last executing test programs: 2h50m36.686676877s ago: executing program 32 (id=29): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x1ff, 0x53b19005, &(0x7f0000000000)=0x80000001}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r6, 0x4208ae9b, &(0x7f00000001c0)={0x1, 0x0, {[0x0, 0x3, 0xff, 0xffffffff, 0x2, 0x0, 0x9, 0x3, 0x1, 0x7f, 0xffe7, 0x7, 0x4, 0x3e3, 0x7, 0x2], [0x800, 0x4ded, 0x2, 0x5, 0x9, 0x8, 0x8, 0x8, 0x1, 0x7, 0x6, 0x1, 0xd, 0x5, 0x100, 0x9], [0xc35, 0x7, 0x860d, 0x0, 0x6, 0x7fffffffffffffff, 0x7, 0x7d, 0x4ef, 0x3, 0x554e, 0x7, 0x1, 0x2, 0x3], [0x8, 0x74000f39, 0xf000000000000000, 0x8, 0x71, 0x3, 0x10000, 0x80, 0x7fff, 0x68e, 0x2, 0x7, 0x2, 0x8, 0xfffffffffffffff9, 0x100000001]}}) r7 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_assert_reg(r8, 0x6, 0x8000) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r9 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x9, 0x0, &(0x7f0000000180)=0x807fffc}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x1ff, 0x53b19005, &(0x7f0000000000)=0x80000001}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async) ioctl$KVM_SET_GUEST_DEBUG_arm64(r6, 0x4208ae9b, &(0x7f00000001c0)={0x1, 0x0, {[0x0, 0x3, 0xff, 0xffffffff, 0x2, 0x0, 0x9, 0x3, 0x1, 0x7f, 0xffe7, 0x7, 0x4, 0x3e3, 0x7, 0x2], [0x800, 0x4ded, 0x2, 0x5, 0x9, 0x8, 0x8, 0x8, 0x1, 0x7, 0x6, 0x1, 0xd, 0x5, 0x100, 0x9], [0xc35, 0x7, 0x860d, 0x0, 0x6, 0x7fffffffffffffff, 0x7, 0x7d, 0x4ef, 0x3, 0x554e, 0x7, 0x1, 0x2, 0x3], [0x8, 0x74000f39, 0xf000000000000000, 0x8, 0x71, 0x3, 0x10000, 0x80, 0x7fff, 0x68e, 0x2, 0x7, 0x2, 0x8, 0xfffffffffffffff9, 0x100000001]}}) (async) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_assert_reg(r8, 0x6, 0x8000) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x9, 0x0, &(0x7f0000000180)=0x807fffc}) (async) 2h50m32.005990896s ago: executing program 33 (id=30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x5}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x18000, 0x0) close(r3) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0xa5) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f0000000100)={0x7, 0x779e}) (async) munmap(&(0x7f0000351000/0x2000)=nil, 0x2000) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_assert_reg(r9, 0x603000000013df01, 0x8000) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) 2h17m11.493912901s ago: executing program 34 (id=267): mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000d93000/0x4000)=nil, 0x0, 0x1000001, 0x10, r2, 0x0) r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3}) ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000001) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000200)={0xffffffffffffffff, 0x9, 0x1}) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x20) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x100, 0x0, 0x1}}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) 2h17m5.144053105s ago: executing program 35 (id=268): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0) (async) r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0x8004b706, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) (async) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) close(0x4) close(0x5) mmap$KVM_VCPU(&(0x7f0000b03000/0x4000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async) mmap$KVM_VCPU(&(0x7f0000b03000/0x4000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) 2h4m7.908359491s ago: executing program 36 (id=311): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000200)=[@its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x1, 0x3, 0x1, 0x8, 0x4}}], 0x28}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=[@featur2={0x1, 0xf6}], 0x1) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r9, 0x2, 0x200) r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x25) ioctl$KVM_CHECK_EXTENSION_VM(r12, 0xae03, 0x88) r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r14, 0x8924, 0x110c230022) 2h3m51.716653729s ago: executing program 37 (id=312): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x167001, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async, rerun: 32) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (rerun: 32) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r7 = ioctl$KVM_CREATE_VM(r6, 0x894c, 0x0) close(r7) ioctl$KVM_ASSIGN_SET_MSIX_NR(r5, 0x4008ae73, 0x0) ioctl$KVM_CREATE_VM(r3, 0x400454cb, 0x1000001f) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r9, 0x100000d, 0x1f, 0xffffffffffffffff, 0x0) (async) r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e72000/0x2000)=nil, r9, 0x2000008, 0x10, r10, 0x0) (async, rerun: 32) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 32) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async, rerun: 32) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (rerun: 32) ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x3, 0x4, 0x1000, &(0x7f0000d0d000/0x1000)=nil}) 1h52m7.174053146s ago: executing program 6 (id=332): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x8040aeb6, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) eventfd2(0x8, 0x80800) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, 0x0) ioctl$KVM_SET_REGS(r7, 0x4360ae82, 0xffffffffffffffff) openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000}) close(r9) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f0000000080)={0x10002, 0x0, &(0x7f0000002000/0x1000)=nil}) r11 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r10, 0x40000) syz_memcpy_off$KVM_EXIT_MMIO(r11, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18) 1h51m41.188525477s ago: executing program 6 (id=334): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r7 = ioctl$KVM_CREATE_VM(r6, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0x8008b705, 0x0) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000040)=@arm64_sve_vls={0x606000000015ffff, 0x0}) r13 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f00000002c0)=0x5}) r14 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_sve={0x6080000000150107}) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, 0x0}) 1h51m15.157174052s ago: executing program 6 (id=336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xe6) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_GET_REGS(r4, 0x8360ae81, 0x0) 1h50m41.136482692s ago: executing program 38 (id=335): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r5) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) r8 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r7, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) r9 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x33d2}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x9, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013d801}}, @irq_setup={0x46, 0x18, {0x1, 0x2bb}}, @smc={0x1e, 0x40, {0xc4000053, [0x2, 0x7, 0x9d, 0x100000000, 0xc92]}}, @smc={0x1e, 0x40, {0x86000001, [0x1000, 0x6, 0xd, 0x6, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013df6e}}, @hvc={0x32, 0x40, {0x84000004, [0x4, 0x1ff, 0x9, 0x400000, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x1, 0x8, 0x280000, 0x7}}, @hvc={0x32, 0x40, {0xc400000e, [0x6cc2, 0xfffffffffffffffd, 0x0, 0x0, 0x101]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0x10, 0x6, 0x1, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x7e}}, @smc={0x1e, 0x40, {0xc400000d, [0xf, 0x0, 0x0, 0x8, 0x2]}}, @svc={0x122, 0x40, {0x80008000, [0x10000, 0x50ca, 0x8001, 0xa, 0x6]}}, @smc={0x1e, 0x40, {0x84000001, [0x1, 0x9, 0x8000000000000000, 0x5, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013deac}}, @msr={0x14, 0x20, {0x603000000013e658}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x3db, 0x3, 0xb}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0xb9}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x29a}}, @uexit={0x0, 0x18, 0xca33}, @irq_setup={0x46, 0x18, {0x3, 0x30b}}, @code={0xa, 0x9c, {"a0ef85d200c0b0f2210180d2a20180d2230080d2640180d2020000d4209086d20080b0f2810180d2820080d2c30180d2a40180d2020000d4008008d5007008d5007008d5000028d50000301e40da91d20060b8f2610180d2820180d2230180d2040080d2020000d400a4002fe07c93d20000b0f2e10080d2620180d2030080d2240080d2020000d4"}}, @code={0xa, 0x84, {"001c0013007008d50080c008a0448fd20020b8f2c10080d2c20080d2c30180d2e40080d2020000d400d8217e00f8302e00c0611e40e09cd20020b8f2e10180d2820080d2c30180d2a40080d2020000d40000689e002e97d20080b0f2410180d2820180d2030180d2840080d2020000d4"}}], 0x4e8}, &(0x7f00000006c0)=[@featur1={0x1, 0x61}], 0x1) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r7, 0x6000006, 0x110, r9, 0x0) 1h50m24.925949289s ago: executing program 39 (id=336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xe6) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_GET_REGS(r4, 0x8360ae81, 0x0) 1h40m28.10291849s ago: executing program 8 (id=344): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000000)) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x36) syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000002c0)=[{0x0, &(0x7f0000000040)=[@eret={0xe6, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x3, 0x1a9}}, @uexit={0x0, 0x18, 0x7ff}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0x194}}, @uexit={0x0, 0x18, 0x6}, @eret={0xe6, 0x18, 0xd26}, @msr={0x14, 0x20, {0x603000000013df5e, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x10, 0x7, 0xfffffb94}}, @irq_setup={0x46, 0x18, {0x2, 0x2ee}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x6, 0xc}}, @uexit={0x0, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x151}}, @msr={0x14, 0x20, {0x603000000013e535, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013c031}}, @msr={0x14, 0x20, {0x72fb, 0x40}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0xc, 0x18, 0xffff7fff}}, @msr={0x14, 0x20, {0x603000000013e718, 0xfff}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3c00, 0x3, 0x5}}], 0x248}], 0x1, 0x0, &(0x7f0000000300)=[@featur1={0x1, 0xd}], 0x1) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000340)={0x5, 0x4}) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xa) ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000380)={0xb6, 0x0, 0x8}) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000400)={0xd1, "5f020b01c70660d19cc560e63e7b13c4f0b512ea3e3851b665e2fcc129b234d9fc333807a611944f4da8b9f598e0183c09c7571bc8aee05d93273131dfef28aac988824a84348e2b953d3ca14eae548efe9200c59db5192a371f76ee1d9d885e850c396a8470b42d52bd8c91a40d0781c60847c998b489cb57bc5af6a405914ff5b582a2b35cab752e94059d8c9fa5169f826d0a2fb2d4ab624f9645cfa11aba2cd4bec2e141b7df87effea41f7e5012eaf259be2c7a524feb1cccba3ac2a85c445fd931a2827aa2d785f3c5f4c05ee5e8"}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000500)={0x10001, 0x1, 0x100000, 0x2000, &(0x7f0000c4f000/0x2000)=nil, 0x1, r2}) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f00000005c0)={0x78, "02edebdea28fe02f117f21d3b6e3d639d3b0867c82e763241d807bcfcc2adc0badaa7484699eb028c2c2bb382f6dd54f5a830d4f4ce5c6631d7f3011fab09fef065bbd3a3177c43ad8e3bc88c2258cdada5a13602dbd7660750d303d3aa62cca25575e6a17975f944a12e26534fcfd8d8de8feca2f2c3c5e"}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000640)={0xcd6, 0x1}) ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000680)) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x33) ioctl$KVM_CAP_DIRTY_LOG_RING(r4, 0x4068aea3, &(0x7f00000006c0)={0xc0, 0x0, 0xf000}) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000740)=0xe) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000928000/0x400000)=nil, &(0x7f0000000a00)=[{0x0, &(0x7f0000000780)=[@eret={0xe6, 0x18, 0x7fff}, @smc={0x1e, 0x40, {0x14100000c, [0x3, 0x4, 0x9, 0xfffffffffffffffa, 0x59a]}}, @mrs={0xbe, 0x18, {0x603000000013df79}}, @eret={0xe6, 0x18, 0x38}, @msr={0x14, 0x20, {0xa050000000346c28, 0x1}}, @msr={0x14, 0x20, {0x603000000013deb6, 0x7fffffffffffffff}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x3, 0x8}}, @hvc={0x32, 0x40, {0x80000000, [0x2, 0x2, 0x6, 0x4, 0x8]}}, @irq_setup={0x46, 0x18, {0x3, 0x371}}, @mrs={0xbe, 0x18, {0x6030000000130204}}, @irq_setup={0x46, 0x18, {0x0, 0x296}}, @mrs={0xbe, 0x18, {0x603000000013e293}}, @hvc={0x32, 0x40, {0x84000011, [0x483f, 0x3, 0x0, 0x3, 0x100000000]}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x4ff, 0xffffffffc3ba9649, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x200, 0x1, 0x5}}, @uexit={0x0, 0x18, 0x7}], 0x250}], 0x1, 0x0, &(0x7f0000000a40)=[@featur1={0x1, 0x4}], 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x400040, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000ac0)={0xdf, 0x0, 0xd000}) r5 = eventfd2(0x3, 0x100000) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000b40)={0xfffffffffffffffc, 0xeeee0000}) ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000b80)={[0x3c6231e, 0x2, 0xfff, 0x0, 0x9, 0xfffffffffffffeff, 0x3, 0x40, 0xd6, 0x80, 0x3ff, 0x9, 0x62b4, 0x3, 0x100000001, 0x6], 0x8000000, 0x40000}) write$eventfd(r5, &(0x7f0000000c40)=0x1, 0x8) ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000c80)={0x10000, 0x0, {[0x6, 0x8, 0xe, 0xffff, 0x3, 0x9, 0x800, 0x6, 0x8, 0x6, 0x6, 0xd, 0x21d0, 0x0, 0x1], [0x2, 0x3, 0x1, 0x1, 0x2, 0xd1, 0x9, 0x6, 0x6, 0x7f, 0x2, 0x2, 0x6d8f, 0x42d, 0x2, 0xe000000000], [0x4, 0x80, 0x3, 0x0, 0x1, 0x9721, 0x9, 0x5, 0x4, 0x200, 0x400, 0x8, 0x8, 0x8, 0xcad6, 0x10001], [0x2, 0x80000001, 0x2, 0x0, 0xfb95, 0x5, 0x80, 0xffffffffffffffff, 0x7, 0x9, 0x5, 0x7, 0x8, 0x10, 0xde, 0xdd04]}}) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r6, 0x4018aee2, &(0x7f0000000f00)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000ec0)={0x0, 0x1, 0x1}}) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x8040ae9f, &(0x7f0000000f40)=@arm64) r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000f80)={0x80000000, 0x7}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000fc0)={0x3ff, 0x6, 0x208f7515e44fc2ba, 0x2000, &(0x7f0000ebf000/0x2000)=nil, 0x4, r7}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) 1h40m12.357619374s ago: executing program 8 (id=346): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) 1h39m53.955268603s ago: executing program 8 (id=347): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) (async) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19}) (async) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, &(0x7f0000000880)=[@eret={0xe6, 0x18, 0x4}, @hvc={0x32, 0x40, {0x84000052, [0x10000, 0x62f, 0x200, 0xbc0, 0x1]}}, @eret={0xe6, 0x18, 0x7}, @uexit={0x0, 0x18, 0x100000001}, @hvc={0x32, 0x40, {0x86000000, [0x53e, 0x40, 0x800, 0xd97, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0x8, 0x2, 0x8, 0x4}}, @hvc={0x32, 0x40, {0x8, [0x40, 0x27d2d36, 0x8, 0x1, 0x5]}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x3fb}}, @irq_setup={0x46, 0x18, {0x2, 0x2d3}}, @uexit={0x0, 0x18, 0xff}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3000, 0x1, 0x4}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x2b1}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0xc7c, 0x5, 0x3}}, @uexit={0x0, 0x18, 0x40}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x4, 0x10, 0xfffffffd, 0x401, 0x1}}, @mrs={0xbe, 0x18, {0x6030000000138026}}, @its_send_cmd={0xaa, 0x63, {0x3, 0x1, 0x3, 0xe, 0x1, 0x270d, 0x3}}, @eret={0xe6, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x2, 0x139}}, @irq_setup={0x46, 0x18, {0x0, 0x3ad}}, @irq_setup={0x46, 0x18, {0x0, 0x13}}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0xb4, {"007008d50068214e000820fc20728bd20000b8f2610080d2220080d2c30080d2c40180d2020000d4c0219cd200a0b8f2a10180d2a20180d2c30180d2040180d2020000d4007008d500e0400d201b93d20020b8f2610180d2220080d2630080d2440180d2020000d4208c95d20080b8f2e10180d2c20080d2830080d2040080d2020000d4c04380d20080b0f2a10080d2820080d2430080d2240180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x20a}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0x9, 