last executing test programs: 2h41m33.441022844s ago: executing program 32 (id=10): mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0)=0x7ffffff, 0xfdef) 2h41m28.730911946s ago: executing program 33 (id=11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b}) ioctl$KVM_CHECK_EXTENSION(r0, 0x4020940d, 0x20) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c) r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x12, r8, 0x0) syz_kvm_setup_cpu$arm64(r5, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000040000000000000001000008400000000040000000000000009000000000000000000000000400000740000000000000002000000000000004600000000000000180000000000000003000000630000006e0000000000000030000000000000000000080800000000fcff000000000000018000000000000004000000000000002201000000000000400000000000000013000084000000000001000000000000070000000000000000000000000000000b8000000000000002000000000000000000000000000000180000000000000000000000000000800a000000000000009c000000000000000028c01a0000005300558ed20040b0f2810180d2c20180d2c30180d2a40080d2020000d4007008d5a0198cd200c0b0f2a10080d2620180d2030080d2640180d2020000d4007008d5405d9ed200e0b0f2010080d2620180d2a30180d2240180d2020000d4403d99d200a0b8f2210080d2220180d2030080d2e40180d2020000d4000008d500e4200ec0035fd66e0000000000000030000000000000000000080800000000880000000000000000000000000000000a00000000000000e600000000000000180000000000000007000000000000003200000000000000400000000000000000800000000000008d0000000000000001040000000000008100000000000000020000000000000000000000000000006e0000000000000030000000000000000000080800000000f0ff00000000000000000000000000000100000000000000220100000000000040000000000000000000003000000000ffff0000000000001c00000000000000a3fb210300000000ff0f00400000000005000000000000000a0000000000000084000000000000000000000b008c207e1f0000abc0a583d200c0b8f2010080d2c20180d2c30080d2840080d2020000d4008008d5208e87d20020b0f2010080d2e20080d2a30180d2240180d2020000d400d8a12e00c8a07ec06f9cd20080b8f2c10180d2820080d2830180d2a40180d2020000d40024002fc0035fd6140000000000000020000000000000006ddf13000000306006000000000000000000000000000000180000000000000001000000000000001e0000000000000040000000000000000000000600000000030000000000000000000000000000000180000000000000d100000000000000000000000000000014000000000000002000000000000000315b000000000000f40b0000000000000a00000000000000cc00000000000000a06288d20020b8f2e10180d2420180d2c30180d2640080d2020000d4000008d500b8212e000c403c00ff96d20000b0f2810080d2a20180d2030080d2240180d2020000d4a0f68fd20060b8f2010080d2220180d2030180d2c40180d2020000d4602e97d20080b8f2c10080d2020180d2630180d2040180d2020000d480ba8ad20020b8f2810080d2c20180d2a30080d2c40180862a0000d4007008d5c06783d20060b0f2010180d2a20080d2830180d2e40180d2020000d4c0035fd6be00000000000000180000000000000001e213000000306000000000000000001800000000000000ff7f00000000000000000000000000001800000000000000269d000000000000320000000000000040000000000000000c0000840000000005000000000000000000000001000000faffffffffffffff0f000000000000000e00000000000000320000000000000040000000000000000b00008400000000f6ef000000000000ff0700000000000007000000000000004d0000000000000005000000000000001400000000000000200000000000000011da130000003060070000000000000000000000000000001800000000000000080000000000000032000000000000004000000000000000200000c500000000008000000000000002000000000000000004000000000000ff00000000000000000000000000000022010000000000004000000000000000000800000000000081000000000000000e00000000000000030000000000000003000000000000000700000000000000e600000000000000180000000000000008000000000000000000000000000000180000000000000004000000000000001400000000000000200000000000000090e01300000030600000000000000000220100000000000040000008000000000000000500000000000000800000000007000000000000000200000000000000c4000000000000000080000000000000000000000000000018000000000000000300000000000000460000000000000018000000000000000000000006000000338a5071a95f8a4643a17eeff24a03b0ba9e498e8419932f269c93d68fbb0bb1d8a9e8601713c3e25160e3cfd8c24582e43cb191d8c3088e942a96332a39dd5682c2cdce01533bc742f990bd84089e91520e1225ccfd8946622c684148641e816bb7c9980e4d0f210ba3be0bcab94d64c14f41ba96be46bbdecbac89d7688ed01e135f0859a07dee97c2416f2939279d25e84af6054e785a0d"], 0x69c}], 0x1, 0x0, &(0x7f0000000080)=[@featur2], 0x1) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r10, 0x401c5820, 0xffff98600fff) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x5, 0x6, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2h35m49.330254362s ago: executing program 34 (id=12): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000ab9000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010001a, 0x0}) r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2h35m27.980604207s ago: executing program 35 (id=13): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x8ee00, 0x0) write$eventfd(0xffffffffffffffff, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xb) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x1f}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2h25m35.558214025s ago: executing program 5 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x7, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil}) (async) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0xa0003, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) (async, rerun: 64) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1e) (async, rerun: 64) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x260040, 0x0) (rerun: 64) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x40000000000004a) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0xc400000e, [0x8, 0x80000000, 0x9, 0x1, 0x1]}}], 0x40}, 0x0, 0x0) (async) r12 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x3, 0x20}}], 0x18}, 0x0, 0x0) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0x2, 0x100) (rerun: 32) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r14 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r13, 0x3000007, 0x11, r11, 0x0) (async) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r13, 0x3, 0x11, r11, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r14, 0x0) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r14, 0xfffffffffffffffe) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000ab5000/0x400000)=nil) (async, rerun: 32) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32) r15 = syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x1, 0xfffffffffffffffd, &(0x7f0000000200)=0x8000000000004000}) 2h24m46.750391245s ago: executing program 36 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x7, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil}) (async) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0xa0003, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) (async, rerun: 64) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1e) (async, rerun: 64) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x260040, 0x0) (rerun: 64) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x40000000000004a) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0xc400000e, [0x8, 0x80000000, 0x9, 0x1, 0x1]}}], 0x40}, 0x0, 0x0) (async) r12 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x3, 0x20}}], 0x18}, 0x0, 0x0) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0x2, 0x100) (rerun: 32) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r14 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r13, 0x3000007, 0x11, r11, 0x0) (async) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r13, 0x3, 0x11, r11, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r14, 0x0) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r14, 0xfffffffffffffffe) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000ab5000/0x400000)=nil) (async, rerun: 32) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32) r15 = syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x1, 0xfffffffffffffffd, &(0x7f0000000200)=0x8000000000004000}) 2h21m17.148487871s ago: executing program 37 (id=52): munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000100), 0x26ef03, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x0, 0x0}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100040, 0x0}) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) r9 = eventfd2(0x8, 0x80800) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f00000000c0)={r9, 0x3}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r9, 0x9, 0x3, r9}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) close(r3) 2h11m8.900940771s ago: executing program 38 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0xdddd1000, 0x10000, 0x1}) (async) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00006490227000180000000000afb59e4182708516affb146c6ea84e038000130000083060"], 0x18}], 0x1, 0x0, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r5, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x1}) (async) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000100)={0x1002000, 