0x4, 0x1, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0x6, 0x40, 0xfffffffc, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013deab}}, @hvc={0x32, 0x40, {0x2000000, [0xffffffff, 0x401, 0xd0, 0xfffffffffffff514, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x9, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x19, 0x0, 0x3, 0xb, 0x4, 0x8, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x5d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x180, 0x8, 0x1}}, @uexit={0x0, 0x18, 0xfffffffffffffff9}, @smc={0x1e, 0x40, {0xc4000005, [0x5, 0x6, 0x3, 0x4, 0x7]}}], 0x448}, &(0x7f0000000200)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f0000000240)=0xb) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2000000000) r5 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r5, 0x2}) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r5, 0xa}) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r7, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r5, 0x3}) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000002c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0xffffffffffffffff}) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r4], 0x80}], 0x1, 0x0, 0x0, 0x0) 49m8.383000046s ago: executing program 6 (id=195): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x80) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r6 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r6}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 48m59.440766837s ago: executing program 6 (id=196): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x9}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000040)={0xdf, 0x0, 0x7000}) r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000680)={0x0, &(0x7f00000000c0)=[@eret={0xe6, 0x18, 0x1}, @code={0xa, 0x6c, {"008008d5a0c080d20040b8f2010080d2e20080d2830080d2440180d2020000d400044078007008d5e0030032007008d5007008d5000028d50018601e80dc9bd20020b8f2410180d2620080d2e30180d2c40180d2020000d4"}}, @code={0xa, 0xb4, {"000008d500a09f0d0000c05ae05f8ad20060b8f2e10080d2c20080d2430080d2040180d2020000d4007008d5e00498d20020b0f2e10180d2e20080d2030080d2c40180d2020000d420bd8dd20020b0f2810080d2a20080d2a30080d2440180d2020000d40058202ec0598ad200c0b8f2410180d2620180d2430080d2e40180d2020000d4006f90d20080b8f2010180d2620080d2030080d2c40180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x101, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x2, 0x7, 0xf, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x3, 0x8001, 0xf, 0x1}}, @msr={0x14, 0x20, {0x463d, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xd00, 0x1, 0x2}}, @uexit={0x0, 0x18, 0x10}, @smc={0x1e, 0x40, {0x2, [0x5, 0xe06cbb1, 0xe721, 0x101, 0x3ff]}}, @mrs={0xbe, 0x18, {0x6030000000131a02}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3e7}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013df02}}, @msr={0x14, 0x20, {0x603000000013e6d0, 0xfffffffffffffb68}}, @code={0xa, 0x9c, {"007008d500b8200e805a8ad200a0b8f2810080d2020180d2e30080d2e40180d2020000d4a0f28ad20040b8f2210080d2620180d2630080d2a40180d2020000d4408282d20020b0f2c10080d2e20080d2e30080d2040180d2020000d400a4df0d603190d20060b8f2210080d2c20180d2c30080d2240080d2020000d4007008d5007008d50100a0d4"}}, @uexit={0x0, 0x18, 0x2}, @code={0xa, 0x84, {"000028d50028000e0034207e803d86d20040b8f2c10180d2220080d2630180d2a40080d2020000d40044200e606f86d20080b0f2a10080d2420080d2230180d2640180d2020000d4008008d5000008d580b78ed200e0b8f2a10180d2820080d2630080d2c40080d2020000d4000008d5"}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x7cd, 0x5, 0x8}}, @irq_setup={0x46, 0x18, {0x0, 0x1ca}}, @mrs={0xbe, 0x18, {0x603000000013dead}}, @mrs={0xbe, 0x18, {0x6030000000138557}}, @eret={0xe6, 0x18, 0x80fb}, @uexit={0x0, 0x18, 0xdb39}, @eret={0xe6, 0x18, 0x7}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0x84, {"008008d5407197d20000b8f2c10180d2620180d2430080d2c40180d2020000d4008008d5007008d50070000f607f9ed20080b8f2a10180d2a20080d2e30180d2e40180d2020000d400802088007008d5000028d560bf9ad20040b0f2810180d2020080d2a30080d2240180d2020000d4"}}], 0x58c}, &(0x7f00000006c0)=[@featur2={0x1, 0x40}], 0x1) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000700)={0x5, 0x401}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x40000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f0000000b80)={0x101ff, 0x200, 0x300, &(0x7f0000000780)=[0x3, 0x1, 0x2, 0xa1, 0x10001, 0xffffffff, 0x1, 0x7, 0x4, 0x1, 0x80000001, 0x100, 0x200, 0xa23d, 0x8, 0xffffffffffff8001, 0x95, 0x3, 0xfffffffffffffffb, 0x7, 0x5, 0x3, 0xfffffffffffffffa, 0x401, 0xffffffffffffffff, 0x2, 0x6, 0x7, 0x740b, 0x0, 0x2, 0x3, 0x81, 0x7f, 0x3, 0x1, 0x1000, 0x0, 0x3, 0x80000001, 0x100000001, 0xfffffffffffffff8, 0xcd, 0x3, 0x4, 0x3, 0x7, 0x5, 0x101, 0x8, 0x1, 0xfffffffffffffffc, 0x200, 0x88c6, 0x616, 0x6, 0xfaf, 0x4, 0x1, 0xc31, 0xfffffffffffffffd, 0x9, 0x9, 0x3, 0x2, 0x2, 0x3, 0x2, 0x3, 0x9, 0x508, 0x4000000000000, 0x6, 0x2, 0xffff, 0x3ad, 0x7, 0x7, 0x9, 0x6, 0x6, 0x5, 0x0, 0x3, 0xfff, 0x22d, 0x7, 0xffffffffffff8000, 0x4, 0x4, 0x13, 0x7fffffff, 0x1, 0x6, 0x401, 0x8, 0x1, 0x2, 0x3, 0x5b, 0x6b50, 0xef, 0x9, 0x7, 0xdc, 0x101, 0x6, 0x9, 0x6, 0x81, 0x9, 0x2, 0xfffffffffffff9c8, 0x1, 0x532f, 0x1ff, 0x7, 0x1, 0x9, 0x1, 0x101, 0xe0, 0x0, 0x2, 0xffffffffffffff2b, 0x0, 0xb, 0x1]}) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x24) ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f0000000bc0)={0x3, 0x5}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000b8d000/0x400000)=nil) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x24) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000c00), 0x210000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x27) r9 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000c40)={0x6, 0xe}) ioctl$KVM_PPC_ALLOCATE_HTAB(r5, 0xc004aea7, &(0x7f0000000c80)=0x7f) ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000cc0)={0x10200, 0x6, 0x10000, 0x1000, &(0x7f0000e60000/0x1000)=nil, 0x5, r9}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000d80)={0x3, 0x2}) ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000dc0)=0xf89e) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x15) r11 = eventfd2(0x3, 0x800) ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000e00)={r2, 0x3, 0x2, r11}) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000e80)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000e40)=0x5}) ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f0000000ec0)={0x80a0000, 0x108000}) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r8, 0x4068aea3, &(0x7f0000000f00)) write$eventfd(r11, &(0x7f0000000f80)=0x1, 0x8) 48m57.56211818s ago: executing program 5 (id=197): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x6000, 0x1}) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 48m44.819127264s ago: executing program 6 (id=198): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x0, 0x6, 0x2000, 0x2000, &(0x7f0000ec1000/0x2000)=nil}) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x674c02, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x26) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) r6 = ioctl$KVM_CREATE_VM(r5, 0x8924, 0x110c230022) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfd000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013df48, &(0x7f0000000040)=0x2}) 48m40.76072822s ago: executing program 5 (id=199): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x33c027232b068570, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r5, 0x4018aee3, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110006, &(0x7f00000001c0)=0x1}) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@arm64_fw={0x6030000000140002, &(0x7f0000000200)=0x8}) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x3, 0xffffffffffffffff}) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x13, r11, 0x0) (async, rerun: 32) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 32) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) (async, rerun: 32) r13 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async, rerun: 32) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) (async, rerun: 64) ioctl$KVM_CREATE_VM(r14, 0x40086602, 0x20000000) (async, rerun: 64) close(r13) eventfd2(0x80, 0x80801) (async, rerun: 64) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) 48m29.908147881s ago: executing program 6 (id=200): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000300)}, 0x0, 0x0) r6 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) ioctl$KVM_GET_REGS(r10, 0x8360ae81, &(0x7f00000003c0)) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df02, 0x0}) r11 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r12, 0x0) r15 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r15, 0xffffffffffffffff) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_RUN(r12, 0xae80, 0x0) 47m53.320172703s ago: executing program 37 (id=199): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x33c027232b068570, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r5, 0x4018aee3, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110006, &(0x7f00000001c0)=0x1}) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@arm64_fw={0x6030000000140002, &(0x7f0000000200)=0x8}) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x3, 0xffffffffffffffff}) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x13, r11, 0x0) (async, rerun: 32) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 32) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) (async, rerun: 