0x6, 0xffffff9a}}], 0x3fc}, &(0x7f0000000040)=[@featur2={0x1, 0x11}], 0x1) syz_kvm_vgic_v3_setup(r2, 0x2, 0x340) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) (async) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) (async) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r16, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r16, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r17 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140000, &(0x7f0000000000)=0x7}) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) 1h39m35.524551718s ago: executing program 8 (id=349): munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, 0x0, 0x51c}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x35) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x3, 0x6000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc}) 1h38m47.25232949s ago: executing program 40 (id=349): munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, 0x0, 0x51c}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x35) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x3, 0x6000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc}) 1h38m39.074983986s ago: executing program 41 (id=350): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_vgic_v3_setup(r5, 0x2, 0x220) (async) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x500, 0x0}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r6, 0xc018aec0, &(0x7f0000000000)={0x10002, 0x2c0, 0x80, &(0x7f00000003c0)=[0xc3a, 0x400, 0x9, 0x80000000, 0x9cfd, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0xb, 0x78, 0x7, 0x5, 0x10001, 0x58e, 0x1, 0x3, 0x100000001, 0x8000000000000001, 0x4, 0x164, 0x8, 0x3, 0x400, 0xd9, 0x6, 0x8, 0x7b, 0x8, 0x5, 0xa927, 0x3ff, 0x2, 0x6, 0xaa4d, 0x7f, 0x7ff, 0x5, 0x9, 0x3ff, 0xcd, 0xffffffffffffffff, 0x8, 0x7f, 0xb21d, 0xfffffffffffffff8, 0x6, 0x2, 0xffffffff80000001, 0x3, 0x7fff, 0x47752842, 0x4, 0x4, 0x4, 0x1, 0x6, 0xfffffffffffffff8, 0x4, 0xfffffffffffff001, 0x87, 0x3200000000000000, 0x7f, 0xfffffffffffffff7, 0x38000, 0x8, 0xfffffffffffffff0, 0xd, 0x1ff, 0xc, 0x5, 0x9, 0x8000000000000000, 0x10001, 0x7ff, 0xfff, 0xffffffffffffff01, 0xffffffff, 0x0, 0x21ca, 0xffffffff, 0x7, 0x0, 0x9, 0x6, 0x3, 0x1, 0x4, 0xffffffff, 0x4f8, 0x0, 0xb, 0x7f, 0x4, 0x9, 0x56a18c51, 0x384, 0xfffffffffffffffe, 0x0, 0x5, 0x9, 0x5, 0x4, 0x7fffffff, 0x3, 0x5, 0x100000000, 0x6, 0x5, 0x1ff, 0x1, 0x9, 0x751, 0x8, 0x8, 0x100000000, 0x1, 0x6, 0xfffffffffffffc00, 0x9, 0xb, 0x4, 0x10000, 0x5, 0xb4f, 0x4, 0x2c, 0x1]}) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) r9 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1h23m43.90259176s ago: executing program 42 (id=376): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x3, 0x400001, 0x1}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x57fd, 0x2}}) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) r5 = openat$kvm(0x0, &(0x7f0000000200), 0x62ecc1, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x0, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xffffffffffff0000]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x3, 0x400001, 0x1}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x57fd, 0x2}}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) (async) openat$kvm(0x0, &(0x7f0000000200), 0x62ecc1, 0x0) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x0, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) (async) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xffffffffffff0000]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) 1h5m38.571343487s ago: executing program 0 (id=455): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) close(r6) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_GET_DEVICE_ATTR_vm(r6, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_init) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) 1h5m12.686732578s ago: executing program 0 (id=458): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_assert_reg(r6, 0x603000000013dce8, 0x8000) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x7c}}], 0x28}, 0x0, 0x0) r9 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x6}) 1h4m46.397248182s ago: executing program 0 (id=460): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x8, 0x80, &(0x7f0000000500)=0x5}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, 0xfffffffffffffffe) 1h4m25.346306418s ago: executing program 0 (id=461): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0x80811501, 0x20000000) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x474d00, 0x0) r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0xeffffffd, 0x801) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2b) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000280)=0x6) ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000080)={0x1000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r11, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) r12 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r9, 0x3}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000200)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000180)=0x1d}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r9, 0xf}) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000140)={0x1, 0x5}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x477d, 0x100, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000000) 1h3m58.318078241s ago: executing program 0 (id=464): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x72080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x3, 0x800) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0xd000, 0x2, r2, 0x1}) r3 = eventfd2(0x0, 0x80000) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r3, 0x3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x203, 0x0, 0x2, r3, 0xf}) 1h3m43.54458619s ago: executing program 0 (id=465): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) close(r0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, 0xfffffffffffffffe) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="82000000000000002800000000000000000000000000000004000000000000004400000000000000e6000000af1bd1aebc8c8c7e6429000000001800000000000000ff0f0000000000008200080000000000280000000000000003000000000000000300000000000000000200000000000022010000000000004000000000000000010000860000000000000000002400000200000000000000090000000000000040000000000000004000000000000000be00000000000000180000000000010000c21300000030604600000000000000180000000000000003000000140100001e000000000000004000000000000000080000000000000007000000000000000b000000000000000000000000000000020000000000000003000000000000006e0000000000000030000000000000000000000000000000010400000000000001002000000000001e0000000000000040000000000000000d00000800000000a0090000000000000000000000000006000000000000000000e400000000000005000000000000001e000000000000004000000000000000538000800000000005000000000000004000000000000000ff03000000000000efd90000000000000000000000000000be00000000000000180000000000000001d81300000030600000000000000000"], 0x1e0}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1) (async) r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) 1h3m12.014741018s ago: executing program 43 (id=463): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000080)={0x5, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x7, 0x7, 0x0}) munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, 0x0}) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x200000b, 0x10010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0) 1h2m52.615764434s ago: executing program 44 (id=465): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) close(r0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, 0xfffffffffffffffe) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="82000000000000002800000000000000000000000000000004000000000000004400000000000000e6000000af1bd1aebc8c8c7e6429000000001800000000000000ff0f0000000000008200080000000000280000000000000003000000000000000300000000000000000200000000000022010000000000004000000000000000010000860000000000000000002400000200000000000000090000000000000040000000000000004000000000000000be00000000000000180000000000010000c21300000030604600000000000000180000000000000003000000140100001e000000000000004000000000000000080000000000000007000000000000000b000000000000000000000000000000020000000000000003000000000000006e0000000000000030000000000000000000000000000000010400000000000001002000000000001e0000000000000040000000000000000d00000800000000a0090000000000000000000000000006000000000000000000e400000000000005000000000000001e000000000000004000000000000000538000800000000005000000000000004000000000000000ff03000000000000efd90000000000000000000000000000be00000000000000180000000000000001d81300000030600000000000000000"], 0x1e0}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1) (async) r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) 51m10.711006838s ago: executing program 5 (id=481): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0) (async) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0xd8) (async) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000240)) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab}) (async) r12 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 50m51.795719641s ago: executing program 5 (id=483): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0xfffffffe, 0x0, 0x6, 0x0, 0x20000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) r9 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0xfffffffffffffffa, 0x2, 0x4, 0xffffffffffffffff, 0x8a4fa382f1515d0b}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 50m46.095544764s ago: executing program 3 (id=484): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454ce, 0x110c230008) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x2000, &(0x7f0000ecf000/0x2000)=nil}) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 50m31.910330625s ago: executing program 5 (id=485): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0) (async, rerun: 32) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@hvc={0x32, 0x40, {0x4, [0xdc56, 0x0, 0xfffffffffffffff9, 0x2, 0x79d]}}, @uexit={0x0, 0x18, 0x80}, @msr={0x14, 0x20, {0x6030000000138002, 0x7fffffff}}, @code={0xa, 0xb4, {"00a4e00d007008d5c06995d200e0b0f2810180d2420180d2a30080d2e40080d2020000d4a07c94d20040b0f2810180d2820080d2a30080d2840080d2020000d460319cd200a0b8f2810180d2820080d2e30080d2a40180d2020000d4007008d500df93d20020b0f2a10180d2220080d2a30080d2c40180d2020000d40004000fa03a98d20060b8f2410180d2a20180d2630080d2a40080d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013c2ab, 0xa820}}, @hvc={0x32, 0x40, {0x84000012, [0xffffffffffffff21, 0x0, 0x5, 0x1, 0xfffffffffffffffd]}}, @code={0xa, 0x9c, {"007008d5c07090d20020b0f2010080d2020180d2c30180d2640180d2020000d4a04e84d200c0b0f2e10080d2a20080d2630180d2c40180d2020000d40068202e000040d4a00d98d200a0b0f2010080d2a20180d2a30080d2640180d2020000d4000008d5000008d5007008d520cf81d20060b8f2610180d2220180d2830080d2c40180d2020000d4"}}, @eret={0xe6, 0x18}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x80, 0x0, 0x6}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x260}}, @code={0xa, 0x9c, {"a01e9cd200c0b0f2c10180d2220080d2e30180d2a40080d2020000d4007008d5e0e185d20040b8f2410080d2820180d2430080d2440080d2020000d40084207e007008d5002cc01a007008d520dc89d200c0b0f2410180d2220180d2c30080d2640080d2020000d4000028d500ac81d200e0b0f2210180d2020080d2830080d2e40080d2020000d4"}}, @eret={0xe6, 0x18, 0xfff}, @svc={0x122, 0x40, {0x10, [0x4, 0x9, 0x9, 0x470, 0x745]}}, @mrs={0xbe, 0x18, {0xa953446538868eb7}}, @mrs={0xbe, 0x18, {0x603000000013df42}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x29c}}, @msr={0x14, 0x20, {0x603000000013debe, 0x9}}, @code={0xa, 0xb4, {"000040d3602680d20080b8f2410180d2020180d2630080d2240180d2020000d4008008d5c02d9cd20000b8f2810180d2a20180d2630080d2640180d2020000d400b4202e601c84d20040b8f2410180d2220180d2a30180d2840080d2020000d4000008d5606b84d200e0b8f2c10080d2820080d2030180d2640180d2020000d4007008d5600596d20080b8f2210180d2620180d2430080d2040080d2020000d4"}}, @code={0xa, 0xb4, {"1f0000ea601099d20060b8f2c10080d2020180d2230080d2a40080d2020000d4003c207e800d9dd200a0b8f2c10180d2e20080d2630180d2e40080d2020000d480159dd20000b0f2810180d2820180d2430080d2840080d2020000d4800f98d20040b0f2210080d2820180d2230080d2040180d2020000d4000040b80008202e0000669e004380d20000b0f2610180d2a20180d2030080d2040180d2020000d4"}}, @hvc={0x32, 0x40, {0x0, [0x8, 0x6a190099, 0x7f, 0x3b, 0x1000]}}, @msr={0x14, 0x20, {0x603000000013e66f, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x1, 0xe, 0x200, 0x9, 0x2}}], 0x5f4}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0) (async, rerun: 32) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) (rerun: 32) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) (async, rerun: 32) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) (async) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x100000c, 0x40010, r4, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async, rerun: 64) r14 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x2c) syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0, 0x7}, 0x0, 0x0) 50m27.992843439s ago: executing program 3 (id=486): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 50m16.614491762s ago: executing program 5 (id=487): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x2, 0x100) r4 = eventfd2(0x10000, 0x0) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r4, 0x3}) (async) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r4, 0x3}) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000100)={r4, 0xb168, 0x0, r4}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000073000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00009db000/0x400000)=nil) r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f000046b000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x692df261) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x692df261) 50m16.082243139s ago: executing program 3 (id=488): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000000c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000080)=0x2}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 49m57.389215114s ago: executing program 3 (id=489): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013c2b1, 0x0}) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x19) ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f0000000040)={0x10004, 0x0, &(0x7f0000c00000/0x400000)=nil}) r6 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r0, 0x3, 0xa0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000e00000/0x2000)=nil, 0x930, 0x3000009, 0x30, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x2, 0x40010, r7, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x30, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x1, 0x4f832, r7, 0x1000000) 49m53.564602798s ago: executing program 5 (id=490): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0)) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a67000/0x400000)=nil) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100048, &(0x7f0000000040)=0x40}) 49m39.372996417s ago: executing program 5 (id=491): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f00000002c0)={0x200}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) r9 = eventfd2(0xd, 0x1) close(r9) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x27) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0) r13 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, 0x0) r14 = eventfd2(0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0x80111500, 0x20000000) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x4, 0x3, 0x0}) write$eventfd(r9, 0x0, 0x0) 49m37.149406092s ago: executing