0x1}) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f00000001c0)) (async) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) close(r6) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x5e06}}, @hvc={0x32, 0x40, {0x80000002, [0x2, 0x5, 0x5, 0xf, 0x2]}}, @msr={0x14, 0x20, {0x6030000000138046, 0xfff}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1da}}], 0xb8}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0xa0}], 0x1) 2h5m23.52839746s ago: executing program 39 (id=87): r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000000)={0x8, 0x1, 0x8, r0, 0x1}) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013c015, &(0x7f0000000200)=0xae}) ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xd8) close(r8) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000000c0)={0xf2ac, 0x7}) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)}) r13 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=[@featur1={0x1, 0x77}], 0x1) ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000480)=@arm64_fw={0x6030000000140000, &(0x7f0000000440)=0xdd}) 1h55m14.671199327s ago: executing program 40 (id=102): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) close(r3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, 0x0, 0x2000009, 0x11, 0xffffffffffffffff, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e0f000/0x4000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f00000001c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000240)=0x400000010000}) r12 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) 1h54m52.120861442s ago: executing program 41 (id=103): r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f00000000c0)) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000140)=[@featur1={0x1, 0x633563f6b2813d7}], 0x1) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@x86={0x2, 0x6, 0x10, 0x0, 0x6, 0x1, 0x1, 0x5, 0x7, 0x0, 0x2, 0x3, 0x0, 0x2, 0x3, 0x8, 0x0, 0x7, 0x6, '\x00', 0x4, 0x4}) 1h44m53.719880875s ago: executing program 42 (id=111): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000240)={0x200002f}) syz_kvm_vgic_v3_setup(r5, 0x3, 0x200) (async) r10 = syz_kvm_vgic_v3_setup(r5, 0x3, 0x200) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x7, 0x3, &(0x7f0000000180)=0x7}) (async) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x7, 0x3, &(0x7f0000000180)=0x7}) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) mmap$KVM_VCPU(&(0x7f0000785000/0x4000)=nil, 0x0, 0x1000001, 0x12, r9, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000785000/0x4000)=nil, 0x0, 0x1000001, 0x12, r9, 0x0) r13 = eventfd2(0x0, 0x0) close(r13) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) (async) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r15, 0xc018aec0, &(0x7f0000000000)={0x0, 0x100, 0x1c0, 0x0}) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r15, 0xc018aec0, &(0x7f0000000000)={0x0, 0x100, 0x1c0, 0x0}) 1h44m42.721537636s ago: executing program 43 (id=112): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000100)=0x19}) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1fe, 0xa}}) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000001c0)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010000a, &(0x7f0000000000)=0x10000}) 1h33m11.742514909s ago: executing program 44 (id=130): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = syz_kvm_vgic_v3_setup(r2, 0x3, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x60800000001501b0, &(0x7f0000000000)=0x4}) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001}) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x2, 0x0}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 1h32m56.998109139s ago: executing program 45 (id=131): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000e73000/0x3000)=nil, r1, 0x600000e, 0xd833, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8012, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000180)=0x17}) (async) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r5, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_MP_STATE(r10, 0x4004ae99, &(0x7f00000001c0)=0x3) (async) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0xc0189436, 0x172) ioctl$KVM_RUN(r5, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) 1h25m53.618306883s ago: executing program 5 (id=132): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x0, {0x84000011, [0x2, 0x2, 0x1, 0x7, 0x2]}}, @mrs={0xbe, 0x0, {0x603000000013c00b}}, @memwrite={0x6e, 0x0, @vgic_gicr={0x80c0000, 0xc0, 0x2, 0x4}}, @uexit, @msr={0x14, 0x0, {0x6030000000138084, 0x2}}, @mrs={0xbe, 0x0, {0x603000000013806e}}, @mrs={0xbe, 0x0, {0x603000000013f2b0}}, @msr={0x14, 0x0, {0x603000000013dee5, 0x5}}, @eret={0xe6, 0x0, 0xd43}, @eret={0xe6, 0x0, 0x3}, @irq_setup={0x46, 0x0, {0x3, 0x183}}, @its_setup={0x82, 0x0, {0x2, 0x2, 0x359}}, @memwrite={0x6e, 0x0, @vgic_gits={0x8080000, 0xffd0, 0x9, 0x2}}], 0x44}, 0x0, 0x0) (async, rerun: 64) r4 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (rerun: 64) ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_arm64={0x0, 0xa, 0x3, &(0x7f0000000040)=0x9}) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x76d107, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) (async) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x4, 0x220) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_RUN(r3, 0xae80, 0x0) (rerun: 64) 1h25m34.224111844s ago: executing program 5 (id=134): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) syz_kvm_setup_cpu$arm64(r5, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000240)) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x407, 0x2, 0x9, 0x3}}], 0x28}, &(0x7f00000000c0)=[@featur1={0x1, 0xbb}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ff1000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000ab8000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x2) syz_kvm_add_vcpu$arm64(r17, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r16, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001}) r18 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138010, 0x80000001}}], 0x1a}, 0x0, 0x0) ioctl$KVM_RUN(r18, 0xae80, 0x0) 1h25m10.731482494s ago: executing program 5 (id=136): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r2, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r4, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x60871, 0x0) 1h24m56.354580328s ago: executing program 5 (id=138): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000100)=0x10000}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x200}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1h24m8.35396475s ago: executing program 46 (id=138): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000100)=0x10000}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x200}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1h24m2.27086258s ago: executing program 47 (id=139): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r6 = eventfd2(0x0, 0x0) close(r6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r6, &(0x7f0000000180)=0x5, 0xfffffde3) mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000}) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r1, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) 1h12m1.57094908s ago: executing program 7 (id=180): openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x19) (async) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x19) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x7e) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r2, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x100000000) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0xffff7ffffffffffb) (async) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0xffff7ffffffffffb) r11 = mmap$KVM_VCPU(&(0x7f0000d9a000/0x1000)=nil, 0x930, 0x100000a, 0x110, r8, 0x40000) syz_memcpy_off$KVM_EXIT_MMIO(r11, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000040)={0x3, 0x79}) openat$kvm(0x0, &(0x7f0000000000), 0x222000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) 1h11m45.318436915s ago: executing program 7 (id=182): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xc0189436, 0x172) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}}) r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1h11m12.230201445s ago: executing program 48 (id=181): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160006, 0x0}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160006, 0x0}) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) (async) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x0) (async) 1h10m54.622519421s ago: executing program 49 (id=182): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xc0189436, 0x172) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}}) r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) 