32) r13 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async, rerun: 32) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) (async, rerun: 64) ioctl$KVM_CREATE_VM(r14, 0x40086602, 0x20000000) (async, rerun: 64) close(r13) eventfd2(0x80, 0x80801) (async, rerun: 64) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) 47m40.958971556s ago: executing program 38 (id=200): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000300)}, 0x0, 0x0) r6 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) ioctl$KVM_GET_REGS(r10, 0x8360ae81, &(0x7f00000003c0)) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df02, 0x0}) r11 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r12, 0x0) r15 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r15, 0xffffffffffffffff) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_RUN(r12, 0xae80, 0x0) 33m38.420848675s ago: executing program 8 (id=232): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10) syz_kvm_setup_cpu$arm64(r0, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f00000003c0)=[{0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x89}}, @smc={0x1e, 0x40, {0x84000013, [0x8, 0x7fff, 0x4, 0x8, 0x8]}}, @hvc={0x32, 0x40, {0xc4000004, [0x2, 0x9be1, 0x3, 0x7]}}, @irq_setup={0x46, 0x18, {0x4, 0xe1}}, @code={0xa, 0xcc, {"000008d50004002f007008d500438fd20000b8f2210180d2a20080d2430180d2e40080d2020000d400ad97d20060b0f2810180d2a20180d2230080d2c40080d2020000d480739ed200c0b0f2c10180d2a20180d2630080d2e40180d2020000d400cf8ad20020b8f2610180d2c20180d2430080d2040080d2020000d40060204e400e8ed200e0b8f2210080d2c20080d2430080d2e40080d2020000d4606690d20080b8f2210080d2820080d2030180d2240080d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013e089, 0x100000000}}, @hvc={0x32, 0x40, {0x80, [0x70, 0xffff, 0x9, 0x2ac, 0x7]}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0x8}, @hvc={0x32, 0x40, {0x30000000, [0x0, 0x0, 0x5, 0x7, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x3, 0x5, 0x3, 0x1fa, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013c524}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0x3, 0x7, 0x2, 0x4}}, @msr={0x14, 0x20, {0x603000000013c2a2, 0x1}}, @irq_setup={0x46, 0x18, {0x0, 0xa5}}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0x84, {"406199d200e0b0f2a10080d2a20080d2230180d2640080d2020000d400000033000008d50004403c0020204e00d8307e008008d500608cd200e0b0f2410180d2e20180d2a30180d2a40080d2020000d400e0204e40c39ad200a0b0f2810080d2c20080d2e30180d2040080d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x3db}}], 0x3c0}], 0x1, 0x0, &(0x7f0000000400)=[@featur2={0x1, 0x43}], 0x1) r1 = syz_kvm_vgic_v3_setup(r0, 0x2, 0x80) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x97) ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000440)={0x2}) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000480)={0x40, 0x8}) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f00000004c0)={0xc0, 0x0, 0x4000}) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000540)={0x5, 0x7}) r3 = eventfd2(0x2a860000, 0x1800) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000580)={0xd, 0x0, 0x2, r3, 0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000005c0)={0x101ff, 0x4, 0xeeef0000, 0x1000, &(0x7f0000e9d000/0x1000)=nil}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000600)) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000680)={0xffff1000, 0xa000, 0x1}) r4 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000006c0)={0x7fffffffffffffff, 0x6}) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000740)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000700)}) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000780)={0xdddd0000, 0x808e000, 0x6, 0x1, 0x1}) r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000007c0)={0x4}) ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000800)={0x10200, 0x7, 0xffff1000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x9, r5}) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000008c0)={0x4, 0x0, [{0xf, 0x3, 0x0, 0x0, @msi={0xd, 0x71f4, 0xffffffff, 0x7f}}, {0x1, 0x2, 0x1, 0x0, @irqchip={0x8, 0x3}}, {0x2, 0x1, 0x1, 0x0, @adapter={0x0, 0x7a4a, 0x7d, 0x7, 0x6}}, {0x8, 0x0, 0x0, 0x0, @adapter={0x51, 0x1, 0x3, 0x7512, 0x9}}]}) ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f00000009c0)) write$eventfd(r4, &(0x7f0000000a40)=0x26c5, 0x8) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000a80)={0x3000, 0x1, 0xffffff01, 0x1, 0x5}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000ac0), 0x20000, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x8) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000b00)={0x9}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) 33m37.466472772s ago: executing program 7 (id=233): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000080)={0x8080000, 0x37d03030d7a82616, 0x400}) ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x709042, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1}) r8 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000380)={0x3000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1}) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0xfffffffffffffffd) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f00000001c0)=[{0x0, &(0x7f0000000200)=ANY=[@ANYRESOCT=r8], 0x60}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r13, 0xae03, 0x51) 33m23.319231247s ago: executing program 8 (id=234): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x8) syz_kvm_vgic_v3_setup(r4, 0x20000000001, 0x80) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000200)={0x80a0000, 0x0, 0x94, 0x1}) ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x84000053, [0x80000000000, 0x6, 0xf1, 0x6f4, 0x1]}}], 0x40}, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x35) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 33m8.4016842s ago: executing program 7 (id=235): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xea12157bff932e6}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xca1d411f72eb97d8, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0x40086602, 0x20000000) 33m0.81170701s ago: executing program 8 (id=236): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async, rerun: 64) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (rerun: 64) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001}) r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r12 = ioctl$KVM_CREATE_VM(r11, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0x8004b706, 0x0) 32m50.747634591s ago: executing program 7 (id=237): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x7}) ioctl$KVM_RUN(r8, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_assert_reg(r3, 0x603000000013dce8, 0x8000) 32m37.498076256s ago: executing program 8 (id=238): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xc020660b, 0xe1) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000000000/0x400000)=nil) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, 0x0) close(r2) 32m26.709650711s ago: executing program 7 (id=239): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000000000004) ioctl$KVM_CREATE_VCPU(r1, 0x541b, 0x0) 32m13.086638535s ago: executing program 7 (id=240): mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r4, 0x2}) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r4, 0x3}) openat$kvm(0x0, 0x0, 0x1, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) 32m11.512612734s ago: executing program 8 (id=241): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x2873f7aecfc88708, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) syz_kvm_vgic_v3_setup(r1, 0x2, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x2d) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) ioctl$KVM_RUN(r9, 0xae80, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = eventfd2(0x40000000, 0x80000) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r13, 0x3}) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x0, r13, 0xa}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) syz_kvm_vgic_v3_setup(r1, 0x2, 0x120) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r16, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}}) 31m57.499920077s ago: executing program 7 (id=242): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x10007, 0x0, 0x0, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f0000000000)={0x0, 0x100, 0x1c0, 0x0}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x4) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f7000000000003000000000000000402000000000000140000000000000020000000000000008480130000003060a3"], 0x60}], 0x1, 0x0, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) write$eventfd(r8, &(0x7f0000000000), 0xfffffdef) ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000100)={0x0, 0x2000, 0x5, 0x1, 0x401}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x27) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r12 = syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000080)=0x40}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r13 = ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece) ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000000)=0x4}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 31m42.681390222s ago: executing program 8 (id=243): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3) r3 = eventfd2(0x0, 0x800) r4 = eventfd2(0xfffffffa, 0x80001) write$eventfd(r4, &(0x7f0000000200)=0x8, 