program 3 (id=492): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = eventfd2(0x0, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x6030000000139828, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r8, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init) ioctl$KVM_RUN(r8, 0xae80, 0x0) close(r4) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3) (async) mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 49m19.862302637s ago: executing program 3 (id=493): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x7, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10}) 48m50.966640765s ago: executing program 45 (id=491): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f00000002c0)={0x200}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) r9 = eventfd2(0xd, 0x1) close(r9) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x27) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0) r13 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, 0x0) r14 = eventfd2(0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0x80111500, 0x20000000) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x4, 0x3, 0x0}) write$eventfd(r9, 0x0, 0x0) 48m30.254055628s ago: executing program 46 (id=493): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x7, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10}) 34m11.115000975s ago: executing program 4 (id=550): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) 34m4.964633656s ago: executing program 7 (id=551): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x81) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013c2b1, 0x0}) 33m58.58524252s ago: executing program 4 (id=552): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, 0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000edf000/0x3000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) 33m49.581416258s ago: executing program 7 (id=553): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000180)=@arm64_extra={0x603000000013c513, 0x0}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0xe000}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r7, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3}) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r8, 0x40000) 33m44.984347697s ago: executing program 4 (id=554): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x20801, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000139828, 0x7fff}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 33m32.144481674s ago: executing program 7 (id=555): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async, rerun: 32) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x0, &(0x7f0000000080)=0x4}) (rerun: 32) 33m31.844389745s ago: executing program 4 (id=556): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x21) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r14, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r14, 0x0) (async) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async) r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r15, 0x8, 0x13, r14, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r15, 0x1000001, 0x12, r14, 0x0) (async) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r17, 0x1, 0x100) ioctl$KVM_IRQ_LINE(r17, 0x4008ae61, &(0x7f0000000100)={0x1002000, 0x1}) ioctl$KVM_KVMCLOCK_CTRL(r5, 0xaead) (async) r18 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r18, 0x3, 0x11, r5, 0x0) 33m20.449922697s ago: executing program 7 (id=557): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000be6000/0x400000)=nil) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0x4030582a, 0x0) (async) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138047, 0x8000}}], 0x20}, 0x0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000040)=0x8a}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 33m17.285457313s ago: executing program 4 (id=558): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2, 0x1, 0xf000, 0x1000, &(0x7f0000c02000/0x1000)=nil}) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 33m8.357140749s ago: executing program 7 (id=559): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100006, &(0x7f00000000c0)=0x7ffffffc}) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000}) (async) r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) 33m2.318774834s ago: executing program 4 (id=560): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, 0xfffffffffffffffe) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100026, &(0x7f00000000c0)=0xc}) 32m52.684621219s ago: executing program 7 (id=561): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2f) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x7}) (async) r8 = eventfd2(0x8801, 0x800) r9 = eventfd2(0x3ff, 0x0) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000080)={r8, 0x5, 0x2, r9}) (async) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_vgic_v3_setup(r11, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x76, 0x7f, &(0x7f0000000180)=0x4e29}) (async) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000000)={r8, 0x5, 0x3, r9}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xdddd1000, 0x8, r9}) (async) syz_kvm_vgic_v3_setup(r1, 0x4, 0x60) (async) syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef"], 0x80}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) 32m15.388587214s ago: executing program 47 (id=560): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, 0xfffffffffffffffe) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100026, &(0x7f00000000c0)=0xc}) 32m2.009079s ago: executing program 48 (id=561): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2f) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x7}) (async) r8 = eventfd2(0x8801, 0x800) r9 = eventfd2(0x3ff, 0x0) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000080)={r8, 0x5, 0x2, r9}) (async) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_vgic_v3_setup(r11, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x76, 0x7f, &(0x7f0000000180)=0x4e29}) (async) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000000)={r8, 0x5, 0x3, r9}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xdddd1000, 0x8, r9}) (async) syz_kvm_vgic_v3_setup(r1, 0x4, 0x60) (async) syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef"], 0x80}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) 25m8.095847298s ago: executing program 6 (id=562): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x0, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r10 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r10}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000}) mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x930, 0x4, 0x4f833, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) 24m53.408999315s ago: executing program 8 (id=563): r0 = openat$kvm(0x0, &(0x7f0000000180), 0xa0080, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(0xffffffffffffffff) (async) close(0xffffffffffffffff) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x0, 0xffffffffffffffff, 0x8}) (async) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x0, 0xffffffffffffffff, 0x8}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r3, 0x2, 0x40) (async) syz_kvm_vgic_v3_setup(r3, 0x2, 0x40) close(r3) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x2, 0x160) (async) syz_kvm_vgic_v3_setup(r5, 0x2, 0x160) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000040)=@arm64={0x3, 0x3, 0x0, '\x00', 0x9}) openat$kvm(0x0, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) 24m49.03576167s ago: executing program 6 (id=564): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000600)=[{0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x84000010, [0x2, 0x3, 0x3, 0x10001, 0x10001]}}, @svc={0x122, 0x40, {0x84000050, [0x8, 0x0, 0x800000, 0x2, 0x5]}}, @smc={0x1e, 0x40, {0x84000008, [0x8, 0x9109, 0xfffffffffffffff7, 0x0, 0xfd]}}, @mrs={0xbe, 0x18, {0x603000000013df6f}}, @code={0xa, 0xb4, {"008008d5007008d5801282d20080b8f2a10080d2820180d2030080d2640080d2020000d4000008d580ae9ed20080b8f2610180d2a20180d2230080d2440080d2020000d4a09195d200c0b8f2610080d2a20180d2430080d2c40080d2020000d4007887d200a0b0f2810080d2420080d2630180d2640080d2020000d400388bd20040b0f2410080d2220080d2a30080d2a40080d2020000d4007008d500008052"}}, @mrs={0xbe, 0x18, {0x603000000013c64b}}, @svc={0x122, 0x40, {0x84000011, [0x5, 0x0, 0x4, 0x4, 0xd76]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x100, 0x4, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0xd, 0x4, 0x36, 0x2}}, @hvc={0x32, 0x40, {0xc6000814, [0x38e6, 0x0, 0x9, 0x6, 0x9]}}, @eret={0xe6, 0x18, 0xfffffffffffffffd}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x7, 0x2}}, @msr={0x14, 0x20, {0x6030000000138014, 0x5}}, @eret={0xe6, 0x18, 0x100000000}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x1, 0x3, 0x1, 0x2, 0x4}}, @svc={0x122, 0x40, {0xc4000053, [0x4, 0x9, 0x5, 0x6, 0x8]}}, @uexit={0x0, 0x18, 0x1}, @smc={0x1e, 0x40, {0x40000000, [0x5, 0xa24f, 0x200, 0x7, 0x30000000]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x70}}, @msr={0x14, 0x20, {0x603000000013e72a, 0x5}}, @svc={0x122, 0x40, {0x84000051, [0x100000001, 0x8, 0x1000, 0x0, 0x2]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x221}}, @svc={0x122, 0x40, {0x84000013, [0x68, 0x3, 0xf, 0x5, 0x4]}}, @mrs={0xbe, 0x18, {0x1c70}}, @memwrite={0x6e, 0x30, @generic={0x1000, 0x9af, 0x0, 0x3}}, @hvc={0x32, 0x40, {0x0, [0x79d50bbb, 0x3, 0x8, 0x0, 0xffffffffffffff80]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x6, 0xe, 0x9, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0xa8}}, @smc={0x1e, 0x40, {0x8400000e, [0x6, 0xfffffffffffff03e, 0xb, 0x3, 0x837]}}], 0x5c4}], 0x1, 0x0, &(0x7f0000000640)=[@featur1={0x1, 0x15}], 0x1) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x9) r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000680)={0x11, 0x2}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f00000006c0)={0x5, 0x2, 0xdddd1000, 0x1000, &(0x7f0000f62000/0x1000)=nil, 0x6, r4}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f00000007c0)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000780)=0x17}) syz_kvm_vgic_v3_setup(r0, 0x1, 0x20) r5 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000b12000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000940)={0x0, &(0x7f0000000800)=[@smc={0x1e, 0x40, {0x8400000c, [0xd46, 0x80, 0xf, 0x7, 0xa4]}}, @smc={0x1e, 0x40, {0xc4000007, [0x1, 0x3, 0x6, 0x5, 0x5]}}, @smc={0x1e, 0x40, {0x86000001, [0x8, 0x1, 0x8, 0xff, 0x6]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x2ad}}, @irq_setup={0x46, 0x18, {0x1, 0x10c}}, @uexit={0x0, 0x18, 0x8}], 0x118}, &(0x7f0000000980)=[@featur2={0x1, 0xc}], 0x1) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000a00)=@arm64_bitmap={0x6030000000160001, &(0x7f00000009c0)=0x7}) r6 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f0000000a40)={0xff, 0x3}) r7 = mmap$KVM_VCPU(&(0x7f0000cc2000/0x4000)=nil, 0x0, 0x8, 0x80010, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000a80)="8c8c249d142c063847ffcbf0fe99bf0d3711c858856425b2704a338d5d7b4bb0ea199aa5670e0969465eca0684cbb24808ab7434442dc88657196a034bf148c86038de6edad60d7e", 0x0, 0x48) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_FINALIZE(r8, 0x4004aec2, &(0x7f0000000b00)=0x4) eventfd2(0x9, 0x1) close(r2) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000b80)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000b40)=0xb2}) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000d00)={0x0, &(0x7f0000000bc0)=[@code={0xa, 0x54, {"0000805a007008d5a0539ed200e0b8f2c10180d2c20080d2c30080d2640080d2020000d40000619e000840fa000008d50068284e008008d5007008d5000020c8"}}, @smc={0x1e, 0x40, {0xc5000020, [0x9, 0x2eb, 0x5, 0x2, 0xfffffffffffffff8]}}, @code={0xa, 0x9c, {"a0af9cd20080b0f2810180d2420080d2430180d2040080d2020000d4000008d50000229e20629dd20040b0f2a10180d2420080d2c30080d2040080d2020000d480e08ad20040b8f2610180d2820080d2430080d2440080d2020000d460c382d200c0b0f2a10080d2c20080d2430080d2240180d2020000d40024002f0060002f0000008b000028d5"}}], 0x130}, &(0x7f0000000d40)=[@featur1={0x1, 0x19}], 0x1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) r9 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000d80)={0x5, 0xffffffffffffffff, 0x1}) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000dc0)={0x7, 0xfffffc01}) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x37) r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x11) ioctl$KVM_HAS_DEVICE_ATTR_vm(r10, 0x4018aee3, &(0x7f0000000e40)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000e00)={0x5, 0x6, 0x2}}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r9, 0x4010ae68, &(0x7f0000000e80)={0xeeee0000, 0x100000}) 24m36.524870673s ago: executing program 6 (id=565): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) write$eventfd(0xffffffffffffffff, &(0x7f0000000100)=0x3, 0x8) munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) openat$kvm(0x0, 0x0, 0x20040, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x3000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1}) r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67c30ee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33a0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x1c) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f00000003c0)=@arm64={0xd2, 0x6, 0x1}) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = eventfd2(0x4, 0x800) r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) r14 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2a) ioctl$KVM_IRQFD(r14, 0x4020ae76, &(0x7f00000000c0)={r12, 0xffa, 0x0, r12}) 24m31.505329171s ago: executing program 8 (id=566): openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r0, 0x0) close(0x3) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28) r4 = mmap$KVM_VCPU(&(0x7f0000ee7000/0x4000)=nil, 0x0, 0xb, 0x40010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="4180d42d48d89afc2b4a42e43c5af064a1ba39d5807ade25165e70af485c9c41895814a4dfda262c70841135b42a74cd7382d9bbaa68fd5e9316240290e84a10323eb87bcdb37af3", 0x0, 0x48) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_GET_API_VERSION(r5, 0xae00, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r12, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x2, 0x8000, 0x4003, 0x40, 0x5}}, {0x3, 0x2, 0x1, 0x0, @msi={0x404, 0xfdd, 0x9, 0x101}}]}) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) close(r3) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) close(r3) 23m49.264597337s ago: executing program 49 (id=565): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) write$eventfd(0xffffffffffffffff, &(0x7f0000000100)=0x3, 0x8) munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) openat$kvm(0x0, 0x0, 0x20040, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x3000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1}) r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67c30ee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33a0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x1c) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f00000003c0)=@arm64={0xd2, 0x6, 0x1}) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = eventfd2(0x4, 0x800) r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) r14 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2a) ioctl$KVM_IRQFD(r14, 0x4020ae76, &(0x7f00000000c0)={r12, 0xffa, 0x0, r12}) 23m42.086185012s ago: executing program 50 (id=566): openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r0, 0x0) close(0x3) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28) r4 = mmap$KVM_VCPU(&(0x7f0000ee7000/0x4000)=nil, 0x0, 0xb, 0x40010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="4180d42d48d89afc2b4a42e43c5af064a1ba39d5807ade25165e70af485c9c41895814a4dfda262c70841135b42a74cd7382d9bbaa68fd5e9316240290e84a10323eb87bcdb37af3", 