57m12.90435862s ago: executing program 8 (id=238): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xffffffffffffffff) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c640}}], 0x18}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x8030aeb4, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}}) 57m0.331770028s ago: executing program 8 (id=240): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r10, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r12, 0x2000009, 0x213011, r10, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r10, 0xaead) ioctl$KVM_RUN(r7, 0xae80, 0x0) 56m12.050623351s ago: executing program 50 (id=240): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r10, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r12, 0x2000009, 0x213011, r10, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r10, 0xaead) ioctl$KVM_RUN(r7, 0xae80, 0x0) 53m34.516033408s ago: executing program 9 (id=254): mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7}) 53m23.284149057s ago: executing program 9 (id=255): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x16) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x40}], 0x1) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x110c230000}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) 53m11.181327959s ago: executing program 9 (id=256): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd7) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x2, 0x2, &(0x7f0000000280)=0x2}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, &(0x7f0000000180)) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x7, 0x2, &(0x7f00000000c0)=0x800}) (async) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x0, 0x55c, &(0x7f0000000000)=0x100000001}) 53m0.738106362s ago: executing program 9 (id=257): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xb}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x1ff, 0xd5d61001, 0x0, r8}) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f0000000100)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x2, 0x8}}, @irq_setup={0x46, 0x18, {0x4, 0x354}}], 0x48}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 52m49.192487323s ago: executing program 9 (id=258): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x28381, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2e) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x13}) mmap$KVM_VCPU(&(0x7f000000a000/0x2000)=nil, r4, 0x2000000, 0x12, r2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20683, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0xb}) r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r10, 0x0) 52m25.376033681s ago: executing program 9 (id=259): openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d1, 0x0}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) write$eventfd(r8, &(0x7f00000001c0)=0x7ffffff, 0xfdef) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r10 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0xfb7f0000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r15, 0x603000000013dce4, 0x8000) r16 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7}) 51m35.800956799s ago: executing program 51 (id=259): openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d1, 0x0}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) write$eventfd(r8, &(0x7f00000001c0)=0x7ffffff, 0xfdef) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r10 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0xfb7f0000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r15, 0x603000000013dce4, 0x8000) r16 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7}) 42m50.911259956s ago: executing program 1 (id=287): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x4, 0x340) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x5, 0x3, &(0x7f0000000040)=0x3}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000300)={0x1000020, 0x1}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) r11 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000}) r12 = ioctl$KVM_GET_STATS_FD_cpu(r10, 0xaece) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r12, 0x4010aeb5, &(0x7f0000000100)={0xa0000000000, 0x4}) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c800}}], 0x18}, 0x0, 0xfffffffffffffffb) ioctl$KVM_RUN(r16, 0xae80, 0x0) r17 = eventfd2(0x4, 0x80801) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r17, 0x8}) 42m46.63105877s ago: executing program 0 (id=288): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x0, 0xfffffffffffffffe}) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) write$eventfd(r3, &(0x7f0000000000), 0xfffffdef) (async) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f0000000380)) (async) munmap(&(0x7f0000008000/0x1000)=nil, 0x200000) (async) r5 = mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, 0x0, 0x0, 0x8010, r0, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000300)="5da38b6ffc47826e438ee6fb9554a5dd46408b5f661d4c55e51f89e3cd3c8c6699a8b0b1ae2e01647d19431a72dd7dd158cbc028770286472e52a636061437c0262f0227d9b1dd20", 0x0, 0x48) (async) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000140)={0x8, 0x0, [{0x8, 0x2, 0x0, 0x0, @sint={0xe78}}, {0x2, 0x4, 0x1, 0x0, @adapter={0x10, 0x9, 0xb91, 0xc0, 0x7fff}}, {0x9, 0x5, 0x0, 0x0, @sint={0x4, 0x6}}, {0x207, 0x0, 0x0, 0x0, @irqchip={0x80000001, 0x5}}, {0x5, 0x3, 0x0, 0x0, @msi={0x4e44, 0x8, 0x1, 0x5}}, {0xeff, 0x1, 0x1, 0x0, @sint={0xfff, 0x10000}}, {0x7, 0x2, 0x1, 0x0, @irqchip={0x94c, 0x10001}}, {0xd088, 0x3, 0x0, 0x0, @msi={0x5, 0xfffffff9, 0x0, 0x43}}]}) 42m33.080779327s ago: executing program 0 (id=289): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0xd, 0x7}) (async) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0xd, 0x7}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0xfffffffffffffffd) close(r2) 42m31.991036562s ago: executing program 1 (id=290): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1b) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000000)=0x6) r2 = mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x0, 0x3, 0x1010, r1, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000040)="269c1cf2da9a1d091d24e6a1def41f6aa9aed70ae6cdf417a866ad18a56ae951f6dd9a87fe3641f986073e9ebd7ca87e7e846d0e7be4ffdc4fa1299f9eab72f4e1881a5507f1e4ce", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000000c0)={0x0, 0xffffffffffffffff}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000100)="c61bc492b44e5c4456a85a3e4a76765e73cf8b0da5a154194d9ddbf0cf09a3e7b7bae0ebcd2eeb5d9c7bf92de7ced3ab62149b84b55316a7befbd7c59582046c4ce00d2f9ef3405d", 0x0, 0x48) syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, &(0x7f0000000180)="8697fcc5f4b17ef88ee10cfed8931843dc5eb98279d9d426", 0x0, 0x18) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r4, 0x2000002, 0x8010, r1, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x20) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000001c0)={0x9, 0xffffffffffffffff, 0x1}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000200)="f0deb70d7deeafb01b5635b8f450443fe265e3628cd5e7da799db24bb0966f200e59ec9452a4e774985b731597412c2dcf5832a841477459f82f2a2e4bae5ae65100292daad8b166", 0x0, 0x48) r6 = mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r4, 0x800005, 0x52011, r1, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r6, 0x20, &(0x7f0000000280)="ceb0ee8f84a77000053ee6c26acf3e1a4ee0264ef504e844", 0x0, 0x18) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x2e6b5f724adcb3a, 0x4013, r1, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, &(0x7f00000002c0)="5134b72cfa7ab44f6b8dff82e1d14fce89a68dfe7b9e0628", 0x0, 0x18) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000cb4000/0x2000)=nil, r7, 0x0, 0x20010, r8, 0x0) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000300)={0x40, 0x6}) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000f07000/0x1000)=nil, 0x1000) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000340)="2f1d73d1b1b5521ff4d4b24e6f1cd851f7834e441669847a74361bc9d19a10c61394c2a91e70c46b625c13da91dd609f46fef8d55a823b71ebae3b9c967439113e6d24208355c44c", 0x0, 0x48) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000f95000/0x1000)=nil, r11, 0x0, 0x1010, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000400)=@attr_arm64={0x0, 0x6, 0x3, &(0x7f00000003c0)=0x8000000000000000}) 42m19.712564824s ago: executing program 0 (id=291): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x2, [0x3b, 0x6, 0x7, 0x4, 0x8000000000000000]}}], 0x40}, 0x0, 0x0) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@eret={0xe6, 0x18, 0x7fff}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) syz_kvm_vgic_v3_setup(r12, 0x0, 0x80) 42m18.52831607s ago: executing program 1 (id=292): r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x18}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_sve={0x60800000001500e6, 