0x8) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x1000, 0x2, r4}) 31m9.101016554s ago: executing program 39 (id=242): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x10007, 0x0, 0x0, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f0000000000)={0x0, 0x100, 0x1c0, 0x0}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x4) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f7000000000003000000000000000402000000000000140000000000000020000000000000008480130000003060a3"], 0x60}], 0x1, 0x0, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) write$eventfd(r8, &(0x7f0000000000), 0xfffffdef) ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000100)={0x0, 0x2000, 0x5, 0x1, 0x401}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x27) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r12 = syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000080)=0x40}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r13 = ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece) ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000000)=0x4}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 30m53.513382738s ago: executing program 40 (id=243): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3) r3 = eventfd2(0x0, 0x800) r4 = eventfd2(0xfffffffa, 0x80001) write$eventfd(r4, &(0x7f0000000200)=0x8, 0x8) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x1000, 0x2, r4}) 15m49.387803222s ago: executing program 0 (id=277): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x52) (async) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x800, 0x0) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x603000000010004a, &(0x7f0000000000)=0x7f1}) ioctl$KVM_CREATE_VM(r2, 0x401c5820, 0x20000000) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r3, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) 15m34.286185423s ago: executing program 0 (id=279): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df60, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df61, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df62, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df63, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df65, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0xe0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r10, 0xffffffffffffffff) syz_kvm_assert_reg(r3, 0x603000000013df60, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df61, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df62, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df63, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df64, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df65, 0x8000) syz_kvm_assert_reg(r3, 0x603000000013df7f, 0x8000) 15m10.543913858s ago: executing program 0 (id=280): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000b10000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000006, [0x4, 0x1, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) (async) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) r9 = ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000002c0)={0x0, 0xf}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000300)={0xa45cfb4bcf54965a, 0x4, 0x0, 0x2000, &(0x7f0000c69000/0x2000)=nil, 0x10, r9}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x8030aeb4, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x3, 0x0}) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="3200000000000000400000000000000001000086000000000c0000000000000008000000000000000b0000000000000002000000000000001505000000000000000000000000000018000000000000000101000000000000aa0000000000000028000000000000000c00010000000200000001000000ff91dc7c8aa2c0b6e54157d73b282b290f0000010000000000820000000000000028000000000000000100000000000000040000000000004f240100000000000032000000000000004000000000000000000000300000000003000000000000000800000000000000080000000000000006000000000000006d88000000000000e60000000000000018"], 0x100}], 0x1, 0x0, &(0x7f00000000c0)=[@featur1={0x1, 0xf172cc5e1f9cdf1c}], 0x1) (async) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100050, &(0x7f0000000000)=0x12}) 15m7.180350134s ago: executing program 9 (id=281): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000002c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0xffffffffffffffff}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) eventfd2(0x8, 0x80800) (async) r7 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r7, 0x2}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r7, 0xa}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r7, 0x7ffffffe}) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000100)={0x4, 0x104000}) r8 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r8, 0x541b, 0x10000000000000) (async) ioctl$KVM_CREATE_VM(r8, 0x541b, 0x10000000000000) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xa5) 14m49.432655051s ago: executing program 0 (id=282): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x6) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_fw={0x6030000000140002, 0xfffffffffffffffe}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x1000001, 0x13, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000040)={0x1fe, 0x0, &(0x7f0000e52000/0x3000)=nil}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 14m46.407780451s ago: executing program 9 (id=283): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)=0x1}) 14m28.15273422s ago: executing program 0 (id=284): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x7, 0x1, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0xc5000021, [0x0, 0x1, 0x2, 0x3, 0x6]}}], 0x80}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0xc) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000280)}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000200)=0x5}) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x6243, 0x1}}], 0x30}, 0x0, 0x0) 14m24.806647653s ago: executing program 9 (id=285): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000340)=@attr_arm64={0x0, 0x8, 0x3, 0x0}) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000ad770081000000000800000000000000010000000000000002000000000000000300000000000000040000000000000032000000000000004000000000000000530000c400000000000080"], 0x80}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14m4.490676837s ago: executing program 9 (id=286): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="460000323a355a0d60df000000000018000000000000ecfc"], 0x18}], 0x1, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14m1.887916072s ago: executing program 0 (id=287): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x160) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)=@arm64={0x3, 0x3, 0x0, '\x00', 0x9}) r4 = openat$kvm(0x0, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4020ae46, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100"]) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r8, 0x400454e2, 0x110c230020) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000080000000100ffff8a"]) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0)=0x7ffffff, 0xfdef) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x32) r15 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df12, &(0x7f0000000000)=0x3}) 13m44.64074949s ago: executing program 9 (id=288): mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) r1 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000400)={0x0, &(0x7f0000000b00)=[@mrs={0xbe, 0x18, {0x603000000013e108}}, @hvc={0x32, 0x40, {0xc4000013, [0x7, 0x0, 0x6, 0x2, 0x55caccb0]}}, @code={0xa, 0x84, {"007008d5008008d5208a89d20080b0f2a10180d2620080d2230080d2c40080d2020000d4e06c85d200a0b0f2a10080d2620080d2630080d2c40180d2020000d4008008d5007008d5007008d50044207e0004006ec0c495d20020b0f2a10180d2820180d2430180d2440180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0x176}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0xa74, 0x4, 0xc}}, @code={0xa, 0x9c, {"00c68dd20060b0f2010180d2020080d2030080d2240080d2020000d4000000fa00cd95d20060b0f2210180d2820080d2430080d2240080d2020000d40080202e000028d5007008d500b4205e008008d560318fd20040b8f2010080d2c20180d2630180d2e40180d2020000d440fc92d200a0b8f2010180d2820080d2630080d2040180d2020000d4"}}, @svc={0x122, 0x40, {0x0, [0x4, 0x8000000000000000, 0x9, 0x5, 0x2]}}, @smc={0x1e, 0x40, {0x8600ff01, [0x5, 0x8000000000000001, 0x100000000, 0xa, 0xcfc]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0xa1}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x563, 0x3d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x8, 0x6, 0x1}}, @svc={0x122, 0x40, {0xd448b7d6046ae1f2, [0x3, 0x7fffffff, 0x2000000000000000, 0x8, 0x6d2]}}, @hvc={0x32, 0x40, {0x84000012, [0x7, 0x4, 0xa, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x80000000, [0x7, 0x6, 0x101, 0x7, 0x100000001]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x2f3}}, @msr={0x14, 0x20, {0x603000000013c643, 0x7}}, @svc={0x122, 0x40, {0x20, [0x8, 0x9, 0x3, 0x6, 0x1000]}}, @svc={0x122, 0x40, {0xc4000004, [0x8, 0xda4, 0x4, 0x3, 0x2]}}], 0x450}, &(0x7f0000000440)=[@featur1={0x1, 0x40}], 0x1) r2 = mmap$KVM_VCPU(&(0x7f0000c7f000/0x4000)=nil, 0x930, 0x400000f, 0x20010, r1, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 13m28.965952701s ago: executing program 9 (id=289): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, 0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f0000000000)) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x4, 0x0, 0x1}}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x6, 