0x0, 0x48) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_GET_API_VERSION(r5, 0xae00, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r12, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x2, 0x8000, 0x4003, 0x40, 0x5}}, {0x3, 0x2, 0x1, 0x0, @msi={0x404, 0xfdd, 0x9, 0x101}}]}) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) close(r3) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) close(r3) 13m34.513554313s ago: executing program 9 (id=578): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f00000000c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000000)=0xfffffff7}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x460402, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000}) r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) r12 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece) ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) 13m21.964000591s ago: executing program 9 (id=581): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f00000000c0)={0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f0000000380)=[@irq_setup={0x46, 0x18, {0x0, 0xb0}}, @mrs={0xbe, 0x18, {0x603000000013df6a}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x78, 0x4, 0x2}}, @smc={0x1e, 0x40, {0xc400000d, [0x8, 0x8, 0xfffffffffffffff9, 0x7eb, 0x2]}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x6d}}, @mrs={0xbe, 0x18, {0x603000000013e6ce}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x0, 0xc, 0x906, 0x81}}, @hvc={0x32, 0x40, {0x2000000, [0x3, 0x4, 0x62, 0x2, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x21b}}, @code={0xa, 0x9c, {"007008d5004c200ee003002a0004000f80139ad20040b8f2810180d2220180d2a30180d2640180d2020000d400808008c00186d20020b8f2010180d2620080d2830180d2840180d2020000d4204495d200c0b8f2210180d2220180d2430080d2640180d2020000d400f4a00e202985d20000b8f2810180d2220080d2e30180d2640180d2020000d4"}}, @msr={0x14, 0x20, {0x6030000000138012, 0xfffffffffffffffa}}, @mrs={0xbe, 0x18, {0x603000000013c4c8}}, @uexit={0x0, 0x18, 0x1}, @irq_setup={0x46, 0x18, {0x0, 0x26b}}, @irq_setup={0x46, 0x18, {0x0, 0xfb}}], 0x27c}, &(0x7f0000000080)=[@featur1={0x1, 0x40}], 0x1) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x4}) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 13m7.544484259s ago: executing program 9 (id=583): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r3, 0xe, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff}}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r3, 0x6000002, 0x4d832, 0xffffffffffffffff, 0x0) 12m49.984706568s ago: executing program 9 (id=585): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000240)=0x2}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000380)=@arm64_ccsidr={0x6020000000110008, &(0x7f0000000400)=0xfff}) r4 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x0, 0xfffffffffffffffe}) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1400000000000000200000000000000000c61360e0fefefe00000000"], 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c600, &(0x7f0000000140)}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000180)=0x12}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000300)={0x1, 0x80ba}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000280)={0x1000, 0xbe9, 0x2}}) write$eventfd(r4, &(0x7f0000000000), 0xfffffdef) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = eventfd2(0x8, 0x80800) r13 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r13}) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r12, 0x3}) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r12, 0x3}) ioctl$KVM_CAP_ARM_MTE(r4, 0x4068aea3, &(0x7f0000000100)) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 12m25.32743396s ago: executing program 9 (id=587): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r8 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) write$eventfd(r8, &(0x7f0000000000)=0x4, 0x8) r9 = mmap$KVM_VCPU(&(0x7f0000f03000/0x1000)=nil, r7, 0x4, 0x10, r6, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r6, 0x4208ae9b, &(0x7f0000000500)={0x20700, 0x0, {[0x1, 0xf66d, 0x5, 0xffff, 0x6, 0x100000000, 0x8000, 0xa0000000, 0x0, 0x80, 0x7, 0xb97, 0x0, 0x3, 0x401, 0x8], [0x8000000000000001, 0x1c000, 0xfff, 0x413, 0xfff, 0x1, 0x7ff, 0x9, 0x1, 0x800, 0x100000000, 0x6, 0xffffffff80000001, 0xd, 0xa8b1, 0x9], [0x3, 0x0, 0x3, 0xfffffffffffffff9, 0x80000001, 0x26, 0x38b, 0x2, 0x0, 0x1, 0x7fffffff, 0x4b2123fe, 0x292e1739, 0xfffffffffffffffb, 0xe5, 0x2], [0x7, 0x36e8, 0x800, 0xb, 0x7, 0x200, 0xe, 0x3, 0x101, 0x23dd, 0x7fff, 0x473, 0x2d7, 0x9, 0x9]}}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="3a9956b2060edc9bf5a3b673b35eb641840f3fdf87d0c40965dd275a984debd6ca51d792360d6d403a68d8660b5a2ae73a1e8905143b7eadf318bbb30ff8f4577a1bfc2054c0dade", 0x0, 0x48) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r13 = ioctl$KVM_CREATE_VM(r12, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r13, 0xb702, 0x0) r14 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xb}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, &(0x7f0000000740)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x14, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0xdf}}], 0x48}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) 12m9.274538836s ago: executing program 9 (id=590): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000000)={0x4000}) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd) syz_kvm_setup_cpu$arm64(r5, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000005c0)=[{0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc400000c, [0x0, 0x0, 0x9, 0x1, 0xff]}}, @smc={0x1e, 0x40, {0x84000050, [0x1, 0x2, 0x0, 0x5, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013c684}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x3, 0x8, 0x2}}, @code={0xa, 0xb4, {"00b0005f802c9bd200c0b0f2610080d2620080d2830080d2e40180d2020000d40000000c60d385d200a0b8f2410180d2a20180d2a30180d2640180d2020000d460e493d200c0b8f2e10080d2420180d2030080d2840180d2020000d4000008d5a0dd81d20080b8f2c10180d2220080d2230080d2c40080d2020000d4c0729dd20080b0f2a10080d2620080d2830080d2a40080d2020000d4007008d50044205e"}}, @its_setup={0x82, 0x28, {0x80, 0x0, 0x99}}, @msr={0x14, 0x20, {0x603000000013dea0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013deb4}}, @svc={0x122, 0x40, {0x40000000, [0x1, 0x2, 0xe8c6654, 0x5, 0x7ff]}}, @mrs={0xbe, 0x18, {0x603000000013e530}}, @svc={0x122, 0x40, {0x80007fff, [0xa555, 0x4, 0xffffffffffffff80, 0x40, 0x8000000000000000]}}, @mrs={0xbe, 0x18, {0x603000000013e289}}, @uexit={0x0, 0x18, 0x4c}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x9c, {"608684d20060b8f2c10080d2420180d2a30180d2c40180d2020000d4202688d20060b8f2610180d2620080d2430080d2a40080d2020000d440a297d200c0b8f2610180d2020180d2030180d2c40080d2020000d40060600d007683d20080b0f2610080d2c20080d2e30180d2040180d2020000d4000008d50000407c0080c00d000008d500008092"}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x15a}}, @smc={0x1e, 0x40, {0x82000001, [0x9, 0x60a, 0x101, 0x0, 0xb9e9]}}, @hvc={0x32, 0x40, {0xc000020a, [0x1, 0x9, 0x10000, 0xfffffffffffffffb, 0x9]}}, @uexit={0x0, 0x18, 0x100000001}], 0x410}], 0x1, 0x0, &(0x7f0000000600)=[@featur1={0x1, 0xe0}], 0x1) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000000)={0x4, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r13, 0x541b, 0xac) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4}) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r3, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r15, 0xae03, 0x80) r16 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r6, 0x3, 0x11, r4, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r16, 0xffffffffffffffff) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r16, 0xfffffffffffffffe) 11m19.214775421s ago: executing program 51 (id=590): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000000)={0x4000}) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd) syz_kvm_setup_cpu$arm64(r5, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000005c0)=[{0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc400000c, [0x0, 0x0, 0x9, 0x1, 0xff]}}, @smc={0x1e, 0x40, {0x84000050, [0x1, 0x2, 0x0, 0x5, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013c684}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x3, 0x8, 0x2}}, @code={0xa, 0xb4, {"00b0005f802c9bd200c0b0f2610080d2620080d2830080d2e40180d2020000d40000000c60d385d200a0b8f2410180d2a20180d2a30180d2640180d2020000d460e493d200c0b8f2e10080d2420180d2030080d2840180d2020000d4000008d5a0dd81d20080b8f2c10180d2220080d2230080d2c40080d2020000d4c0729dd20080b0f2a10080d2620080d2830080d2a40080d2020000d4007008d50044205e"}}, @its_setup={0x82, 0x28, {0x80, 0x0, 0x99}}, @msr={0x14, 0x20, {0x603000000013dea0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013deb4}}, @svc={0x122, 0x40, {0x40000000, [0x1, 0x2, 0xe8c6654, 0x5, 0x7ff]}}, @mrs={0xbe, 0x18, {0x603000000013e530}}, @svc={0x122, 0x40, {0x80007fff, [0xa555, 0x4, 0xffffffffffffff80, 0x40, 0x8000000000000000]}}, @mrs={0xbe, 0x18, {0x603000000013e289}}, @uexit={0x0, 0x18, 0x4c}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x9c, {"608684d20060b8f2c10080d2420180d2a30180d2c40180d2020000d4202688d20060b8f2610180d2620080d2430080d2a40080d2020000d440a297d200c0b8f2610180d2020180d2030180d2c40080d2020000d40060600d007683d20080b0f2610080d2c20080d2e30180d2040180d2020000d4000008d50000407c0080c00d000008d500008092"}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x15a}}, @smc={0x1e, 0x40, {0x82000001, [0x9, 0x60a, 0x101, 0x0, 0xb9e9]}}, @hvc={0x32, 0x40, {0xc000020a, [0x1, 0x9, 0x10000, 0xfffffffffffffffb, 0x9]}}, @uexit={0x0, 0x18, 0x100000001}], 0x410}], 0x1, 0x0, &(0x7f0000000600)=[@featur1={0x1, 0xe0}], 0x1) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000000)={0x4, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r13, 0x541b, 0xac) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4}) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r3, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r15, 0xae03, 0x80) r16 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r6, 0x3, 0x11, r4, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r16, 0xffffffffffffffff) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r16, 0xfffffffffffffffe) 3m0.912246139s ago: executing program 2 (id=638): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0xb, 0xffffffffffffffff}) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x10002}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[], 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r10 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x17) r11 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x401, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e6c8}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x1, &(0x7f0000000200)=0xfffffffffffffeff}) ioctl$KVM_RUN(r15, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) close(r1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) 2m40.314654489s ago: executing program 2 (id=640): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async, rerun: 64) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x6000, 0x80001}) (async) close(r3) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_GET_DEVICE_ATTR_vm(r3, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 2m28.182515292s ago: executing program 2 (id=642): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x5, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x3, &(0x7f0000000140)=0x9}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x6030000000100036, &(0x7f0000000000)=0xcb}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r7, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7}) r8 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x0, 0xdddd0000, 0x1, r8, 0x4}) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000965000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8}) ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000}) 2m11.442848768s ago: executing program 2 (id=644): r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000840)=[@uexit={0x0, 0x18, 0xe1e}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x295}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x2, 0x4, 0x1ff, 0x2, 0x1}}, @smc={0x1e, 0x40, {0x84000011, [0x81, 0x10001, 0x8c7b, 0x9, 0xffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xc00, 0x0, 0x6}}, @code={0xa, 0x9c, {"007008d5008008d5000000b9008008d500000078000008d5c0f489d20080b0f2a10080d2020180d2430180d2040080d2020000d4200885d20020b8f2610080d2220180d2430080d2840080d2020000d4e0d096d20060b0f2410180d2420180d2a30080d2c40180d2020000d4604994d20040b0f2c10180d2e20180d2230080d2a40180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x0, 0x298}}, @msr={0x14, 0x20, {0x6030000000138010, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013df4e}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013803e, 0xa70}}, @hvc={0x32, 0x40, {0x84000000, [0x7aa, 0x0, 0x3, 0x40, 0x6]}}, @uexit={0x0, 0x18, 0xffffffffffffff14}, @smc={0x1e, 0x40, {0x8400000f, [0xff, 0x17, 0x9, 0x100000001, 0x80000001]}}, @eret={0xe6, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x236}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x307}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x80, 0x4}}, @svc={0x122, 0x40, {0x8400000e, [0x10000, 0x5, 0x6, 0x4, 0x8000000000000001]}}, @code={0xa, 0x6c, {"009c002f00f8a12e000008d500db8ad20060b8f2410080d2c20180d2030180d2840180d2020000d4007008d500a4ff0d0094202e008008d5007008d580d880d20060b0f2c10180d2020180d2830080d2e40180d2020000d4"}}, @svc={0x122, 0x40, {0x84000009, [0x1, 0xfffffffffffffffb, 0x0, 0xff]}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013def0, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x84}}, @svc={0x122, 0x40, {0x0, [0x7, 0x10000, 0x8000000000000001, 0x0, 0x1]}}, @uexit={0x0, 0x18}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x100, [0x1, 0x8001, 0x0, 0x6, 0xfffffffffffffffc]}}, @code={0xa, 0xcc, {"c0cb9bd20000b8f2410180d2c20180d2e30180d2a40180d2020000d4e00283d20060b8f2c10080d2620080d2e30080d2440080d2020000d4c04e93d200e0b0f2810080d2c20080d2e30180d2840080d2020000d4007008d5007008d5604f87d20080b0f2810080d2820080d2a30180d2a40180d2020000d40040df0c00f08ad20020b8f2010080d2c20080d2c30180d2c40080d2020000d4008008d5c03c9fd20040b8f2810080d2620080d2230080d2440180d2020000d4"}}], 0x63c}, &(0x7f0000000080)=[@featur2], 0x1) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f00000000c0)=0x6) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = eventfd2(0x4, 0x80000) (async) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={r4, 0x3}) write$eventfd(r4, &(0x7f0000000140)=0x3, 0x8) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0xf81e, 0x200, 0x0}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0x8, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000100)={0x4, 0xf000, 0x8, r9, 0x2}) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) 1m57.042385203s ago: executing program 2 (id=646): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000100)={0x8000000, 0x10000}) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x1}) 1m50.062635679s ago: executing program 1 (id=647): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x39) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur2={0x1, 0xf}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x4, 0x0}) (async) r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df60, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df61, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df62, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df63, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df65, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0xe0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r10, 