0x0}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) 42m0.516035099s ago: executing program 1 (id=293): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0) r3 = eventfd2(0x6, 0x800) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000280)={r3, 0x9}) r4 = eventfd2(0xfb2, 0x1) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000240)={r4, 0x3, 0x1}) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300), 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r11, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0x7, 0x7}}) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_GET_REG_LIST(r13, 0xc008aeb0, &(0x7f0000000000)) 41m57.814357946s ago: executing program 0 (id=294): ioctl$KVM_GET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x1, &(0x7f0000000080)=0xc02b}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8200, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x185600, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x13, r0, 0x0) 41m47.801382207s ago: executing program 0 (id=295): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@hvc={0x32, 0x40, {0xc4000011, [0xffffffffffffffff, 0x4, 0x2ec, 0x4]}}, @uexit={0x0, 0x18, 0x9}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0x5, 0x9, 0x2c}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x8400000c, [0x81, 0x3fff7157, 0xf0, 0xb9b4, 0x8001]}}, @uexit={0x0, 0x18, 0x10001}, @code={0xa, 0x84, {"007008d5c0858ed20020b8f2010080d2220180d2a30180d2640080d2020000d40060800c00d882d20060b8f2810180d2e20180d2830180d2440180d2020000d4008008d50048217e007008d5000080a8e08e83d200c0b8f2610180d2020180d2630180d2440180d2020000d400c0221e"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x2000, 0x4c, 0x8}}, @irq_setup={0x46, 0x18, {0x1, 0x294}}], 0x1bc}, &(0x7f0000000040)=[@featur2={0x1, 0x90}], 0x1) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000380)=@other={0x1, &(0x7f0000000140)=0x7}) r6 = mmap$KVM_VCPU(&(0x7f0000cbe000/0x3000)=nil, r3, 0x3000005, 0x10, r5, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r8, r10, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000c00)=[@its_setup={0x82, 0x28, {0x0, 0x4, 0x44}}, @eret={0xe6, 0x18, 0xfff}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x200}}, @svc={0x122, 0x40, {0x86000001, [0x240000000000, 0x2, 0x9, 0x40, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013c200}}, @irq_setup={0x46, 0x18, {0x3, 0x114}}, @smc={0x1e, 0x40, {0x8, [0x7, 0xb, 0x0, 0x2, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x300, 0x401, 0x1}}, @smc={0x1e, 0x40, {0x10800000d, [0x9a0, 0x0, 0xfff, 0xe400, 0x5]}}, @smc={0x1e, 0x40, {0x80008053, [0x5, 0x40, 0x3ff, 0xd9ef]}}, @mrs={0xbe, 0x18, {0x603000000013d801}}], 0x1e0}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000003c0)="7dd32e6dedf53232d74595f77ab52097c57fc239372d8faa8488e97b8e88e31e67d530718cd4a58b40041e8789b4a03272024574a45b7e4342dbd83c011c19410daa6829c4ce6b0d", 0x0, 0x48) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 41m43.026315313s ago: executing program 1 (id=296): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000d95000/0x4000)=nil, 0x930, 0x3000006, 0x33, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2025) openat$kvm(0x0, &(0x7f0000000240), 0x10080, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000240), 0x10080, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="9c4846309e04a9c75d53bc329a15a400"]) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000000)) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0xef}], 0x1) (async) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0xef}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_init) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r11 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000140)=[@featur2={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x3, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r13, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_init) r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) (async) syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x4, 0x220) (async) syz_kvm_vgic_v3_setup(r1, 0x4, 0x220) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28) (async) r16 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28) syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_DIRTY_LOG(r16, 0x4010ae42, &(0x7f0000000080)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) 41m27.463334962s ago: executing program 0 (id=297): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x40000) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c03b}) (async) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0x80111500, 0x20000000) close(r13) (async) r14 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0x80111500, 0x29) ioctl$KVM_CREATE_VM(r12, 0x541b, 0x10000000000000) (async) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x30) ioctl$KVM_HAS_DEVICE_ATTR_vm(r17, 0x4018aee3, 0xffffffffffffffff) syz_memcpy_off$KVM_EXIT_MMIO(r5, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18) (async) r18 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x20) ioctl$KVM_IOEVENTFD(r19, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5}) r20 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r20, 0xae01, 0x0) 41m18.870967233s ago: executing program 1 (id=298): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000100)=0xfffffffffffffffe}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x4, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r9, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000100)=0xfffffffffffffffe}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x4, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x2}], 0x1) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) 40m41.670665654s ago: executing program 52 (id=297): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x40000) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c03b}) (async) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0x80111500, 0x20000000) close(r13) (async) r14 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0x80111500, 0x29) ioctl$KVM_CREATE_VM(r12, 0x541b, 0x10000000000000) (async) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x30) ioctl$KVM_HAS_DEVICE_ATTR_vm(r17, 0x4018aee3, 0xffffffffffffffff) syz_memcpy_off$KVM_EXIT_MMIO(r5, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18) (async) r18 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x20) ioctl$KVM_IOEVENTFD(r19, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5}) r20 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r20, 0xae01, 0x0) 40m27.36232189s ago: executing program 53 (id=298): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000100)=0xfffffffffffffffe}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x4, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r9, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000100)=0xfffffffffffffffe}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x4, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x2}], 0x1) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) 27m53.720031778s ago: executing program 2 (id=353): openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000000)) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28) (async) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x5) (async) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x5) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000100)=@arm64) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r11 = ioctl$KVM_CREATE_VM(r10, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0x40305839, 0x0) (async) ioctl$KVM_CREATE_VCPU(r11, 0x40305839, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CAP_HALT_POLL(r13, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0xe5af000000000000}) (async) ioctl$KVM_CAP_HALT_POLL(r13, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0xe5af000000000000}) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) 27m36.99215937s ago: executing program 2 (id=355): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000000)=0xffffffffffffffff) (async) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x29) r3 = eventfd2(0x0, 0x0) close(r3) (async) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (async) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r5, 0x2, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) 27m23.99597706s ago: executing program 2 (id=357): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async, rerun: 32) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 64) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_assert_reg(r7, 0x603000000013df19, 0x8000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) 27m2.634026649s ago: executing program 2 (id=359): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe7) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000000000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r7, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000322000/0x3000)=nil, r7, 0x2000000, 0x8010, r5, 0x0) close(r4) ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0xff, 0x3}}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000000, 0x30, r5, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 26m48.153698694s ago: executing program 2 (id=361): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1002000, 0x1}) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x1fd, 0x7, 0xeeee0000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x1000009, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000280)=0x400000080a0000}) r11 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x7, &(0x7f0000000200)=0x9}) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) 26m36.170375963s ago: executing program 2 (id=363): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7}) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000040)={0x1fd, 0x1c0, 0x380, &(0x7f0000000440)=[0xffffffffffffffff, 0x8, 0x5910, 0xb25ab11, 0x4, 0x1000, 0xa, 0x5, 0xc82, 0x100, 0x3, 0x2, 0x5, 0x7, 0x11, 0x10000, 0x0, 0x810000000, 0x7, 0x0, 0x6, 0x2, 0xb1af, 0x7, 0xd3, 0x0, 0x5ec5d9c2, 0xd644, 0x401, 0x2, 0xe3, 0x7, 0x8b7, 0x4, 0xffffffffffffff83, 0x8, 0x400, 0x4, 0x10, 0x21, 0x40, 0xfffffffffffffff9, 0x101, 0x4, 0x1, 0xd, 0x8000000000000000, 0x4, 0x6, 0x4, 0x6, 0x9, 0x81, 0x8, 0x9e, 0x2d1a, 0xff, 0x6, 0x6, 0x9, 0x1, 0xc6, 0x10000, 0x40, 0x71b, 0x0, 0x9, 0x7, 0x4, 0x8001, 0x81, 0x5, 0xff, 0x3, 0x52930754, 0x5, 0x1000, 0x5, 0x5, 0x1, 0xd2d, 0x7, 0x7, 0xd, 0x7, 0x3, 0x1, 0x3, 0xffffffff7fffffff, 0x3, 0xc, 0xfd430000000, 0x1, 0x8000000, 0x0, 0x5, 0x0, 0x3, 0x5, 0x5, 0x6cf, 0x2, 0x3, 0x0, 0x4, 0x7, 0xf52f, 0x46, 0x7fffffff, 0x5, 0x315c, 0x8, 0x4196, 0x2, 0x2833, 0x7fff, 0xffffffffffffffff, 0x40, 0x8, 0x0, 0x8, 0x0, 0x7, 0x1000, 0x7feffff, 0x3, 0x4006, 0x7]}) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x18b080, 0x0) (async) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) r13 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x40000) syz_kvm_assert_syzos_uexit$arm64(r13, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0xf, 0x9032, r7, 0x0) 25m47.884099604s ago: executing program 54 (id=363): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7}) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000040)={0x1fd, 0x1c0, 0x380, &(0x7f0000000440)=[0xffffffffffffffff, 0x8, 0x5910, 0xb25ab11, 0x4, 0x1000, 0xa, 0x5, 0xc82, 0x100, 0x3, 0x2, 0x5, 0x7, 0x11, 0x10000, 0x0, 0x810000000, 0x7, 0x0, 0x6, 0x2, 0xb1af, 0x7, 0xd3, 0x0, 0x5ec5d9c2, 0xd644, 0x401, 0x2, 0xe3, 0x7, 0x8b7, 0x4, 0xffffffffffffff83, 0x8, 0x400, 0x4, 0x10, 0x21, 0x40, 0xfffffffffffffff9, 0x101, 0x4, 0x1, 0xd, 0x8000000000000000, 0x4, 0x6, 0x4, 0x6, 0x9, 0x81, 0x8, 0x9e, 0x2d1a, 0xff, 0x6, 0x6, 0x9, 0x1, 0xc6, 0x10000, 0x40, 0x71b, 0x0, 0x9, 0x7, 0x4, 0x8001, 0x81, 0x5, 0xff, 0x3, 0x52930754, 0x5, 0x1000, 0x5, 0x5, 0x1, 0xd2d, 0x7, 0x7, 0xd, 0x7, 0x3, 0x1, 0x3, 0xffffffff7fffffff, 0x3, 0xc, 0xfd430000000, 0x1, 0x8000000, 0x0, 0x5, 0x0, 0x3, 0x5, 0x5, 0x6cf, 0x2, 0x3, 0x0, 0x4, 0x7, 0xf52f, 0x46, 0x7fffffff, 0x5, 0x315c, 0x8, 0x4196, 0x2, 0x2833, 0x7fff, 0xffffffffffffffff, 0x40, 0x8, 0x0, 0x8, 0x0, 0x7, 0x1000, 0x7feffff, 0x3, 0x4006, 0x7]}) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x18b080, 0x0) (async) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) r13 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x40000) syz_kvm_assert_syzos_uexit$arm64(r13, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0xf, 0x9032, r7, 0x0) 21m12.341789184s ago: executing program 3 (id=386): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x8ed, 0xeeef0000, 0x0, 0xffffffffffffffff, 0x4000000}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0xfffff800, 0x10, &(0x7f0000000140)=0xffffffffffdfffff}) 20m58.920290216s ago: executing program 3 (id=387): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x81, 0xffffffffffffc0d4, &(0x7f0000000000)=0x7c}) 20m46.92366718s ago: executing program 3 (id=388): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async) close(r2) (async) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x74) 20m25.162031638s ago: executing program 3 (id=389): ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000000)=0x78}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, 0x0, 0x2002, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x401c5820, &(0x7f0000000140)=@attr_other={0x0, 0x7, 0x40000000000007, 0x0}) r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1fe, 0xa}}) r13 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000240)=[@svc={0x122, 0x40, {0x84000001, [0x1, 0x4, 0x7, 0xa59f, 0x4]}}], 0x40}, &(0x7f00000000c0)=[@featur2], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 20m7.12302471s ago: executing program 3 (id=390): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async) eventfd2(0x8801, 0x800) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r2, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) close(r1) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) 19m52.898795947s ago: executing program 3 (id=391): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1001ffd, 0x1}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r5, 0x0, 0x140) (async) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x6, 0x3, &(0x7f00000002c0)=0xffff}) (async) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0xe) ioctl$KVM_CHECK_EXTENSION(r3, 0x4020940d, 0xfffffffffffff4c2) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1000000000000000) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async) r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0}) (async) r10 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000001c0)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000200)={0x4}) (async) r11 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x34) ioctl$KVM_CREATE_VCPU(r11, 0xb702, 0x0) (async) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x410301, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000240)={0xdf, 0x0, 0xe000}) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) (async) mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x1000003, 0x4019032, 0xffffffffffffffff, 0x0) (async) close(0x3) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) 19m9.390713987s ago: executing program 5 (id=365): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x5, 0x0}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000000c0)=0x5) mmap$KVM_VCPU(&(0x7f0000e5d000/0x3000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 19m2.803896951s ago: executing program 55 (id=391): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1001ffd, 0x1}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r5, 0x0, 0x140) (async) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x6, 0x3, &(0x7f00000002c0)=0xffff}) (async) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0xe) ioctl$KVM_CHECK_EXTENSION(r3, 0x4020940d, 0xfffffffffffff4c2) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1000000000000000) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async) r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0}) (async) r10 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000001c0)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000200)={0x4}) (async) r11 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x34) ioctl$KVM_CREATE_VCPU(r11, 0xb702, 0x0) (async) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x410301, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000240)={0xdf, 0x0, 0xe000}) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) (async) mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x1000003, 0x4019032, 0xffffffffffffffff, 0x0) (async) close(0x3) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) 18m20.140507187s ago: executing program 56 (id=365): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x5, 0x0}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000000c0)=0x5) mmap$KVM_VCPU(&(0x7f0000e5d000/0x3000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 10m6.340084977s ago: executing program 4 (id=406): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x2}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0x40086602, 0x110e227ffe) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) munmap(&(0x7f0000e7d000/0x4000)=nil, 0x4000) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r9, 0x603000000013c4f1, 0x8000) r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000040)={0x0, &(0x7f0000000340)=[@mrs={0xbe, 0x18, {0x603000000013c608}}, @irq_setup={0x46, 0x18, {0x0, 0x264}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x65}}, @hvc={0x32, 0x40, {0x84000010, [0x200, 0x5, 0x4, 0x4, 