0x5, &(0x7f0000000040)=0x4}) 13m12.198630105s ago: executing program 41 (id=287): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x160) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)=@arm64={0x3, 0x3, 0x0, '\x00', 0x9}) r4 = openat$kvm(0x0, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4020ae46, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100"]) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r8, 0x400454e2, 0x110c230020) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000080000000100ffff8a"]) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0)=0x7ffffff, 0xfdef) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x32) r15 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df12, &(0x7f0000000000)=0x3}) 12m40.28616998s ago: executing program 42 (id=289): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, 0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f0000000000)) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x4, 0x0, 0x1}}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x6, 0x5, &(0x7f0000000040)=0x4}) 2m41.416288119s ago: executing program 3 (id=291): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x2000000, 0x0}) mmap$KVM_VCPU(&(0x7f0000cd7000/0x1000)=nil, r6, 0xa, 0x13, r10, 0x0) r11 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0xd2e, 0xeba}) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r12, 0x4004aec2, &(0x7f0000000000)=0x2) 2m39.836308842s ago: executing program 1 (id=293): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000}) close(r4) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616}) r10 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=[@memwrite={0x6e, 0x0, @vgic_gicr={0x80e0000, 0x280, 0x3ff, 0xf}}], 0xfff6}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) 2m14.728745159s ago: executing program 3 (id=294): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x8, &(0x7f00000000c0)=0x45d4970}) (async) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x8, &(0x7f00000000c0)=0x45d4970}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async) r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) syz_kvm_setup_cpu$arm64(r4, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1) 2m14.440879469s ago: executing program 1 (id=295): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x29) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x2}) 1m55.630917534s ago: executing program 3 (id=296): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async) r4 = eventfd2(0x8801, 0x800) (async, rerun: 32) r5 = eventfd2(0x3ff, 0x0) (rerun: 32) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r4, 0x5, 0x2, r5}) (async) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r4, 0x5, 0x3, r5}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0xc3) 1m53.939546549s ago: executing program 1 (id=297): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160003, &(0x7f0000000000)=0x7}) 1m36.729716527s ago: executing program 3 (id=298): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20) ioctl$KVM_IOEVENTFD(r1, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 1m34.805681726s ago: executing program 1 (id=299): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x8c02, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x2, 0x10}) ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000000180)=0x4) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async) syz_kvm_vgic_v3_setup(r4, 0x3, 0x180) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x80}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000080)=0x4}) syz_kvm_assert_reg(r8, 0x603000000013dce8, 0x8000) ioctl$KVM_SET_SIGNAL_MASK(r8, 0x4004ae8b, &(0x7f0000000380)={0xf8, "9367dc9f27cec695494d284d2b9f1f6fcf8297dc924671d09af54cb8378932cde2698e8a24b6628ffac17c844255dc55488de2c639f6793723fe1b9403a9f612b8711883a6705d09923aa406083e3bf70a27d38be335c6d960515dc9014fc5262a63eb80bb1788c9410609594438e48844792580f40485e9056f711cdf6fbdefb2001ecf9f28800571b62fa85ce96c3a6d02f96103fa9b782cef54a71bd8328280e68ec64d112c1c8b4d5ad75b935b602d8940537737b14f2140ae28c0fcd07ed519b69e999069df7b5c601277af708333c71988d029736874ef87c540dabd099dab26e57a7df04fb18601327ee69d27b040e9da7126a405"}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r9 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r10, 0x600000c, 0x4010, r9, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x410100, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 1m19.491136269s ago: executing program 3 (id=300): mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bff000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100006, &(0x7f00000000c0)=0x7ffffffc}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x12000)=nil, 0x930, 0x8, 0x13, r6, 0x20000000) 1m9.716338479s ago: executing program 1 (id=301): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000300)}, 0x0, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_DEVICE(r6, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CAP_HALT_POLL(r8, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81}) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r8, r4, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x84000014, [0x7fffffff, 0xfffffffffffffffa, 0x80, 0x40, 0xeb1]}}, @msr={0x14, 0x20, {0x0, 0x3}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x5c}}, @irq_setup={0x46, 0x18, {0x4, 0x1ea}}, @mrs={0xbe, 0x18, {0x603000000013e08f}}, @eret={0xe6, 0x18, 0x5}, @uexit={0x0, 0x18, 0x2}, @msr={0x14, 0x20, {0x603000000013e6df, 0x58}}, @svc={0x122, 0x40, {0x1000, [0x4, 0xffffffffffffffff, 0x3d35, 0x3, 0xfffffffffffffffe]}}, @mrs={0xbe, 0x18, {0x603000000013e208}}], 0x178}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x84}], 0x1) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000) (async) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000000)={0x1, 0x10}) 58.338662335s ago: executing program 3 (id=302): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0xcf, 0x9, &(0x7f0000000000)=0x5}) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64) syz_kvm_assert_syzos_uexit$arm64(r6, 0xffffffffffffffff) (rerun: 64) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34) ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x66) 50.609087293s ago: executing program 1 (id=303): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r6, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x40241, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) r8 = eventfd2(0xfffffffa, 0x80001) write$eventfd(r8, &(0x7f0000000200)=0x8, 0x8) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e227ffe) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfe000/0x400000)=nil) 9.517767577s ago: executing program 43 (id=302): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0xcf, 0x9, &(0x7f0000000000)=0x5}) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64) syz_kvm_assert_syzos_uexit$arm64(r6, 0xffffffffffffffff) (rerun: 64) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34) ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x66) 0s ago: executing program 44 (id=303): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r6, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x40241, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) r8 = eventfd2(0xfffffffa, 0x80001) write$eventfd(r8, &(0x7f0000000200)=0x8, 0x8) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e227ffe) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfe000/0x400000)=nil) kernel console output (not intermixed with test programs): [ 392.519208][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 410.424261][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:6330' (ED25519) to the list of known hosts. [ 585.454147][ T25] audit: type=1400 audit(584.680:61): avc: denied { name_bind } for pid=3311 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 587.397514][ T25] audit: type=1400 audit(586.620:62): avc: denied { execute } for pid=3312 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 587.453046][ T25] audit: type=1400 audit(586.670:63): avc: denied { execute_no_trans } for pid=3312 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 609.001137][ T25] audit: type=1400 audit(608.230:64): avc: denied { mounton } for pid=3312 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 609.033982][ T25] audit: type=1400 audit(608.260:65): avc: denied { mount } for pid=3312 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 609.119978][ T3312] cgroup: Unknown subsys name 'net' [ 609.171126][ T25] audit: type=1400 audit(608.400:66): avc: denied { unmount } for pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 609.545304][ T3312] cgroup: Unknown subsys name 'cpuset' [ 609.645644][ T3312] cgroup: Unknown subsys name 'rlimit' [ 610.558620][ T25] audit: type=1400 audit(609.770:67): avc: denied { setattr } for pid=3312 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 610.565651][ T25] audit: type=1400 audit(609.780:68): avc: denied { mounton } for pid=3312 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 610.590783][ T25] audit: type=1400 audit(609.810:69): avc: denied { mount } for pid=3312 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 611.774737][ T3315] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 611.794418][ T25] audit: type=1400 audit(611.020:70): avc: denied { relabelto } for pid=3315 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 611.827351][ T25] audit: type=1400 audit(611.040:71): avc: denied { write } for pid=3315 