0x3, 0x11, r9, 0x0) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0) ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0xef) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r11, 0xffffffffffffffff) (async) syz_kvm_assert_reg(r9, 0x603000000013df60, 0x8000) (async) syz_kvm_assert_reg(r9, 0x603000000013df61, 0x8000) (async) syz_kvm_assert_reg(r9, 0x603000000013df62, 0x8000) (async) syz_kvm_assert_reg(r9, 0x603000000013df63, 0x8000) (async) syz_kvm_assert_reg(r9, 0x603000000013df64, 0x8000) syz_kvm_assert_reg(r9, 0x603000000013df65, 0x8000) 1m44.378495741s ago: executing program 2 (id=648): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x6dfd, 0x13b4, 0x4]}}, @hvc={0x32, 0x40, {0xc4000053, [0x0, 0x2, 0x7, 0x3, 0x6]}}], 0x80}, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x40049409, 0x13) ioctl$KVM_RUN(r7, 0xae80, 0x0) close(r2) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) eventfd2(0x9, 0x402) ioctl$KVM_RUN(r7, 0xae80, 0x0) 1m36.044041715s ago: executing program 1 (id=649): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r9, &(0x7f00000001c0)=0x87, 0x8) (async) write$eventfd(r9, &(0x7f00000001c0)=0x87, 0x8) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3}) ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000001) 56.205290759s ago: executing program 52 (id=648): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x6dfd, 0x13b4, 0x4]}}, @hvc={0x32, 0x40, {0xc4000053, [0x0, 0x2, 0x7, 0x3, 0x6]}}], 0x80}, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x40049409, 0x13) ioctl$KVM_RUN(r7, 0xae80, 0x0) close(r2) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) eventfd2(0x9, 0x402) ioctl$KVM_RUN(r7, 0xae80, 0x0) 54.645651718s ago: executing program 1 (id=651): r0 = eventfd2(0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x30202, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x8400000e, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r9 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r10 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r11 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r11}) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r0, 0x4}) eventfd2(0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x30202, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x8400000e, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) (async) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) eventfd2(0x8, 0x80800) (async) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r11}) (async) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r0, 0x4}) (async) 37.915030393s ago: executing program 1 (id=652): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x13, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x0, 0x0}) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000da8000/0x5000)=nil, 0x5000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece) r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_GET_SREGS(r8, 0x8000ae83, &(0x7f00000003c0)) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r12, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) 14.823168081s ago: executing program 1 (id=653): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x0, 0x5000, 0x0, 0xffffffffffffffff, 0xc}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x21) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x80000000, 0x2}}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async) r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r10 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0xe5) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r9, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0) (async, rerun: 64) ioctl$KVM_GET_SREGS(r9, 0x8000ae83, &(0x7f0000000680)) (async, rerun: 64) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 32) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xa}}], 0x30}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async, rerun: 32) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async, rerun: 32) ioctl$KVM_GET_SREGS(r9, 0x8000ae83, &(0x7f0000000340)) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) 0s ago: executing program 1 (id=654): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0x80087601, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x20000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x30) r6 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r7 = eventfd2(0x2, 0x80801) write$eventfd(r7, &(0x7f00000002c0)=0x96, 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = syz_kvm_vgic_v3_setup(r4, 0x5, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, 0x0}) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7fff}) r10 = openat$kvm(0x0, &(0x7f0000000300), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="04198bd852e9e8b2b82d7401000000ffffffd17e4ff39fb6df0600f6a9576c610dc37b2e5c05000000000000000000040000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xb) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_KVMCLOCK_CTRL(r14, 0xaead) ioctl$KVM_RUN(r14, 0xae80, 0x0) kernel console output (not intermixed with test programs): [ 371.162171][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 418.704720][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:23598' (ED25519) to the list of known hosts. [ 576.862852][ T25] audit: type=1400 audit(576.070:61): avc: denied { name_bind } for pid=3306 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 579.730109][ T25] audit: type=1400 audit(578.930:62): avc: denied { execute } for pid=3307 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 579.781235][ T25] audit: type=1400 audit(578.970:63): avc: denied { execute_no_trans } for pid=3307 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 601.265392][ T25] audit: type=1400 audit(600.480:64): avc: denied { mounton } for pid=3307 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 601.298240][ T25] audit: type=1400 audit(600.510:65): avc: denied { mount } for pid=3307 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 601.384368][ T3307] cgroup: Unknown subsys name 'net' [ 601.453111][ T25] audit: type=1400 audit(600.670:66): avc: denied { unmount } for pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 602.037130][ T3307] cgroup: Unknown subsys name 'cpuset' [ 602.250981][ T3307] cgroup: Unknown subsys name 'rlimit' [ 603.207365][ T25] audit: type=1400 audit(602.420:67): avc: denied { setattr } for pid=3307 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 603.233222][ T25] audit: type=1400 audit(602.440:68): avc: denied { mounton } for pid=3307 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 603.248189][ T25] audit: type=1400 audit(602.460:69): avc: denied { mount } for pid=3307 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 604.404824][ T3310] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 604.424015][ T25] audit: type=1400 audit(603.630:70): avc: denied { relabelto } for pid=3310 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 604.444249][ T25] audit: type=1400 audit(603.650:71): avc: denied { write } for pid=3310 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 604.632688][ T25] audit: type=1400 audit(603.840:72): avc: denied { read } for pid=3307 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 604.647526][ T25] audit: type=1400 audit(603.860:73): avc: denied { open } for pid=3307 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 604.695609][ T3307] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 654.366032][ T25] audit: type=1400 audit(653.580:74): avc: denied { execmem } for pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 658.968488][ T25] audit: type=1400 audit(658.180:75): avc: denied { read } for pid=3313 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 659.006029][ T25] audit: type=1400 audit(658.190:76): avc: denied { open } for pid=3314 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 659.058672][ T25] audit: type=1400 audit(658.270:77): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 659.343735][ T25] audit: type=1400 audit(658.560:78): avc: denied { module_request } for pid=3314 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 659.368081][ T25] audit: type=1400 audit(658.580:79): avc: denied { module_request } for pid=3313 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 660.395556][ T25] audit: type=1400 audit(659.610:80): avc: denied { sys_module } for pid=3314 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 683.596130][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 683.811370][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 684.275459][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 684.607930][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 697.375889][ T3314] hsr_slave_0: entered promiscuous mode [ 697.428582][ T3314] hsr_slave_1: entered promiscuous mode [ 699.067124][ T3313] hsr_slave_0: entered promiscuous mode [ 699.133541][ T3313] hsr_slave_1: entered promiscuous mode [ 699.172145][ T3313] debugfs: 'hsr0' already exists in 'hsr' [ 699.176335][ T3313] Cannot create hsr debugfs directory [ 707.253781][ T25] audit: type=1400 audit(706.440:81): avc: denied { create } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 707.281934][ T25] audit: type=1400 audit(706.480:82): avc: denied { write } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 707.381039][ T25] audit: type=1400 audit(706.590:83): avc: denied { read } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 707.574482][ T3314] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 707.857012][ T3314] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 708.181416][ T3314] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 708.451753][ T3314] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 709.873765][ T3313] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 710.106308][ T3313] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 710.302530][ T3313] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 710.546111][ T3313] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 722.737252][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 725.076151][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 780.058482][ T3314] veth0_vlan: entered promiscuous mode [ 780.466168][ T3314] veth1_vlan: entered promiscuous mode [ 782.263456][ T3314] veth0_macvtap: entered promiscuous mode [ 782.741305][ T3314] veth1_macvtap: entered promiscuous mode [ 782.993069][ T3313] veth0_vlan: entered promiscuous mode [ 783.732735][ T3313] veth1_vlan: entered promiscuous mode [ 785.138291][ T21] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.186373][ T21] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.193415][ T21] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.233993][ T21] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.604073][ T3313] veth0_macvtap: entered promiscuous mode [ 787.343147][ T3313] veth1_macvtap: entered promiscuous mode [ 787.595364][ T25] audit: type=1400 audit(786.810:84): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 787.720421][ T25] audit: type=1400 audit(786.930:85): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.frhPP1/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 787.866784][ T25] audit: type=1400 audit(787.080:86): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 788.181667][ T25] audit: type=1400 audit(787.380:87): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.frhPP1/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 788.377459][ T25] audit: type=1400 audit(787.570:88): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.frhPP1/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 789.015734][ T25] audit: type=1400 audit(788.230:89): avc: denied { unmount } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 789.241960][ T25] audit: type=1400 audit(788.450:90): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 789.295462][ T3285] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.311834][ T3285] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.357767][ T3285] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.363630][ T3285] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.476584][ T25] audit: type=1400 audit(788.650:91): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="gadgetfs" ino=3749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 789.731185][ T25] audit: type=1400 audit(788.940:92): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 789.862786][ T25] audit: type=1400 audit(789.050:93): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 791.503364][ T3314] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 792.608331][ T25] kauditd_printk_skb: 2 callbacks suppressed [ 792.626562][ T25] audit: type=1400 audit(791.760:96): avc: denied { open } for pid=3314 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 792.640448][ T25] audit: type=1400 audit(791.800:97): avc: denied { ioctl } for pid=3314 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 801.072071][ T25] audit: type=1400 audit(800.280:98): avc: denied { read } for pid=3466 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 801.105591][ T25] audit: type=1400 audit(800.320:99): avc: denied { open } for pid=3466 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 801.251047][ T25] audit: type=1400 audit(800.460:100): avc: denied { ioctl } for pid=3466 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 803.565436][ T25] audit: type=1400 audit(802.780:101): avc: denied { append } for pid=3468 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 836.394414][ T25] audit: type=1400 audit(835.610:102): avc: denied { execute } for pid=3478 comm="syz.1.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4038 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 867.244790][ T25] audit: type=1400 audit(866.440:103): avc: denied { write } for pid=3497 comm="syz.1.