0x200]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x67}}, @hvc={0x32, 0x40, {0x8400000e, [0x2, 0x1, 0x2, 0x9, 0x4]}}, @smc={0x1e, 0x40, {0x8400000b, [0x3, 0x9, 0x6, 0x7, 0x8]}}, @eret={0xe6, 0x18, 0x200}, @hvc={0x32, 0x40, {0x84000053, [0x7ff, 0xcaa, 0x100000001, 0x6, 0x5]}}, @uexit={0x0, 0x18, 0x1b6}, @smc={0x1e, 0x40, {0x8600ff01, [0xffffffffffffffff, 0x1ff, 0x8afb, 0x0, 0x8000]}}, @memwrite={0x6e, 0x30, @generic={0x77ffe801, 0xcba, 0x8, 0x9}}, @uexit={0x0, 0x18}, @code={0xa, 0xcc, {"000008d5005383d200c0b8f2610080d2e20080d2830180d2e40180d2020000d4804c99d200e0b0f2610080d2220180d2030080d2a40080d2020000d40000202e00849f0d404d8dd20020b8f2410080d2c20180d2030080d2640080d2020000d440c387d200a0b0f2a10080d2e20180d2e30180d2440080d2020000d4000028d5607281d20020b8f2e10180d2a20180d2830180d2640180d2020000d440829cd200e0b0f2210180d2a20180d2a30180d2040080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0xc, 0x80, 0x1000, 0x2}}, @uexit={0x0, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013e219, 0xa51}}, @uexit={0x0, 0x18, 0x9}, @uexit={0x0, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013dce6}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x2, 0x4}}, @svc={0x122, 0x40, {0x3000000, [0x8001, 0x1, 0x3, 0x9, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xf, 0x6, 0x1, 0x4}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x0, 0x5, 0x2cf}}, @hvc={0x32, 0x40, {0x8400000a, [0x2, 0x7ca9bd91, 0x8, 0x7, 0x1000000000]}}], 0x4c4}, &(0x7f0000000080)=[@featur2={0x1, 0x40}], 0x1) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000000c0)={0x2, 0x8, 0x1}}) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) 10m2.253816804s ago: executing program 6 (id=407): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async, rerun: 32) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 32) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r5, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) 9m48.961552914s ago: executing program 6 (id=408): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000140)="38ce8347fc1e86008cfc72bb312c8659dcc9225b48cb5cb00c73b0b30800000073f7f1f493e89c859e17625ad1b19c73a7fd4ce992bfc316bd22ccc646cd69c72800", 0x0, 0x1f) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94) close(r2) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, 0x0}) ioctl$KVM_GET_DEVICE_ATTR_vm(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0xe, 0x4, 0x1}}) 9m48.552904476s ago: executing program 4 (id=409): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7f) (async) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async, rerun: 32) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (rerun: 32) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0x7e) (async) r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000) r14 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async) r15 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r15, 0xae03, 0x59) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) 9m27.583112709s ago: executing program 6 (id=410): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x3, 0x1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) 9m26.088716545s ago: executing program 4 (id=411): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000300)={0x1000020, 0x1}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x8000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000001c0)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013addb, 0x7}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000300)={0x1000020, 0x1}) (async) openat$kvm(0x0, &(0x7f0000000040), 0x8000, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r5, &(0x7f00000001c0)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013addb, 0x7}}], 0x20}, 0x0, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) 9m13.728423597s ago: executing program 6 (id=412): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2d) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000000)={0x4, 0xffffffffffffffff, 0x1}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1}) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x6, 0x0, &(0x7f0000000040)=0xd}) 9m8.034524673s ago: executing program 4 (id=413): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x2, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x2000, 0x10000}) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000080)=@arm64_ccsidr={0x6020000000110005, &(0x7f0000000040)=0x2}) (async) r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r10, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0x800}) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0x5) 8m49.043333219s ago: executing program 6 (id=414): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async, rerun: 32) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async, rerun: 32) munmap(&(0x7f0000e3f000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r1, 0x300000b, 0x100010, 0xffffffffffffffff, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x3, 0x0, 0xa, 0x3}}], 0x50}, 0x0, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (rerun: 64) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async, rerun: 32) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async, rerun: 32) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8902, 0x0) (rerun: 32) ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x69) (async) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x33, 0xffffffffffffffff, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x19) ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0x77) 8m47.350186596s ago: executing program 4 (id=415): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x16) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000200)=@arm64_extra={0x603000000013c03b}) r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) r12 = ioctl$KVM_CREATE_VM(r11, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xb704, 0x0) r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000003, [0x664b7dee, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x7fff, 0x62be, &(0x7f00000000c0)=0x40}) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000340)=[@hvc={0x32, 0x40, {0x80007fff, [0x9, 0x50b, 0x4, 0xe, 0x2]}}, @smc={0x1e, 0x40, {0x8400000d, [0x6, 0x1, 0x200, 0x0, 0x7]}}, @eret={0xe6, 0x18, 0x9}], 0x98}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000040)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000000)=0xfffffffffffffbff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, 0x930, 0x2000000, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) 8m32.174459103s ago: executing program 6 (id=416): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x220800, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r4, 0x1, 0x240) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x3, &(0x7f0000000100)=0x7}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000240)=@arm64={0x9, 0x5, 0x3, '\x00', 0x401}) r11 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0x0, 0x52]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) 8m30.948454551s ago: executing program 4 (id=417): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x840, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) (async) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)}, 0x0, 0x0) (async) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xf, 0x401, &(0x7f0000000240)=0x7ff}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) ioctl$KVM_RUN(r7, 0xae80, 0x0) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c0d000/0x2000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2000000, 0x40010, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) (async) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 7m44.252066516s ago: executing program 57 (id=416): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x220800, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r4, 0x1, 0x240) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x3, &(0x7f0000000100)=0x7}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000240)=@arm64={0x9, 0x5, 0x3, '\x00', 0x401}) r11 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0x0, 0x52]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) 7m35.622401498s ago: executing program 58 (id=417): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x840, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) (async) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)}, 0x0, 0x0) (async) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xf, 0x401, &(0x7f0000000240)=0x7ff}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) ioctl$KVM_RUN(r7, 0xae80, 0x0) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c0d000/0x2000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2000000, 0x40010, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) (async) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 