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 612.002226][ T25] audit: type=1400 audit(611.230:72): avc: denied { read } for pid=3312 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 612.020602][ T25] audit: type=1400 audit(611.240:73): avc: denied { open } for pid=3312 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 612.063684][ T3312] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 662.500530][ T25] audit: type=1400 audit(661.730:74): avc: denied { execmem } for pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 667.100617][ T25] audit: type=1400 audit(666.330:75): avc: denied { read } for pid=3318 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 667.131235][ T25] audit: type=1400 audit(666.360:76): avc: denied { open } for pid=3318 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 667.220764][ T25] audit: type=1400 audit(666.420:77): avc: denied { mounton } for pid=3318 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 667.463765][ T25] audit: type=1400 audit(666.680:78): avc: denied { module_request } for pid=3318 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 667.502579][ T25] audit: type=1400 audit(666.730:79): avc: denied { module_request } for pid=3319 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 668.573712][ T25] audit: type=1400 audit(667.800:80): avc: denied { sys_module } for pid=3319 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 692.283707][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.513569][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 692.574397][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.940958][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 709.901795][ T3319] hsr_slave_0: entered promiscuous mode [ 709.930467][ T3319] hsr_slave_1: entered promiscuous mode [ 710.723939][ T3318] hsr_slave_0: entered promiscuous mode [ 710.798288][ T3318] hsr_slave_1: entered promiscuous mode [ 710.829706][ T3318] debugfs: 'hsr0' already exists in 'hsr' [ 710.849700][ T3318] Cannot create hsr debugfs directory [ 716.074136][ T25] audit: type=1400 audit(715.300:81): avc: denied { create } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 716.169374][ T25] audit: type=1400 audit(715.340:82): avc: denied { write } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 716.195590][ T25] audit: type=1400 audit(715.410:83): avc: denied { read } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 716.323923][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 716.695127][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 717.033780][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 717.308795][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 718.755096][ T3318] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 718.944462][ T3318] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 719.094881][ T3318] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 719.279630][ T3318] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 731.750850][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 733.851470][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 789.139197][ T3319] veth0_vlan: entered promiscuous mode [ 789.531451][ T3319] veth1_vlan: entered promiscuous mode [ 791.484021][ T3319] veth0_macvtap: entered promiscuous mode [ 791.569939][ T3318] veth0_vlan: entered promiscuous mode [ 791.881036][ T3319] veth1_macvtap: entered promiscuous mode [ 792.484408][ T3318] veth1_vlan: entered promiscuous mode [ 794.132458][ T3366] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.184442][ T3366] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.199425][ T3366] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.222135][ T3366] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.543176][ T3318] veth0_macvtap: entered promiscuous mode [ 796.205776][ T3318] veth1_macvtap: entered promiscuous mode [ 796.481796][ T25] audit: type=1400 audit(795.630:84): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 796.644529][ T25] audit: type=1400 audit(795.850:85): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.dVhPIq/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 796.832510][ T25] audit: type=1400 audit(796.040:86): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 797.234549][ T25] audit: type=1400 audit(796.390:87): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.dVhPIq/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 797.374255][ T25] audit: type=1400 audit(796.600:88): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.dVhPIq/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 798.022040][ T25] audit: type=1400 audit(797.250:89): avc: denied { unmount } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 798.192658][ T25] audit: type=1400 audit(797.390:90): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 798.279802][ T25] audit: type=1400 audit(797.500:91): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=3750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 798.323761][ T29] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 798.332028][ T29] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 798.342610][ T29] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 798.399866][ T29] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 798.657235][ T25] audit: type=1400 audit(797.870:92): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 798.770770][ T25] audit: type=1400 audit(797.990:93): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 800.472525][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 810.045179][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 810.068082][ T25] audit: type=1400 audit(809.270:98): avc: denied { read } for pid=3470 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 810.101125][ T25] audit: type=1400 audit(809.330:99): avc: denied { open } for pid=3470 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 810.508723][ T25] audit: type=1400 audit(809.660:100): avc: denied { ioctl } for pid=3470 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 821.281954][ T25] audit: type=1400 audit(820.500:101): avc: denied { append } for pid=3479 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 831.618295][ T25] audit: type=1400 audit(830.800:102): avc: denied { execute } for pid=3490 comm="syz.1.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3958 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 899.377882][ T25] audit: type=1400 audit(898.600:103): avc: denied { write } for pid=3537 comm="syz.0.19" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 935.291951][ T3567] kvm [3567]: Failed to find VMA for hva 0x21016000 [ 992.978802][ T25] audit: type=1400 audit(992.200:104): avc: denied { map } for pid=3594 comm="syz.0.36" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 993.024072][ T25] audit: type=1400 audit(992.250:105): avc: denied { execute } for pid=3594 comm="syz.0.36" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1097.381276][ T3606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1098.012320][ T3606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1109.440263][ T3614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1110.010326][ T3614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1122.218306][ T3606] hsr_slave_0: entered promiscuous mode [ 1122.296939][ T3606] hsr_slave_1: entered promiscuous mode [ 1122.348434][ T3606] debugfs: 'hsr0' already exists in 'hsr' [ 1122.351568][ T3606] Cannot create hsr debugfs directory [ 1138.282164][ T3614] hsr_slave_0: entered promiscuous mode [ 1138.330356][ T3614] hsr_slave_1: entered promiscuous mode [ 1138.399460][ T3614] debugfs: 'hsr0' already exists in 'hsr' [ 1138.405785][ T3614] Cannot create hsr debugfs directory [ 1143.084653][ T3606] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1143.502633][ T3606] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1144.718245][ T3606] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1145.320428][ T3606] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1155.349831][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1156.661664][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1158.154677][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1158.995274][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1162.267840][ T3614] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1162.931693][ T3614] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1163.937447][ T3614] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1171.704094][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1171.873904][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1171.973753][ T12] bond0 (unregistering): Released all slaves [ 1172.470466][ T3614] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1173.611759][ T12] hsr_slave_0: left promiscuous mode [ 1173.739382][ T12] hsr_slave_1: left promiscuous mode [ 1174.083131][ T12] veth1_macvtap: left promiscuous mode [ 1174.098155][ T12] veth0_macvtap: left promiscuous mode [ 1174.110969][ T12] veth1_vlan: left promiscuous mode [ 1174.148776][ T12] veth0_vlan: left promiscuous mode [ 1199.259960][ T3369] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1200.463583][ T3369] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.522665][ T3369] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1202.735404][ T3369] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1203.345028][ T3606] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1219.385664][ T3369] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1219.463740][ T3369] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1219.548470][ T3369] bond0 (unregistering): Released all slaves [ 1221.009249][ T3369] hsr_slave_0: left promiscuous mode [ 1221.104486][ T3369] hsr_slave_1: left promiscuous mode [ 1221.578148][ T3369] veth1_macvtap: left promiscuous mode [ 1221.579395][ T3369] veth0_macvtap: left promiscuous mode [ 1221.589193][ T3369] veth1_vlan: left promiscuous mode [ 1221.590524][ T3369] veth0_vlan: left promiscuous mode [ 1242.091888][ T3614] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1316.032239][ T3606] veth0_vlan: entered promiscuous mode [ 1316.840702][ T3606] veth1_vlan: entered promiscuous mode [ 1319.730097][ T3606] veth0_macvtap: entered promiscuous mode [ 1320.369210][ T3606] veth1_macvtap: entered promiscuous mode [ 1323.284495][ T3664] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.303134][ T3664] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.349921][ T3664] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.358967][ T3664] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1336.491269][ T3614] veth0_vlan: entered promiscuous mode [ 1337.171012][ T3614] veth1_vlan: entered promiscuous mode [ 1340.698865][ T3614] veth0_macvtap: entered promiscuous mode [ 1341.151449][ T3614] veth1_macvtap: entered promiscuous mode [ 1343.928727][ T29] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1343.939747][ T29] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1343.991900][ T29] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1344.033294][ T29] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.440855][ T25] audit: type=1400 audit(1492.660:106): avc: denied { setattr } for pid=3895 comm="syz.3.57" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1555.865712][ T3664] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1558.112127][ T3664] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1560.384751][ T3664] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1562.640329][ T3664] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1586.399295][ T3664] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1586.862330][ T3664] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1587.082143][ T3664] bond0 (unregistering): Released all slaves [ 1589.572010][ T3664] hsr_slave_0: left promiscuous mode [ 1589.669278][ T3664] hsr_slave_1: left promiscuous mode [ 1590.428555][ T3664] veth1_macvtap: left promiscuous mode [ 1590.431479][ T3664] veth0_macvtap: left promiscuous mode [ 1590.458729][ T3664] veth1_vlan: left promiscuous mode [ 1590.488675][ T3664] veth0_vlan: left promiscuous mode [ 1681.384667][ T3927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1681.819461][ T3927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1714.913674][ T3927] hsr_slave_0: entered promiscuous mode [ 1715.021166][ T3927] hsr_slave_1: entered promiscuous mode [ 1734.724549][ T3927] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1735.313606][ T3927] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1735.812484][ T3927] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1736.235613][ T3927] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1770.090166][ T3927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1924.650447][ T3927] veth0_vlan: entered promiscuous mode [ 1925.819087][ T3927] veth1_vlan: entered promiscuous mode [ 1929.778252][ T3927] veth0_macvtap: entered promiscuous mode [ 1930.378379][ T3927] veth1_macvtap: entered promiscuous mode [ 1934.408304][ T3965] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1934.441952][ T3965] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1934.480353][ T3965] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1934.572711][ T3965] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2095.224487][ T3455] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2097.329797][ T3455] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2099.431587][ T3455] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2101.401744][ T3455] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2131.944694][ T3455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2132.382817][ T3455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2132.691012][ T3455] bond0 (unregistering): Released all slaves [ 2135.592539][ T3455] hsr_slave_0: left promiscuous mode [ 2135.664235][ T3455] hsr_slave_1: left promiscuous mode [ 2136.212306][ T3455] veth1_macvtap: left promiscuous mode [ 2136.219154][ T3455] veth0_macvtap: left promiscuous mode [ 2136.289527][ T3455] veth1_vlan: left promiscuous mode [ 2136.308023][ T3455] veth0_vlan: left promiscuous mode [ 2228.222439][ T4271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2228.689624][ T4271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2264.951265][ T4271] hsr_slave_0: entered promiscuous mode [ 2265.094136][ T4271] hsr_slave_1: entered promiscuous mode [ 2289.039652][ T4271] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2289.562150][ T4271] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2290.272322][ T4271] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2290.789485][ T4271] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2325.124238][ T4271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2494.248939][ T4271] veth0_vlan: entered promiscuous mode [ 2495.095213][ T4271] veth1_vlan: entered promiscuous mode [ 2498.852048][ T4271] veth0_macvtap: entered promiscuous mode [ 2499.422217][ T4271] veth1_macvtap: entered promiscuous mode [ 2503.263428][ T3691] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2503.293315][ T42] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2503.334337][ T42] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2503.359638][ T42] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2569.593375][ T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2572.057469][ T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2574.244843][ T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2576.089320][ T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2602.092534][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2602.468093][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2602.690967][ T42] bond0 (unregistering): Released all slaves [ 2605.541079][ T42] hsr_slave_0: left promiscuous mode [ 2605.657191][ T42] hsr_slave_1: left promiscuous mode [ 2606.323103][ T42] veth1_macvtap: left promiscuous mode [ 2606.328213][ T42] veth0_macvtap: left promiscuous mode [ 2606.348720][ T42] veth1_vlan: left promiscuous mode [ 2606.359492][ T42] veth0_vlan: left promiscuous mode [ 2705.120742][ T4571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2705.611356][ T4571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2748.242190][ T4571] hsr_slave_0: entered promiscuous mode [ 2748.403820][ T4571] hsr_slave_1: entered promiscuous mode [ 2748.488302][ T4571] debugfs: 'hsr0' already exists in 'hsr' [ 2748.493138][ T4571] Cannot create hsr debugfs directory [ 2774.135639][ T4571] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2774.857660][ T4571] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2775.450315][ T4571] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2775.957977][ T4571] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2813.752511][ T4571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2997.303109][ T4571] veth0_vlan: entered promiscuous mode [ 2998.851560][ T4571] veth1_vlan: entered promiscuous mode [ 3003.578648][ T4571] veth0_macvtap: entered promiscuous mode [ 3004.558748][ T4571] veth1_macvtap: entered promiscuous mode [ 3009.073493][ T3691] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3009.082439][ T3691] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3009.128899][ T3691] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3009.260359][ T3691] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3394.574083][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3396.713032][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3398.672313][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3400.534406][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3424.282439][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3424.935016][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3425.370651][ T12] bond0 (unregistering): Released all slaves [ 3427.588670][ T12] hsr_slave_0: left promiscuous mode [ 3427.798549][ T12] hsr_slave_1: left promiscuous mode [ 3428.293872][ T12] veth1_macvtap: left promiscuous mode [ 3428.322853][ T12] veth0_macvtap: left promiscuous mode [ 3428.372190][ T12] veth1_vlan: left promiscuous mode [ 3428.380432][ T12] veth0_vlan: left promiscuous mode [ 3456.398032][ T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3457.454204][ T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3458.825277][ T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3460.982631][ T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3488.643006][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3489.072620][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3489.348295][ T12] bond0 (unregistering): Released all slaves [ 3491.839696][ T12] hsr_slave_0: left promiscuous mode [ 3491.948142][ T12] hsr_slave_1: left promiscuous mode [ 3492.618341][ T12] veth1_macvtap: left promiscuous mode [ 3492.668856][ T12] veth0_macvtap: left promiscuous mode [ 3492.679234][ T12] veth1_vlan: left promiscuous mode [ 3492.680773][ T12] veth0_vlan: left promiscuous mode [ 3535.863766][ T4980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3536.270658][ T4980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3548.222602][ T4988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3548.638288][ T4988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3572.193430][ T4980] hsr_slave_0: entered promiscuous mode [ 3572.301963][ T4980] hsr_slave_1: entered promiscuous mode [ 3582.614427][ T4988] hsr_slave_0: entered promiscuous mode [ 3582.722608][ T4988] hsr_slave_1: entered promiscuous mode [ 3582.812278][ T4988] debugfs: 'hsr0' already exists in 'hsr' [ 3582.820205][ T4988] Cannot create hsr debugfs directory [ 3595.009526][ T4980] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3596.388591][ T4980] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3598.191080][ T4980] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3599.388626][ T4980] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3611.054358][ T4988] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3611.649207][ T4988] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3612.095731][ T4988] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3612.887929][ T4988] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3638.372210][ T4980] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3648.349988][ T4988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3814.261556][ T4980] veth0_vlan: entered promiscuous mode [ 3815.562082][ T4980] veth1_vlan: entered promiscuous mode [ 3819.482647][ T4980] veth0_macvtap: entered promiscuous mode [ 3820.162984][ T4980] veth1_macvtap: entered promiscuous mode [ 3824.311319][ T4811] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3824.313998][ T4811] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3824.330914][ T4582] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3824.491410][ T3965] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3827.629977][ T4988] veth0_vlan: entered promiscuous mode [ 3831.021828][ T4988] veth1_vlan: entered promiscuous mode [ 3837.284410][ T4988] veth0_macvtap: entered promiscuous mode [ 3838.302655][ T4988] veth1_macvtap: entered promiscuous mode [ 3842.971441][ T3369] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3842.999626][ T3369] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3843.192015][ T4284] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3843.193143][ T4284] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4412.173493][ T3366] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4413.845712][ T3366] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4415.485178][ T3366] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4417.111121][ T3366] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4444.598736][ T3366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4445.017357][ T3366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4445.235057][ T3366] bond0 (unregistering): Released all slaves [ 4448.291348][ T3366] hsr_slave_0: left promiscuous mode [ 4448.400703][ T3366] hsr_slave_1: left promiscuous mode [ 4449.143010][ T3366] veth1_macvtap: left promiscuous mode [ 4449.161976][ T3366] veth0_macvtap: left promiscuous mode [ 4449.169072][ T3366] veth1_vlan: left promiscuous mode [ 4449.250365][ T3366] veth0_vlan: left promiscuous mode [ 4482.564454][ T5099] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4483.724580][ T5099] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4485.842517][ T5099] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4487.872401][ T5099] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4523.993457][ T5099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4524.413875][ T5099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4524.659434][ T5099] bond0 (unregistering): Released all slaves [ 4527.247949][ T5099] hsr_slave_0: left promiscuous mode [ 4527.349101][ T5099] hsr_slave_1: left promiscuous mode [ 4528.193572][ T5099] veth1_macvtap: left promiscuous mode [ 4528.261025][ T5099] veth0_macvtap: left promiscuous mode [ 4528.288884][ T5099] veth1_vlan: left promiscuous mode [ 4528.318269][ T5099] veth0_vlan: left promiscuous mode [ 4582.102542][ T5455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4582.541871][ T5455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4587.442775][ T5460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4587.802764][ T5460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4620.841828][ T5455] hsr_slave_0: entered promiscuous mode [ 4621.064203][ T5455] hsr_slave_1: entered promiscuous mode [ 4626.745578][ T5460] hsr_slave_0: entered promiscuous mode [ 4626.795615][ T5460] hsr_slave_1: entered promiscuous mode [ 4626.908154][ T5460] debugfs: 'hsr0' already exists in 'hsr' [ 4626.917341][ T5460] Cannot create hsr debugfs directory [ 4651.515205][ T5455] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4654.039624][ T5455] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4656.493276][ T5455] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4657.315593][ T5455] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4669.135639][ T5460] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 4669.830662][ T5460] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 4670.582111][ T5460] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 4671.253475][ T5460] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 4700.105732][ T5455] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4713.471234][ T5460] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4869.053796][ T5460] veth0_vlan: entered promiscuous mode [ 4870.551205][ T5460] veth1_vlan: entered promiscuous mode [ 4875.021847][ T5460] veth0_macvtap: entered promiscuous mode [ 4875.991236][ T5460] veth1_macvtap: entered promiscuous mode [ 4881.087016][ T3965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4881.092234][ T3965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4881.240932][ T4607] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4881.259454][ T4607] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4890.888279][ T5455] veth0_vlan: entered promiscuous mode [ 4892.842004][ T5455] veth1_vlan: entered promiscuous mode [ 4897.937988][ T5455] veth0_macvtap: entered promiscuous mode [ 4899.123870][ T5455] veth1_macvtap: entered promiscuous mode [ 4904.567674][ T5612] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4904.643019][ T3965] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4904.689508][ T4582] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4904.694188][ T4582] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5583.549743][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5587.134163][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5590.183771][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5593.262895][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5628.683928][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5629.152452][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5629.520009][ T12] bond0 (unregistering): Released all slaves [ 5635.114614][ T12] hsr_slave_0: left promiscuous mode [ 5635.283863][ T12] hsr_slave_1: left promiscuous mode [ 5636.052223][ T12] veth1_macvtap: left promiscuous mode [ 5636.121272][ T12] veth0_macvtap: left promiscuous mode [ 5636.148593][ T12] veth1_vlan: left promiscuous mode [ 5636.150120][ T12] veth0_vlan: left promiscuous mode [ 5671.420668][ T5915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5673.523109][ T5915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5686.954754][ T12] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5689.394986][ T12] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5691.462735][ T12] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5693.838746][ T12] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5720.124544][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5720.300577][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5720.354521][ T12] bond0 (unregistering): Released all slaves [ 5723.528943][ T12] hsr_slave_0: left promiscuous mode [ 5723.660915][ T12] hsr_slave_1: left promiscuous mode [ 5724.518586][ T12] veth1_macvtap: left promiscuous mode [ 5724.522026][ T12] veth0_macvtap: left promiscuous mode [ 5724.569969][ T12] veth1_vlan: left promiscuous mode [ 5724.580124][ T12] veth0_vlan: left promiscuous mode [ 5756.224387][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5756.719851][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5759.969837][ T5915] hsr_slave_0: entered promiscuous mode [ 5760.013208][ T5915] hsr_slave_1: entered promiscuous mode [ 5798.404174][ T5915] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 5799.601215][ T5928] hsr_slave_0: entered promiscuous mode [ 5799.741120][ T5928] hsr_slave_1: entered promiscuous mode [ 5799.799708][ T5928] debugfs: 'hsr0' already exists in 'hsr' [ 5799.807375][ T5928] Cannot create hsr debugfs directory [ 5799.868349][ T5915] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 5800.410378][ T5915] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 5802.097312][ T5915] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 5839.028134][ T5928] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 5839.385724][ T5928] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 5840.351980][ T5928] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 5840.644424][ T5928] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 5848.701494][ T5915] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5885.459143][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6001.809401][ T5915] veth0_vlan: entered promiscuous mode [ 6003.919400][ T5915] veth1_vlan: entered promiscuous mode [ 6009.133167][ T5915] veth0_macvtap: entered promiscuous mode [ 6009.979057][ T5915] veth1_macvtap: entered promiscuous mode [ 6014.045658][ T5612] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6014.173869][ T5968] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6014.189467][ T5968] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6014.213181][ T5968] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6041.851175][ T5928] veth0_vlan: entered promiscuous mode [ 6043.958757][ T5928] veth1_vlan: entered promiscuous mode [ 6048.739136][ T5928] veth0_macvtap: entered promiscuous mode [ 6049.910302][ T5928] veth1_macvtap: entered promiscuous mode [ 6055.289274][ T5926] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6055.545700][ T5932] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6055.610049][ T4811] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6055.672148][ T5969] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6390.091915][ T6251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6390.663083][ T6251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6398.023580][ T6255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6398.703466][ T6255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6451.385412][ T6251] hsr_slave_0: entered promiscuous mode [ 6451.535570][ T6251] hsr_slave_1: entered promiscuous mode [ 6451.709897][ T6251] debugfs: 'hsr0' already exists in 'hsr' [ 6451.718096][ T6251] Cannot create hsr debugfs directory [ 6459.215495][ T6255] hsr_slave_0: entered promiscuous mode [ 6459.450406][ T6255] hsr_slave_1: entered promiscuous mode [ 6459.571216][ T6255] debugfs: 'hsr0' already exists in 'hsr' [ 6459.614207][ T6255] Cannot create hsr debugfs directory [ 6519.279432][ T6251] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 6520.414097][ T6251] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 6521.783949][ T6251] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 6524.038221][ T6251] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 6532.494354][ T6255] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 6533.296962][ T6255] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 6533.884310][ T6255] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 6534.751296][ T6255] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 6578.075282][ T6251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6587.380080][ T6255] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6629.732161][ T27] INFO: task syz.1.303:6235 blocked for more than 430 seconds. [ 6629.769107][ T27] Not tainted syzkaller #0 [ 6629.821838][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 6629.831761][ T27] task:syz.1.303 state:D stack:0 pid:6235 tgid:6235 ppid:5915 task_flags:0x400040 flags:0x00000019 [ 6629.861367][ T27] Call trace: [ 6629.862019][ T27] __switch_to+0x584/0xb20 (T) [ 6629.864147][ T27] __schedule+0x1eec/0x33a4 [ 6629.864728][ T27] schedule+0xac/0x27c [ 6629.865250][ T27] schedule_timeout+0x5c/0x1e4 [ 6629.865713][ T27] do_wait_for_common+0x28c/0x444 [ 6629.987966][ T27] wait_for_completion+0x44/0x5c [ 6629.998786][ T27] __synchronize_srcu+0x2a4/0x320 [ 6629.999486][ T27] synchronize_srcu+0x3cc/0x4f0 [ 6629.999966][ T27] mmu_notifier_unregister+0x320/0x42c [ 6630.000433][ T27] kvm_put_kvm+0x6a0/0xfa8 [ 6630.000845][ T27] kvm_vm_release+0x58/0x78 [ 6630.001300][ T27] __fput+0x4ac/0x980 [ 6630.001752][ T27] ____fput+0x20/0x58 [ 6630.002188][ T27] task_work_run+0x1bc/0x254 [ 6630.002594][ T27] do_notify_resume+0x1bc/0x270 [ 6630.003041][ T27] el0_svc+0xb8/0x164 [ 6630.003467][ T27] el0t_64_sync_handler+0x84/0x12c [ 6630.003903][ T27] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc [ 6630.165600][ T27] [ 6630.165600][ T27] Showing all locks held in the system: [ 6630.218516][ T27] 1 lock held by khungtaskd/27: [ 6630.219028][ T27] #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [ 6630.221569][ T27] 1 lock held by syslogd/3115: [ 6630.221993][ T27] 2 locks held by getty/3185: [ 6630.222355][ T27] #0: f3f0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 6630.224005][ T27] #1: c4ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [ 6630.225663][ T27] 1 lock held by sshd-session/3311: [ 6630.338105][ T27] 1 lock held by syz-executor/3312: [ 6630.338540][ T27] 2 locks held by kworker/u4:4/3366: [ 6630.338869][ T27] 3 locks held by kworker/u4:9/3691: [ 6630.339222][ T27] 3 locks held by kworker/u4:12/4607: [ 6630.339529][ T27] 3 locks held by kworker/u4:6/4811: [ 6630.339837][ T27] 3 locks held by kworker/u4:13/5007: [ 6630.340171][ T27] 3 locks held by kworker/u4:3/5612: [ 6630.340476][ T27] 3 locks held by kworker/u4:7/5926: [ 6630.340760][ T27] 2 locks held by kworker/u4:8/5932: [ 6630.341074][ T27] #0: bbf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 6630.342878][ T27] #1: ffff80008fb37c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 6630.344530][ T27] 3 locks held by kworker/u4:15/5968: [ 6630.344887][ T27] 2 locks held by syz.3.302/6230: [ 6630.345260][ T27] 2 locks held by modprobe/6405: [ 6630.345767][ T27] fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 6630.538117][ T27] ============================================= [ 6630.538117][ T27] [ 6650.877832][ T27] INFO: task syz.1.303:6235 blocked for more than 451 seconds. [ 6650.880186][ T27] Not tainted syzkaller #0 [ 6650.880790][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 6650.881125][ T27] task:syz.1.303 state:D stack:0 pid:6235 tgid:6235 ppid:5915 task_flags:0x400040 flags:0x00000019 [ 6650.881883][ T27] Call trace: [ 6650.882179][ T27] __switch_to+0x584/0xb20 (T) [ 6650.882714][ T27] __schedule+0x1eec/0x33a4 [ 6650.883225][ T27] schedule+0xac/0x27c [ 6650.883683][ T27] schedule_timeout+0x5c/0x1e4 [ 6650.884123][ T27] do_wait_for_common+0x28c/0x444 [ 6650.884510][ T27] wait_for_completion+0x44/0x5c [ 6650.885045][ T27] __synchronize_srcu+0x2a4/0x320 [ 6650.885523][ T27] synchronize_srcu+0x3cc/0x4f0 [ 6651.031900][ T27] mmu_notifier_unregister+0x320/0x42c [ 6651.032550][ T27] kvm_put_kvm+0x6a0/0xfa8 [ 6651.032996][ T27] kvm_vm_release+0x58/0x78 [ 6651.033472][ T27] __fput+0x4ac/0x980 [ 6651.033885][ T27] ____fput+0x20/0x58 [ 6651.034285][ T27] task_work_run+0x1bc/0x254 [ 6651.034682][ T27] do_notify_resume+0x1bc/0x270 [ 6651.035137][ T27] el0_svc+0xb8/0x164 [ 6651.035560][ T27] el0t_64_sync_handler+0x84/0x12c [ 6651.129754][ T27] el0t_64_sync+0x198/0x19c [ 6651.130593][ T27] [ 6651.130593][ T27] Showing all locks held in the system: [ 6651.130935][ T27] 1 lock held by khungtaskd/27: [ 6651.131256][ T27] #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [ 6651.133082][ T27] 2 locks held by getty/3185: [ 6651.133438][ T27] #0: f3f0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 6651.135087][ T27] #1: c4ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [ 6651.239446][ T27] 3 locks held by kworker/u4:4/3366: [ 6651.239788][ T27] 3 locks held by kworker/u4:9/3691: [ 6651.240170][ T27] 3 locks held by kworker/u4:6/4811: [ 6651.240506][ T27] 3 locks held by kworker/u4:3/5612: [ 6651.240823][ T27] 2 locks held by kworker/u4:8/5932: [ 6651.241143][ T27] #0: bbf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 6651.242871][ T27] #1: ffff80008fb37c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 6651.244521][ T27] 2 locks held by kworker/u4:15/5968: [ 6651.244880][ T27] 2 locks held by syz.3.302/6230: [ 6651.245202][ T27] 2 locks held by syz-executor/6251: [ 6651.245521][ T27] 2 locks held by syz-executor/6255: [ 6651.394372][ T27] 3 locks held by kworker/u4:2/6295: [ 6651.398844][ T27] 2 locks held by cmp/6408: [ 6651.399303][ T27] 4 locks held by modprobe/6410: [ 6651.399670][ T27] [ 6651.399922][ T27] ============================================= [ 6651.399922][ T27] VM DIAGNOSIS: 15:08:25 Registers: info registers vcpu 0 CPU#0 PC=ffff8000865a5af8 X00=0000000000000001 X01=ffff80008712372d X02=0000000000000008 X03=0000000000000002 X04=0000000000000000 X05=0000000000000000 X06=0000000000000000 X07=ffff800085a0b5ac X08=b9f0000015e78000 X09=0000000000000000 X10=0000000000ff0100 X11=00000000000000fe X12=b9f0000015e78ab0 X13=0000000000000028 X14=ffffffffffffffff X15=ffff800080007680 X16=ffff800080010e20 X17=0000000000000087 X18=00000000000000ff X19=0000000000000000 X20=b9f0000015e78000 X21=ffff800087876d18 X22=ffff800087750000 X23=000000000000ffff X24=00000000000058c0 X25=000000000f02000a X26=0000000000000016 X27=0000000000000007 X28=e9f0000011b12694 X29=ffff800080007750 X30=ffff8000804e851c SP=ffff800080007730 PSTATE=60402009 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000306e6f6d6c6e:000030667663696e Z01=ffff000000000000:ffff000000000000 Z02=0000000000000000:ff000000ff000000 Z03=ffffffff00ff0000:0000000000000000 Z04=0000000000000000:ffff0f0000000000 Z05=bb448243222c92da:e3914ed4e87380b0 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=43788d6f07084f17:4508b00c6052a10f Z17=6b69be1163cb6500:a4ac85c293540e63 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000