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 946.211360][ T25] audit: type=1400 audit(945.410:104): avc: denied { ioctl } for pid=3548 comm="syz.1.26" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1015.311906][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1016.777135][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1018.103649][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.426833][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.562534][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1035.752633][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1035.886035][ T12] bond0 (unregistering): Released all slaves [ 1038.028198][ T12] hsr_slave_0: left promiscuous mode [ 1038.381730][ T12] hsr_slave_1: left promiscuous mode [ 1039.411236][ T12] veth1_macvtap: left promiscuous mode [ 1039.437781][ T12] veth0_macvtap: left promiscuous mode [ 1039.457875][ T12] veth1_vlan: left promiscuous mode [ 1039.501666][ T12] veth0_vlan: left promiscuous mode [ 1113.104083][ T3404] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1114.305534][ T3404] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1115.552780][ T3404] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1116.605990][ T3404] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1124.631427][ T3567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1125.414165][ T3571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1125.753663][ T3567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1127.884968][ T3571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1140.444117][ T3404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1140.574379][ T3404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1140.663149][ T3404] bond0 (unregistering): Released all slaves [ 1142.332813][ T3404] hsr_slave_0: left promiscuous mode [ 1142.388557][ T3404] hsr_slave_1: left promiscuous mode [ 1142.941839][ T3404] veth1_macvtap: left promiscuous mode [ 1142.943145][ T3404] veth0_macvtap: left promiscuous mode [ 1142.964113][ T3404] veth1_vlan: left promiscuous mode [ 1142.993554][ T3404] veth0_vlan: left promiscuous mode [ 1166.388207][ T3567] hsr_slave_0: entered promiscuous mode [ 1166.458301][ T3567] hsr_slave_1: entered promiscuous mode [ 1170.613485][ T3571] hsr_slave_0: entered promiscuous mode [ 1170.682063][ T3571] hsr_slave_1: entered promiscuous mode [ 1170.712067][ T3571] debugfs: 'hsr0' already exists in 'hsr' [ 1170.715119][ T3571] Cannot create hsr debugfs directory [ 1179.684594][ T3567] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1180.187222][ T3567] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1180.602788][ T3567] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1181.266343][ T3567] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1186.198252][ T3571] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1186.617837][ T3571] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1187.147330][ T3571] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1187.586032][ T3571] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1209.228204][ T3567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1214.043439][ T3571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1301.043317][ T3567] veth0_vlan: entered promiscuous mode [ 1302.032761][ T3567] veth1_vlan: entered promiscuous mode [ 1305.101684][ T3567] veth0_macvtap: entered promiscuous mode [ 1305.678217][ T3567] veth1_macvtap: entered promiscuous mode [ 1308.613307][ T3571] veth0_vlan: entered promiscuous mode [ 1310.576179][ T3571] veth1_vlan: entered promiscuous mode [ 1311.282077][ T3404] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1311.294367][ T3404] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1311.304836][ T3404] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1311.311882][ T3404] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1316.374913][ T3571] veth0_macvtap: entered promiscuous mode [ 1317.335149][ T3571] veth1_macvtap: entered promiscuous mode [ 1321.267160][ T3364] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.271978][ T3364] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.331434][ T3364] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.362174][ T3580] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1492.041350][ T25] audit: type=1400 audit(1491.250:105): avc: denied { setattr } for pid=3919 comm="syz.2.52" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1716.108227][ T4054] kvm [4054]: Failed to find VMA for hva 0x20c01000 [ 2262.843320][ T4350] KVM: debugfs: duplicate directory 4350-4 [ 2435.838481][ T4439] kvm [4439]: Failed to find VMA for hva 0x20c01000 [ 2483.744760][ T25] audit: type=1400 audit(2482.950:106): avc: denied { map } for pid=4457 comm="syz.2.199" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2563.066862][ T4498] kvm [4498]: Failed to find VMA for hva 0x20c01000 [ 2606.875576][ T4515] kvm [4515]: Failed to find VMA for hva 0x20c01000 [ 2789.448223][ T4601] kvm [4601]: Failed to find VMA for hva 0x21016000 [ 3081.432055][ T4712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3081.653857][ T4712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3090.015805][ T4717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3090.291987][ T4717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3108.808550][ T4712] hsr_slave_0: entered promiscuous mode [ 3108.956566][ T4712] hsr_slave_1: entered promiscuous mode [ 3109.021220][ T4712] debugfs: 'hsr0' already exists in 'hsr' [ 3109.031085][ T4712] Cannot create hsr debugfs directory [ 3122.592489][ T4717] hsr_slave_0: entered promiscuous mode [ 3122.684252][ T4717] hsr_slave_1: entered promiscuous mode [ 3122.737449][ T4717] debugfs: 'hsr0' already exists in 'hsr' [ 3122.742167][ T4717] Cannot create hsr debugfs directory [ 3131.431262][ T4712] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 3132.231653][ T4712] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 3132.972434][ T4712] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 3133.514208][ T4712] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 3142.604690][ T4717] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 3143.057435][ T4717] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 3143.428426][ T4717] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 3143.794666][ T4717] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 3165.676109][ T4712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3177.125231][ T4717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3190.017474][ T3364] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3191.787033][ T3364] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3193.394495][ T3364] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3195.108418][ T3364] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3213.795954][ T3364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3214.000963][ T3364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3214.137185][ T3364] bond0 (unregistering): Released all slaves [ 3215.623311][ T3364] hsr_slave_0: left promiscuous mode [ 3215.660798][ T3364] hsr_slave_1: left promiscuous mode [ 3215.963894][ T3364] veth1_macvtap: left promiscuous mode [ 3215.967195][ T3364] veth0_macvtap: left promiscuous mode [ 3215.985922][ T3364] veth1_vlan: left promiscuous mode [ 3215.997600][ T3364] veth0_vlan: left promiscuous mode [ 3244.976593][ T3364] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3246.388125][ T3364] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3248.035513][ T3364] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3250.022341][ T3364] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3270.837990][ T3364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3271.186789][ T3364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3271.406916][ T3364] bond0 (unregistering): Released all slaves [ 3273.589948][ T3364] hsr_slave_0: left promiscuous mode [ 3273.690932][ T3364] hsr_slave_1: left promiscuous mode [ 3274.244128][ T3364] veth1_macvtap: left promiscuous mode [ 3274.247465][ T3364] veth0_macvtap: left promiscuous mode [ 3274.264192][ T3364] veth1_vlan: left promiscuous mode [ 3274.272923][ T3364] veth0_vlan: left promiscuous mode [ 3375.711882][ T4712] veth0_vlan: entered promiscuous mode [ 3376.474089][ T4717] veth0_vlan: entered promiscuous mode [ 3377.401526][ T4712] veth1_vlan: entered promiscuous mode [ 3378.471302][ T4717] veth1_vlan: entered promiscuous mode [ 3381.776231][ T4712] veth0_macvtap: entered promiscuous mode [ 3382.772492][ T4717] veth0_macvtap: entered promiscuous mode [ 3382.946286][ T4712] veth1_macvtap: entered promiscuous mode [ 3383.723802][ T4717] veth1_macvtap: entered promiscuous mode [ 3387.103948][ T3364] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3387.108078][ T3364] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3387.161471][ T3364] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3387.197351][ T3364] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3388.132866][ T3404] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3388.152886][ T3404] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3388.206729][ T3404] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3388.218257][ T3404] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3909.367930][ T5159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3910.042995][ T5159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3928.046081][ T5170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3928.486402][ T5170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3955.007263][ T5159] hsr_slave_0: entered promiscuous mode [ 3955.124999][ T5159] hsr_slave_1: entered promiscuous mode [ 3976.162325][ T5170] hsr_slave_0: entered promiscuous mode [ 3976.305669][ T5170] hsr_slave_1: entered promiscuous mode [ 3976.421708][ T5170] debugfs: 'hsr0' already exists in 'hsr' [ 3976.440712][ T5170] Cannot create hsr debugfs directory [ 3986.580669][ T5159] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 3988.121687][ T5159] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 3988.744389][ T5159] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 3989.641824][ T5159] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 4001.145770][ T5170] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 4001.617917][ T5170] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 4002.162720][ T5170] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 4002.741766][ T5170] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 4030.894228][ T5159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4042.707666][ T5170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4179.101585][ T4733] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4180.778207][ T4733] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4182.724167][ T4733] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4184.703826][ T4733] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4210.493821][ T4733] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4210.820928][ T4733] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4211.035466][ T4733] bond0 (unregistering): Released all slaves [ 4213.546082][ T4733] hsr_slave_0: left promiscuous mode [ 4213.680667][ T4733] hsr_slave_1: left promiscuous mode [ 4214.359951][ T4733] veth1_macvtap: left promiscuous mode [ 4214.363248][ T4733] veth0_macvtap: left promiscuous mode [ 4214.402649][ T4733] veth1_vlan: left promiscuous mode [ 4214.463559][ T4733] veth0_vlan: left promiscuous mode [ 4243.554529][ T4733] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4245.308509][ T4733] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4247.126299][ T4733] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4248.531272][ T4733] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4250.844594][ T5159] veth0_vlan: entered promiscuous mode [ 4252.322179][ T5159] veth1_vlan: entered promiscuous mode [ 4276.135503][ T4733] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4276.906160][ T4733] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4277.821856][ T4733] bond0 (unregistering): Released all slaves [ 4280.515370][ T5159] veth0_macvtap: entered promiscuous mode [ 4282.070906][ T4733] hsr_slave_0: left promiscuous mode [ 4282.198398][ T4733] hsr_slave_1: left promiscuous mode [ 4283.154700][ T4733] veth1_macvtap: left promiscuous mode [ 4283.183786][ T4733] veth0_macvtap: left promiscuous mode [ 4283.203193][ T4733] veth1_vlan: left promiscuous mode [ 4283.260946][ T4733] veth0_vlan: left promiscuous mode [ 4303.105634][ T5159] veth1_macvtap: entered promiscuous mode [ 4307.370933][ T5170] veth0_vlan: entered promiscuous mode [ 4309.525850][ T4733] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4309.532319][ T4733] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4309.701294][ T3450] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4309.712666][ T3450] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4309.877647][ T5170] veth1_vlan: entered promiscuous mode [ 4316.303435][ T5170] veth0_macvtap: entered promiscuous mode [ 4317.362410][ T5170] veth1_macvtap: entered promiscuous mode [ 4321.633393][ T3364] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4321.656000][ T3364] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4321.835999][ T3364] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4321.842617][ T3364] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4644.392350][ T3404] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4646.542774][ T3404] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4648.734007][ T3404] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4650.636691][ T3404] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4678.671122][ T3404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4679.657050][ T3404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4680.687357][ T3404] bond0 (unregistering): Released all slaves [ 4685.205768][ T3404] hsr_slave_0: left promiscuous mode [ 4685.354180][ T3404] hsr_slave_1: left promiscuous mode [ 4686.305349][ T3404] veth1_macvtap: left promiscuous mode [ 4686.320396][ T3404] veth0_macvtap: left promiscuous mode [ 4686.345155][ T3404] veth1_vlan: left promiscuous mode [ 4686.392437][ T3404] veth0_vlan: left promiscuous mode [ 4719.665511][ T3404] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4721.007079][ T3404] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4722.736768][ T3404] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4724.782343][ T3404] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4756.633331][ T3404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4756.832014][ T3404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4756.985092][ T3404] bond0 (unregistering): Released all slaves [ 4759.401492][ T3404] hsr_slave_0: left promiscuous mode [ 4759.511148][ T3404] hsr_slave_1: left promiscuous mode [ 4760.141334][ T3404] veth1_macvtap: left promiscuous mode [ 4760.148275][ T3404] veth0_macvtap: left promiscuous mode [ 4760.163248][ T3404] veth1_vlan: left promiscuous mode [ 4760.180902][ T3404] veth0_vlan: left promiscuous mode [ 4807.735054][ T5514] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4808.134219][ T5514] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4820.936432][ T5521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4821.415393][ T5521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4844.445812][ T5514] hsr_slave_0: entered promiscuous mode [ 4844.524328][ T5514] hsr_slave_1: entered promiscuous mode [ 4859.724934][ T5521] hsr_slave_0: entered promiscuous mode [ 4859.854050][ T5521] hsr_slave_1: entered promiscuous mode [ 4859.924855][ T5521] debugfs: 'hsr0' already exists in 'hsr' [ 4859.941147][ T5521] Cannot create hsr debugfs directory [ 4872.214213][ T5514] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 4873.451127][ T5514] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 4874.582839][ T5514] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 4875.481690][ T5514] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 4889.145088][ T5521] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4889.728424][ T5521] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4890.347098][ T5521] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4890.845611][ T5521] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4917.437638][ T5514] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4928.158258][ T5521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5101.242121][ T5514] veth0_vlan: entered promiscuous mode [ 5102.664825][ T5514] veth1_vlan: entered promiscuous mode [ 5107.012555][ T5514] veth0_macvtap: entered promiscuous mode [ 5107.674940][ T5514] veth1_macvtap: entered promiscuous mode [ 5113.242271][ T4828] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5113.271213][ T4794] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5113.275748][ T4794] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5113.478558][ T3364] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5115.406756][ T5521] veth0_vlan: entered promiscuous mode [ 5118.838362][ T5521] veth1_vlan: entered promiscuous mode [ 5125.553717][ T5521] veth0_macvtap: entered promiscuous mode [ 5126.326660][ T5521] veth1_macvtap: entered promiscuous mode [ 5131.653468][ T5524] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5131.681191][ T5524] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5131.693811][ T5524] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5131.820329][ T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5348.337212][ T4794] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5351.750915][ T4794] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5354.478146][ T4794] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5357.317325][ T4794] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5394.815261][ T4794] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5395.065608][ T4794] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5395.421079][ T4794] bond0 (unregistering): Released all slaves [ 5398.250780][ T4794] hsr_slave_0: left promiscuous mode [ 5398.360659][ T4794] hsr_slave_1: left promiscuous mode [ 5399.281553][ T4794] veth1_macvtap: left promiscuous mode [ 5399.282912][ T4794] veth0_macvtap: left promiscuous mode [ 5399.303030][ T4794] veth1_vlan: left promiscuous mode [ 5399.304527][ T4794] veth0_vlan: left promiscuous mode [ 5443.763839][ T4794] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5445.705800][ T4794] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5447.633321][ T4794] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5449.238331][ T4794] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5481.954767][ T4794] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5482.267706][ T4794] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5482.495272][ T4794] bond0 (unregistering): Released all slaves [ 5485.562357][ T4794] hsr_slave_0: left promiscuous mode [ 5485.685066][ T4794] hsr_slave_1: left promiscuous mode [ 5486.473475][ T4794] veth1_macvtap: left promiscuous mode [ 5486.485238][ T4794] veth0_macvtap: left promiscuous mode [ 5486.496844][ T4794] veth1_vlan: left promiscuous mode [ 5486.514276][ T4794] veth0_vlan: left promiscuous mode [ 5571.545432][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5572.705672][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5574.090428][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5575.146610][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5618.957705][ T5845] hsr_slave_0: entered promiscuous mode [ 5619.114636][ T5845] hsr_slave_1: entered promiscuous mode [ 5623.213649][ T5848] hsr_slave_0: entered promiscuous mode [ 5623.366269][ T5848] hsr_slave_1: entered promiscuous mode [ 5623.501247][ T5848] debugfs: 'hsr0' already exists in 'hsr' [ 5623.502325][ T5848] Cannot create hsr debugfs directory [ 5664.973328][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 5665.883658][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 5666.736689][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 5667.618025][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 5675.651930][ T5848] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 5676.145389][ T5848] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 5676.624164][ T5848] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 5677.236686][ T5848] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 5709.526127][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5717.006109][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5862.064949][ T5845] veth0_vlan: entered promiscuous mode [ 5863.526600][ T5845] veth1_vlan: entered promiscuous mode [ 5868.512721][ T5848] veth0_vlan: entered promiscuous mode [ 5869.862773][ T5845] veth0_macvtap: entered promiscuous mode [ 5870.933091][ T5848] veth1_vlan: entered promiscuous mode [ 5871.096479][ T5845] veth1_macvtap: entered promiscuous mode [ 5877.147246][ T5848] veth0_macvtap: entered promiscuous mode [ 5877.288093][ T6075] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5877.366269][ T3285] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5877.462108][ T3285] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5877.487050][ T5090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5878.526798][ T5848] veth1_macvtap: entered promiscuous mode [ 5885.666681][ T5292] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5885.667858][ T5292] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5885.672979][ T5292] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5885.682035][ T5523] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6229.092748][ T25] audit: type=1400 audit(6228.180:107): avc: denied { execute } for pid=6242 comm="syz.0.379" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 6250.767446][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6253.877119][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6256.801160][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6258.968528][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6302.497635][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6302.984318][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6303.344554][ T12] bond0 (unregistering): Released all slaves [ 6308.474543][ T12] hsr_slave_0: left promiscuous mode [ 6308.981407][ T12] hsr_slave_1: left promiscuous mode [ 6310.343705][ T12] veth1_macvtap: left promiscuous mode [ 6310.390372][ T12] veth0_macvtap: left promiscuous mode [ 6310.415825][ T12] veth1_vlan: left promiscuous mode [ 6310.417409][ T12] veth0_vlan: left promiscuous mode [ 6443.524109][ T6248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6444.194541][ T6248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6498.612811][ T6248] hsr_slave_0: entered promiscuous mode [ 6498.813384][ T6248] hsr_slave_1: entered promiscuous mode [ 6498.938085][ T6248] debugfs: 'hsr0' already exists in 'hsr' [ 6498.995319][ T6248] Cannot create hsr debugfs directory [ 6512.657894][ T6382] kvm [6382]: Failed to find VMA for hva 0x21016000 [ 6541.507897][ T6248] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 6542.186866][ T6248] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 6542.857487][ T6248] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 6543.476371][ T6248] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 6588.454688][ T6248] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6754.669617][ T6248] veth0_vlan: entered promiscuous mode [ 6756.163896][ T6248] veth1_vlan: entered promiscuous mode [ 6760.953100][ T6248] veth0_macvtap: entered promiscuous mode [ 6761.683546][ T6248] veth1_macvtap: entered promiscuous mode [ 6766.993052][ T5292] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6767.001835][ T5292] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6767.110433][ T5526] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6767.141757][ T3285] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7516.987939][ T4795] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7519.944371][ T4795] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7522.354717][ T4795] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7524.428321][ T4795] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7560.410752][ T4795] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7561.375287][ T4795] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7561.752788][ T4795] bond0 (unregistering): Released all slaves [ 7564.597266][ T4795] hsr_slave_0: left promiscuous mode [ 7564.667874][ T4795] hsr_slave_1: left promiscuous mode [ 7565.291040][ T4795] veth1_macvtap: left promiscuous mode [ 7565.292458][ T4795] veth0_macvtap: left promiscuous mode [ 7565.334456][ T4795] veth1_vlan: left promiscuous mode [ 7565.336022][ T4795] veth0_vlan: left promiscuous mode [ 7612.183260][ T5292] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7614.268350][ T5292] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7616.175020][ T5292] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7618.058045][ T5292] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7646.010531][ T5292] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7646.217945][ T5292] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7646.354203][ T5292] bond0 (unregistering): Released all slaves [ 7649.670306][ T5292] hsr_slave_0: left promiscuous mode [ 7649.783753][ T5292] hsr_slave_1: left promiscuous mode [ 7650.502538][ T5292] veth1_macvtap: left promiscuous mode [ 7650.514031][ T5292] veth0_macvtap: left promiscuous mode [ 7650.537002][ T5292] veth1_vlan: left promiscuous mode [ 7650.558634][ T5292] veth0_vlan: left promiscuous mode [ 7694.046441][ T6849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7694.504990][ T6849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7705.695845][ T6861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7706.142245][ T6861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7734.462056][ T6849] hsr_slave_0: entered promiscuous mode [ 7734.518288][ T6849] hsr_slave_1: entered promiscuous mode [ 7745.423180][ T6861] hsr_slave_0: entered promiscuous mode [ 7745.477372][ T6861] hsr_slave_1: entered promiscuous mode [ 7745.518489][ T6861] debugfs: 'hsr0' already exists in 'hsr' [ 7745.591971][ T6861] Cannot create hsr debugfs directory [ 7777.016711][ T6849] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 7777.758452][ T6849] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 7780.327597][ T6849] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 7781.028607][ T6849] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 7791.912661][ T6861] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 7792.494902][ T6861] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 7792.997251][ T6861] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 7793.428325][ T6861] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 7815.926167][ T6849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7828.144651][ T6861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7946.672488][ T6849] veth0_vlan: entered promiscuous mode [ 7947.784635][ T6849] veth1_vlan: entered promiscuous mode [ 7951.786536][ T6849] veth0_macvtap: entered promiscuous mode [ 7952.748401][ T6849] veth1_macvtap: entered promiscuous mode [ 7957.836626][ T6255] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7957.854558][ T6255] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7957.870858][ T6255] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7957.886905][ T6255] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7986.048472][ T6861] veth0_vlan: entered promiscuous mode [ 7987.245101][ T6861] veth1_vlan: entered promiscuous mode [ 7991.924684][ T6861] veth0_macvtap: entered promiscuous mode [ 7992.762152][ T6861] veth1_macvtap: entered promiscuous mode [ 7997.118047][ T4795] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7997.121173][ T4795] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7997.130120][ T4795] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7997.165352][ T4795] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8358.003387][ T6255] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8360.225381][ T6255] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8362.372450][ T6255] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8364.402590][ T6255] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8390.583547][ T6255] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8390.776814][ T6255] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8390.907619][ T6255] bond0 (unregistering): Released all slaves [ 8394.781252][ T6255] hsr_slave_0: left promiscuous mode [ 8395.211123][ T6255] hsr_slave_1: left promiscuous mode [ 8396.383611][ T6255] veth1_macvtap: left promiscuous mode [ 8396.402392][ T6255] veth0_macvtap: left promiscuous mode [ 8396.424574][ T6255] veth1_vlan: left promiscuous mode [ 8396.481215][ T6255] veth0_vlan: left promiscuous mode [ 8426.533986][ T6255] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8428.016140][ T6255] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8429.577673][ T6255] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8432.157533][ T6255] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8459.631161][ T6255] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8459.903076][ T6255] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8460.105929][ T6255] bond0 (unregistering): Released all slaves [ 8462.706559][ T6255] hsr_slave_0: left promiscuous mode [ 8462.773498][ T6255] hsr_slave_1: left promiscuous mode [ 8463.488096][ T6255] veth1_macvtap: left promiscuous mode [ 8463.561203][ T6255] veth0_macvtap: left promiscuous mode [ 8463.591970][ T6255] veth1_vlan: left promiscuous mode [ 8463.593537][ T6255] veth0_vlan: left promiscuous mode [ 8519.892223][ T7274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8520.213878][ T7274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8522.984382][ T7286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8523.336634][ T7286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8556.578190][ T7274] hsr_slave_0: entered promiscuous mode [ 8556.674174][ T7274] hsr_slave_1: entered promiscuous mode [ 8560.423792][ T7286] hsr_slave_0: entered promiscuous mode [ 8560.551597][ T7286] hsr_slave_1: entered promiscuous mode [ 8560.612265][ T7286] debugfs: 'hsr0' already exists in 'hsr' [ 8560.625255][ T7286] Cannot create hsr debugfs directory [ 8588.658334][ T7274] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 8589.283081][ T7274] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 8589.728318][ T7274] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 8590.126716][ T7274] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 8596.453084][ T7286] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 8596.981476][ T7286] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 8597.482905][ T7286] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 8598.041299][ T7286] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 8625.124621][ T7274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8630.174208][ T7286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8755.264973][ T7274] veth0_vlan: entered promiscuous mode [ 8756.196815][ T7274] veth1_vlan: entered promiscuous mode [ 8760.254605][ T7274] veth0_macvtap: entered promiscuous mode [ 8760.422162][ T7286] veth0_vlan: entered promiscuous mode [ 8761.122893][ T7274] veth1_macvtap: entered promiscuous mode [ 8762.155898][ T7286] veth1_vlan: entered promiscuous mode [ 8765.430645][ T6075] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8765.443882][ T6075] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8765.444914][ T6075] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8765.445680][ T6075] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8767.725254][ T7286] veth0_macvtap: entered promiscuous mode [ 8768.653921][ T7286] veth1_macvtap: entered promiscuous mode [ 8773.572851][ T6255] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8773.612080][ T7289] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8773.621487][ T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8773.622320][ T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9331.956587][ T6255] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9334.386562][ T6255] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9336.426612][ T6255] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9339.927463][ T6255] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9363.564933][ T6255] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9363.822636][ T6255] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9364.097847][ T6255] bond0 (unregistering): Released all slaves [ 9367.350182][ T6255] hsr_slave_0: left promiscuous mode [ 9367.472213][ T6255] hsr_slave_1: left promiscuous mode [ 9368.268488][ T6255] veth1_macvtap: left promiscuous mode [ 9368.350649][ T6255] veth0_macvtap: left promiscuous mode [ 9368.361764][ T6255] veth1_vlan: left promiscuous