1m1.135411116s ago: executing program 7 (id=418): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r6 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000000)={0x10201, 0x0, &(0x7f0000fff000/0x1000)=nil}) 54.371883264s ago: executing program 8 (id=419): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x401c5820, 0x8000000000000001) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000080)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x8001}) ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r2, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r7, 0x3000004, 0x12, r6, 0x0) mmap$KVM_VCPU(&(0x7f0000834000/0x3000)=nil, 0x930, 0x100000a, 0x8032, 0xffffffffffffffff, 0x0) 42.079743712s ago: executing program 8 (id=420): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013c600, 0xfefefee0}}], 0x20}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c600, &(0x7f0000000140)}) (async) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@uexit={0x0, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x38}}, @irq_setup={0x46, 0x18, {0x4, 0x224}}, @svc={0x122, 0x40, {0x84000003, [0xffffffffffff95ec, 0x3, 0x3ae6, 0x43, 0x3]}}, @msr={0x14, 0x20, {0x603000000013c028, 0x81}}, @hvc={0x32, 0x40, {0x0, [0x7f, 0x7f2, 0x3, 0x101, 0xfffffffffffff9b0]}}, @smc={0x1e, 0x40, {0x41000025, [0xad, 0xe, 0x3, 0x101, 0x1]}}, @hvc={0x32, 0x40, {0x84000005, [0xfffffffffffffffd, 0xfff, 0x3, 0xffffffffffffffed, 0x10000]}}, @msr={0x14, 0x20, {0x603000000013f089}}, @smc={0x1e, 0x40, {0x80000000, [0x6, 0x0, 0x4, 0x7, 0x1f0]}}, @msr={0x14, 0x20, {0x603000000013deba, 0xfffffffffffffff7}}, @msr={0x14, 0x20, {0x603000000013deb3, 0x5}}, @irq_setup={0x46, 0x18, {0x0, 0x3b}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x4, 0x10, 0x6, 0x8, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013c667}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x2, 0x3, 0xc83c, 0x309d, 0x2}}, @msr={0x14, 0x20, {0x603000000013e092, 0x7}}, @eret={0xe6, 0x18, 0x8001}, @svc={0x122, 0x40, {0x2000, [0xb, 0xd681, 0x7, 0x7f, 0x4]}}, @irq_setup={0x46, 0x18, {0x0, 0x377}}, @mrs={0xbe, 0x18, {0x603000000013deb3}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0xe, 0x6, 0x4c, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0xd, 0x4, 0x0, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x26d}}, @code={0xa, 0xcc, {"a0568ed200e0b8f2c10080d2220080d2430080d2640080d2020000d4c01f91d20080b0f2210180d2c20180d2030080d2a40180d2020000d4008008d5e00300ebc0699ed20080b0f2a10080d2020080d2e30080d2c40080d2020000d4601294d200a0b0f2210080d2c20180d2630080d2e40080d2020000d4007008d5804f84d20060b0f2a10080d2c20180d2630080d2240180d2020000d4007008d520e594d200e0b0f2410180d2420080d2c30080d2e40080d2020000d4"}}, @svc={0x122, 0x40, {0x84000051, [0x31, 0x1ff, 0x800, 0x0, 0x800000]}}, @svc={0x122, 0x40, {0x86000000, [0x9, 0x8001, 0x100, 0x3, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x9, 0x9, 0x5581298d, 0x4}}, @msr={0x14, 0x20, {0x603000000013995d, 0x3}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x2ab, 0x4, 0xc}}, @svc={0x122, 0x40, {0x84000014, [0x7, 0x7, 0x4, 0xf91, 0x1]}}, @uexit={0x0, 0x18, 0x10000}], 0x5c4}, &(0x7f0000000040)=[@featur2={0x1, 0x1}], 0x1) r4 = mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0xe, 0x16831, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) 40.351771013s ago: executing program 7 (id=421): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) (async) r4 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0xb, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, 0xffffffffffffffff) (async) r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x7}) r14 = eventfd2(0x0, 0x80800) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r14}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f00000002c0)={0xffffffffffffffff, 0x8, 0x1, r14}) (async) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async) r15 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x8, &(0x7f0000000280)=0x5}) r16 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x8, &(0x7f0000000200)=0x4}) (async) ioctl$KVM_RUN(r16, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 27.145818676s ago: executing program 8 (id=422): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000080)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @svc={0x122, 0x0, {0xc4000010, [0xfffffffffffffffb, 0x6, 0x4, 0xfffffffffffffff8, 0xffffffffb318d059]}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x58}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21.706344206s ago: executing program 7 (id=423): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000240)={0x5, 0x88}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x1, 0x0, 0x0}) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100012, &(0x7f0000000100)=0xffffffffffffffff}) r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@mrs={0xbe, 0x18, {0x603000000013800d}}, @smc={0x1e, 0x40, {0x3dfe52266dfd5159, [0x9, 0x2, 0x1, 0x9, 0xfffffffffffff4b3]}}, @msr={0x14, 0x20, {0x60300000001380a4}}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x47a9}, @mrs={0xbe, 0x18, {0x6030000000138017}}, @irq_setup={0x46, 0x18, {0x2, 0x30c}}, @uexit={0x0, 0x18, 0x3}, @svc={0x122, 0x40, {0x80000001, [0x2, 0xf7, 0x9, 0x8]}}, @svc={0x122, 0x40, {0x8400000f, [0x2, 0x10, 0x9, 0xa, 0x800]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0xe, 0x1000, 0x4}}, @code={0xa, 0x84, {"002cc09a000008d5000008d5008008d5c0c58cd20060b0f2210080d2420080d2830080d2640180d2020000d4008008d50088a10e007008d5809f96d20040b8f2e10180d2a20080d2c30180d2040080d2020000d420b490d20000b0f2e10080d2a20080d2c30180d2240180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013e532, 0x81}}, @irq_setup={0x46, 0x18, {0x3, 0xf}}, @code={0xa, 0x84, {"007008d50040800c000008d5c0ec86d20080b8f2810080d2420180d2830080d2a40080d2020000d40000009aa09c9dd20080b0f2410080d2020080d2c30180d2040080d2020000d4c0fb8dd200e0b0f2c10080d2820080d2230080d2a40080d2020000d4000008d5007008d50078210e"}}, @eret={0xe6, 0x18, 0xf}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0xf, 0x4, 0xfff, 0x2}}, @svc={0x122, 0x40, {0x6000000, [0x6, 0x6, 0x2, 0x7, 0x1]}}, @uexit={0x0, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x0, 0x8, 0xfce, 0x3}}, @svc={0x122, 0x40, {0x84000008, [0xff, 0x401f, 0x3, 0x1ff, 0xfffffffffffffffd]}}, @mrs={0xbe, 0x18, {0x6030000000130204}}, @eret={0xe6, 0x18, 0x9}, @hvc={0x32, 0x40, {0x84000004, [0x7, 0x1ff, 0x6, 0x0, 0xa4]}}, @eret={0xe6, 0x18, 0x3}], 0x460}, &(0x7f0000000140)=[@featur2], 0x1) ioctl$KVM_S390_VCPU_FAULT(r13, 0x4008ae52, &(0x7f0000000180)) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="eaddb62f9d894999075e05069ab96bc5425f5fbf02a9535f1673c36d7681a0b808120f4efd6beb32f23299351a02f03b55558b131e9116fe0eddd78e95f2a5d238d614546b7d7b32", 0x0, 0x48) ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7) r14 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r14, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x2, 0x200, 0x0}) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x13, r3, 0x40000) 13.312546005s ago: executing program 8 (id=424): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_init) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) ioctl$KVM_CLEAR_DIRTY_LOG(r5, 0xc018aec0, &(0x7f00000001c0)={0x1fe, 0x80, 0x280, 0x0}) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000640)={0x1fd, 0x1, 0xd000, 0x2000, &(0x7f0000fc6000/0x2000)=nil, 0x100, r2}) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) r14 = ioctl$KVM_GET_STATS_FD_vm(r12, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r13, 0xa, 0x11, r14, 0x0) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000100)={r2, 0x97, 0x1, r14}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) r15 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000040)={0x0, &(0x7f0000000300)=[@eret={0xe6, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x2, 0x2, 0xf}}, @msr={0x14, 0xfffffffffffffdef, {0x0, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013c708}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x335}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x9, 0x5, 0x6}}, @smc={0x1e, 0x40, {0xc4000012, [0x1, 0xe, 0x8, 0xffffffffffffe729, 0x56d9]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0xc, 0x5de8, 0x8, 0x2}}, @code={0xa, 0x9c, {"000008d520a594d200e0b0f2010080d2820080d2230180d2440080d2020000d4008008d560ac8ed20020b8f2e10080d2420080d2c30080d2840080d2020000d4000000fde01595d20000b8f2610080d2420180d2c30180d2240080d2020000d4007008d50040600d807095d20080b8f2210080d2820180d2830180d2040080d2020000d4000008d5"}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x2, 0xc, 0xe13, 0x80000000, 0x4}}, @msr={0x14, 0x0, {0x603000000013c649, 0x101}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x3ee}}, @uexit={0x0, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013e6d7, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0xd, 