mode [ 9368.363245][ T6255] veth0_vlan: left promiscuous mode [ 9398.648248][ T6255] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9400.313142][ T6255] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9401.866493][ T6255] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9403.093489][ T6255] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9422.046233][ T6255] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9422.126914][ T6255] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9422.228505][ T6255] bond0 (unregistering): Released all slaves [ 9424.412546][ T6255] hsr_slave_0: left promiscuous mode [ 9424.714747][ T6255] hsr_slave_1: left promiscuous mode [ 9425.372031][ T6255] veth1_macvtap: left promiscuous mode [ 9425.378287][ T6255] veth0_macvtap: left promiscuous mode [ 9425.406169][ T6255] veth1_vlan: left promiscuous mode [ 9425.436741][ T6255] veth0_vlan: left promiscuous mode [ 9487.321907][ T7866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9487.590617][ T7866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9491.441396][ T7875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9491.707602][ T7875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9523.207669][ T7866] hsr_slave_0: entered promiscuous mode [ 9523.344842][ T7866] hsr_slave_1: entered promiscuous mode [ 9527.374603][ T7875] hsr_slave_0: entered promiscuous mode [ 9527.436033][ T7875] hsr_slave_1: entered promiscuous mode [ 9527.546482][ T7875] debugfs: 'hsr0' already exists in 'hsr' [ 9527.552764][ T7875] Cannot create hsr debugfs directory [ 9549.438340][ T7866] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 9551.006333][ T7866] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 9551.555286][ T7866] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 9553.097642][ T7866] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 9565.013982][ T7875] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 9565.654708][ T7875] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 9566.232211][ T7875] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 9566.617674][ T7875] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 9587.977678][ T7866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9596.714117][ T7875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9715.202964][ T7866] veth0_vlan: entered promiscuous mode [ 9716.249855][ T7866] veth1_vlan: entered promiscuous mode [ 9719.164661][ T7866] veth0_macvtap: entered promiscuous mode [ 9719.612568][ T7866] veth1_macvtap: entered promiscuous mode [ 9722.608769][ T6075] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9722.614453][ T6075] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9722.626652][ T6075] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9722.696330][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9726.569570][ T7875] veth0_vlan: entered promiscuous mode [ 9727.796631][ T7875] veth1_vlan: entered promiscuous mode [ 9730.885643][ T7875] veth0_macvtap: entered promiscuous mode [ 9731.515533][ T7875] veth1_macvtap: entered promiscuous mode [ 9735.626164][ T7291] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9735.630779][ T7291] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9735.653470][ T6255] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9735.793441][ T5292] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9779.135924][ T8142] KVM: debugfs: duplicate directory 8142-6 [ 9940.536492][ T8164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9942.253548][ T8164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9943.441061][ T8168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9943.852561][ T8168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9985.128309][ T8164] hsr_slave_0: entered promiscuous mode [ 9985.304425][ T8164] hsr_slave_1: entered promiscuous mode [ 9985.411924][ T8164] debugfs: 'hsr0' already exists in 'hsr' [ 9985.420134][ T8164] Cannot create hsr debugfs directory [ 9989.824608][ T8168] hsr_slave_0: entered promiscuous mode [ 9989.984055][ T8168] hsr_slave_1: entered promiscuous mode [ 9990.131814][ T8168] debugfs: 'hsr0' already exists in 'hsr' [ 9990.134139][ T8168] Cannot create hsr debugfs directory [10032.874553][ T8164] netdevsim netdevsim9 netdevsim0: renamed from eth0 [10033.770968][ T8164] netdevsim netdevsim9 netdevsim1: renamed from eth1 [10034.702479][ T8164] netdevsim netdevsim9 netdevsim2: renamed from eth2 [10036.487641][ T8164] netdevsim netdevsim9 netdevsim3: renamed from eth3 [10043.156693][ T8168] netdevsim netdevsim1 netdevsim0: renamed from eth0 [10043.628118][ T8168] netdevsim netdevsim1 netdevsim1: renamed from eth1 [10044.313790][ T8168] netdevsim netdevsim1 netdevsim2: renamed from eth2 [10044.797514][ T8168] netdevsim netdevsim1 netdevsim3: renamed from eth3 [10078.675250][ T8164] 8021q: adding VLAN 0 to HW filter on device bond0 [10085.285754][ T8168] 8021q: adding VLAN 0 to HW filter on device bond0 [10163.746772][ T6075] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10165.711787][ T6075] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10167.593536][ T6075] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10169.465456][ T6075] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10195.494422][ T6075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [10195.742593][ T6075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [10195.907839][ T6075] bond0 (unregistering): Released all slaves [10199.616501][ T6075] hsr_slave_0: left promiscuous mode [10199.730024][ T6075] hsr_slave_1: left promiscuous mode [10200.576841][ T6075] veth1_macvtap: left promiscuous mode [10200.581813][ T6075] veth0_macvtap: left promiscuous mode [10200.584016][ T6075] veth1_vlan: left promiscuous mode [10200.585447][ T6075] veth0_vlan: left promiscuous mode [10228.028139][ T6075] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10229.973535][ T6075] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10231.517039][ T6075] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10232.847350][ T6075] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10254.487329][ T6075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [10254.706041][ T6075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [10254.934817][ T6075] bond0 (unregistering): Released all slaves [10257.923141][ T6075] hsr_slave_0: left promiscuous mode [10258.002737][ T6075] hsr_slave_1: left promiscuous mode [10258.613803][ T6075] veth1_macvtap: left promiscuous mode [10258.616329][ T6075] veth0_macvtap: left promiscuous mode [10258.628615][ T6075] veth1_vlan: left promiscuous mode [10258.661652][ T6075] veth0_vlan: left promiscuous mode [10292.492011][ T8168] veth0_vlan: entered promiscuous mode [10293.365207][ T8168] veth1_vlan: entered promiscuous mode [10296.335058][ T8168] veth0_macvtap: entered promiscuous mode [10296.781676][ T8168] veth1_macvtap: entered promiscuous mode [10299.622139][ T7869] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10299.640553][ T7869] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10299.806030][ T7869] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10299.930089][ T7869] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10307.295628][ T8164] veth0_vlan: entered promiscuous mode [10308.117157][ T8164] veth1_vlan: entered promiscuous mode [10311.566084][ T8164] veth0_macvtap: entered promiscuous mode [10312.182938][ T8164] veth1_macvtap: entered promiscuous mode [10314.917101][ T6255] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10314.922203][ T6255] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10314.934365][ T6255] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10315.081475][ T6255] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10327.213913][ T8430] kvm [8429]: Unsupported guest access at: eeef0000 [10327.213913][ T8430] { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write }, [10576.738650][ T12] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10579.231182][ T12] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10581.072126][ T12] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10583.362474][ T12] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10611.816588][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [10612.256525][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [10612.655446][ T12] bond0 (unregistering): Released all slaves [10615.186651][ T12] hsr_slave_0: left promiscuous mode [10615.352828][ T12] hsr_slave_1: left promiscuous mode [10616.037566][ T12] veth1_macvtap: left promiscuous mode [10616.051068][ T12] veth0_macvtap: left promiscuous mode [10616.071776][ T12] veth1_vlan: left promiscuous mode [10616.085826][ T12] veth0_vlan: left promiscuous mode [10697.196628][ T8582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10697.640155][ T8582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10731.916771][ T8582] hsr_slave_0: entered promiscuous mode [10732.123536][ T8582] hsr_slave_1: entered promiscuous mode [10748.492453][ T8698] kvm [8698]: Failed to find VMA for hva 0x20c01000 [10752.618594][ T8582] netdevsim netdevsim2 netdevsim0: renamed from eth0 [10752.965136][ T8582] netdevsim netdevsim2 netdevsim1: renamed from eth1 [10753.368285][ T8582] netdevsim netdevsim2 netdevsim2: renamed from eth2 [10753.905358][ T8582] netdevsim netdevsim2 netdevsim3: renamed from eth3 [10786.044232][ T8582] 8021q: adding VLAN 0 to HW filter on device bond0 [10900.963519][ T8582] veth0_vlan: entered promiscuous mode [10902.118385][ T8582] veth1_vlan: entered promiscuous mode [10905.425356][ T8582] veth0_macvtap: entered promiscuous mode [10906.274293][ T8582] veth1_macvtap: entered promiscuous mode [10910.394405][ T6255] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10910.407459][ T6255] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10910.441369][ T6255] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10910.457706][ T6255] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [11208.444013][ T7869] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [11211.643669][ T7869] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [11214.246631][ T7869] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [11216.357605][ T7869] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [11245.983747][ T7869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [11246.645051][ T7869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [11247.005915][ T7869] bond0 (unregistering): Released all slaves [11250.080901][ T7869] hsr_slave_0: left promiscuous mode [11250.172418][ T7869] hsr_slave_1: left promiscuous mode [11251.156863][ T7869] veth1_macvtap: left promiscuous mode [11251.211990][ T7869] veth0_macvtap: left promiscuous mode [11251.242220][ T7869] veth1_vlan: left promiscuous mode [11251.271783][ T7869] veth0_vlan: left promiscuous mode [11257.398283][ T9021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xeaf0000000000000 pfn:0x5af6b [11257.531015][ T9021] flags: 0x1ffc6c000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x1b) [11257.572949][ T9021] raw: 01ffc6c000000000 ffffc1ffc06af588 ffffc1ffc06bd588 0000000000000000 [11257.602854][ T9021] raw: eaf0000000000000 0000000000000000 00000000ffffffff 0000000000000000 [11257.643196][ T9021] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0) [11257.691312][ T9021] ------------[ cut here ]------------ [11257.691569][ T9021] kernel BUG at ./include/linux/mm.h:1036! [11257.693308][ T9021] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [11257.698076][ T9021] Modules linked in: [11257.700050][ T9021] CPU: 0 UID: 0 PID: 9021 Comm: syz.1.654 Not tainted syzkaller #0 PREEMPT [11257.701575][ T9021] Hardware name: linux,dummy-virt (DT) [11257.702803][ T9021] pstate: 60402009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [11257.704045][ T9021] pc : kvm_s2_put_page+0x374/0x3a0 [11257.708084][ T9021] lr : kvm_s2_put_page+0x374/0x3a0 [11257.709038][ T9021] sp : ffff80008e4f7450 [11257.709743][ T9021] x29: ffff80008e4f7450 x28: 9ff000001af56000 x27: 9ff000001af56000 [11257.711277][ T9021] x26: 00000000000000ff x25: ffff800087396000 x24: ffffc1ffc0000000 [11257.712650][ T9021] x23: ffffc1ffc06bdac8 x22: 0000000000000000 x21: ffffc1ffc06bdaf4 [11257.713998][ T9021] x20: 0000000000000000 x19: ffffc1ffc06bdac0 x18: 0000000011d92ca3 [11257.715193][ T9021] x17: 000000000372b230 x16: 00000000103de27d x15: 000000003ffd3386 [11257.716476][ T9021] x14: ffffffffffffffff x13: fff000001e475888 x12: 0000000000000001 [11257.717793][ T9021] x11: 0000000000000000 x10: 0000000000ff0100 x9 : 988a5ae9adf88b00 [11257.719183][ T9021] x8 : 988a5ae9adf88b00 x7 : ffff80008039fbc8 x6 : 0000000000000000 [11257.720512][ T9021] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [11257.721821][ T9021] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e [11257.723230][ T9021] Call trace: [11257.724108][ T9021] kvm_s2_put_page+0x374/0x3a0 (P) [11257.725339][ T9021] stage2_free_walker+0x1b0/0x264 [11257.726353][ T9021] __kvm_pgtable_walk+0x7d8/0xa68 [11257.727328][ T9021] kvm_pgtable_walk+0x294/0x468 [11257.728244][ T9021] kvm_pgtable_stage2_destroy_range+0x60/0xb4 [11257.729280][ T9021] kvm_free_stage2_pgd+0x198/0x28c [11257.730087][ T9021] kvm_uninit_stage2_mmu+0x20/0x38 [11257.731014][ T9021] kvm_arch_flush_shadow_all+0x1a8/0x1e0 [11257.731969][ T9021] kvm_mmu_notifier_release+0x48/0xa8 [11257.732920][ T9021] __mmu_notifier_release+0x310/0x614 [11257.733840][ T9021] exit_mmap+0xb8/0xbb8 [11257.734644][ T9021] __mmput+0x10c/0x528 [11257.735473][ T9021] mmput+0x70/0xac [11257.736284][ T9021] exit_mm+0x158/0x258 [11257.737167][ T9021] do_exit+0x788/0x2378 [11257.738035][ T9021] do_group_exit+0x1d4/0x2ac [11257.738947][ T9021] get_signal+0x1440/0x1554 [11257.739854][ T9021] do_signal+0x23c/0x4dd0 [11257.740813][ T9021] do_notify_resume+0xb0/0x270 [11257.741752][ T9021] el0_svc+0xb8/0x164 [11257.742580][ T9021] el0t_64_sync_handler+0x84/0x12c [11257.743525][ T9021] el0t_64_sync+0x198/0x19c [11257.745084][ T9021] Code: 900377c1 910e9421 aa1303e0 97f9c9f2 (d4210000) [11257.746980][ T9021] ---[ end trace 0000000000000000 ]--- [11257.748542][ T9021] Kernel panic - not syncing: Oops - BUG: Fatal exception [11257.750464][ T9021] Kernel Offset: disabled [11257.751135][ T9021] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f [11257.752155][ T9021] Memory Limit: none [11257.753810][ T9021] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:51:52 Registers: info registers vcpu 0 CPU#0 PC=ffff800080694794 X00=0000000000000011 X01=0000000000000000 X02=ffff80008e4f6a50 X03=ffff80008e4f6ae8 X04=000000000000233d X05=0000000000000000 X06=ffff80008048ab34 X07=ffff800080015834 X08=76f000001e475880 X09=0000000000000004 X10=0000000000ff0100 X11=000000000000005c X12=0000000000ff0100 X13=0000000000000007 X14=0000000000000000 X15=ffff800087fe5a20 X16=0000000000000000 X17=000000000372b230 X18=0000000011d92ca3 X19=ffffffffffffffff X20=efff800000000000 X21=ffff80008e4f6bf6 X22=ffff8000870c09de X23=0000000000000005 X24=ffff80008e4f6bf7 X25=ffff800087bed8f0 X26=ffff80008e4f6b10 X27=ffff8000870c09e1 X28=ffffffffffffffd0 X29=ffff80008e4f69b0 X30=ffff80008657e30c SP=ffff80008e4f69b0 PSTATE=204023c9 --C- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:6d766b2f7665642f Z01=ffffffffffffffff:0000000000000000 Z02=0000000000000000:ffffffff00000000 Z03=ff00ff0000000000:ffffffffffffff00 Z04=0000000000000000:f0f00000fffffff0 Z05=0000000000000000:ccccccccccccf000 Z06=0000000000000073:0000aaab0d1043c0 Z07=0000000000000074:0000aaab0d101600 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffe3ee25d0:0000ffffe3ee25d0 Z17=ffffff80ffffffd0:0000ffffe3ee25a0 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000