0xfe0, 0x2, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x8d}}, @msr={0x14, 0x20, {0x603000000013def3, 0x81}}], 0x330}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) 0s ago: executing program 7 (id=425): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x240) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) kernel console output (not intermixed with test programs): [ 378.700600][ T3150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 425.207023][ T3150] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:19147' (ED25519) to the list of known hosts. [ 589.454738][ T25] audit: type=1400 audit(588.690:61): avc: denied { name_bind } for pid=3301 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 590.526433][ T25] audit: type=1400 audit(589.760:62): avc: denied { execute } for pid=3302 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 590.554628][ T25] audit: type=1400 audit(589.790:63): avc: denied { execute_no_trans } for pid=3302 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 612.374334][ T25] audit: type=1400 audit(611.610:64): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 612.409415][ T25] audit: type=1400 audit(611.640:65): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 612.491444][ T3302] cgroup: Unknown subsys name 'net' [ 612.542687][ T25] audit: type=1400 audit(611.780:66): avc: denied { unmount } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 612.922884][ T3302] cgroup: Unknown subsys name 'cpuset' [ 613.022924][ T3302] cgroup: Unknown subsys name 'rlimit' [ 613.444107][ T25] audit: type=1400 audit(612.680:67): avc: denied { setattr } for pid=3302 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 613.462204][ T25] audit: type=1400 audit(612.700:68): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 613.492251][ T25] audit: type=1400 audit(612.730:69): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 614.671468][ T3305] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 614.720017][ T25] audit: type=1400 audit(613.930:70): avc: denied { relabelto } for pid=3305 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.749845][ T25] audit: type=1400 audit(613.970:71): avc: denied { write } for pid=3305 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 614.910907][ T25] audit: type=1400 audit(614.150:72): avc: denied { read } for pid=3302 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.924975][ T25] audit: type=1400 audit(614.160:73): avc: denied { open } for pid=3302 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 614.972475][ T3302] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 668.171298][ T25] audit: type=1400 audit(667.410:74): avc: denied { execmem } for pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 673.167889][ T25] audit: type=1400 audit(672.400:75): avc: denied { read } for pid=3313 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 673.191080][ T25] audit: type=1400 audit(672.400:76): avc: denied { open } for pid=3313 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 673.300464][ T25] audit: type=1400 audit(672.540:77): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 673.570213][ T25] audit: type=1400 audit(672.810:78): avc: denied { module_request } for pid=3313 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 674.717528][ T25] audit: type=1400 audit(673.950:79): avc: denied { sys_module } for pid=3313 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 700.829803][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 701.018520][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 701.274811][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 701.872993][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.187988][ T3313] hsr_slave_0: entered promiscuous mode [ 716.216853][ T3313] hsr_slave_1: entered promiscuous mode [ 717.034908][ T3314] hsr_slave_0: entered promiscuous mode [ 717.080909][ T3314] hsr_slave_1: entered promiscuous mode [ 717.109410][ T3314] debugfs: 'hsr0' already exists in 'hsr' [ 717.113366][ T3314] Cannot create hsr debugfs directory [ 722.572864][ T25] audit: type=1400 audit(721.800:80): avc: denied { create } for pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 722.609241][ T25] audit: type=1400 audit(721.840:81): avc: denied { write } for pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 722.644282][ T25] audit: type=1400 audit(721.880:82): avc: denied { read } for pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 722.811321][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 723.018692][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 723.132756][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 723.541442][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 724.914897][ T3314] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 725.131449][ T3314] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 725.358334][ T3314] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 725.542574][ T3314] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 737.710486][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 739.960502][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 795.422701][ T3313] veth0_vlan: entered promiscuous mode [ 795.920444][ T3313] veth1_vlan: entered promiscuous mode [ 797.466559][ T3314] veth0_vlan: entered promiscuous mode [ 798.189435][ T3313] veth0_macvtap: entered promiscuous mode [ 798.269776][ T3314] veth1_vlan: entered promiscuous mode [ 798.539453][ T3313] veth1_macvtap: entered promiscuous mode [ 800.641980][ T3314] veth0_macvtap: entered promiscuous mode [ 800.888712][ T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.918420][ T3355] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.931887][ T3355] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.956548][ T3355] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.305004][ T3314] veth1_macvtap: entered promiscuous mode [ 803.432469][ T25] audit: type=1400 audit(802.670:83): avc: denied { mount } for pid=3313 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 803.688635][ T25] audit: type=1400 audit(802.920:84): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/syzkaller.tfazKw/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 803.868956][ T25] audit: type=1400 audit(803.090:85): avc: denied { mount } for pid=3313 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 804.276946][ T25] audit: type=1400 audit(803.510:86): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/syzkaller.tfazKw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 804.356652][ T3355] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.365023][ T3355] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.398797][ T3417] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.417007][ T3417] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.501917][ T25] audit: type=1400 audit(803.730:87): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/syzkaller.tfazKw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 805.149586][ T25] audit: type=1400 audit(804.350:88): avc: denied { unmount } for pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 805.342519][ T25] audit: type=1400 audit(804.580:89): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 805.461526][ T25] audit: type=1400 audit(804.660:90): avc: denied { mount } for pid=3313 comm="syz-executor" name="/" dev="gadgetfs" ino=3775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 805.774238][ T25] audit: type=1400 audit(805.010:91): avc: denied { mount } for pid=3313 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 805.864734][ T25] audit: type=1400 audit(805.100:92): avc: denied { mounton } for pid=3313 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 807.052894][ T3313] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 815.994468][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 816.004826][ T25] audit: type=1400 audit(815.230:97): avc: denied { read } for pid=3466 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 816.050533][ T25] audit: type=1400 audit(815.290:98): avc: denied { open } for pid=3466 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 816.187711][ T25] audit: type=1400 audit(815.420:99): avc: denied { ioctl } for pid=3466 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 817.357590][ T25] audit: type=1400 audit(816.590:100): avc: denied { write } for pid=3466 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 835.663047][ T25] audit: type=1400 audit(834.900:101): avc: denied { append } for pid=3484 comm="syz.0.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 848.949572][ T25] audit: type=1400 audit(848.170:102): avc: denied { execute } for pid=3492 comm="syz.0.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 860.551882][ T25] audit: type=1400 audit(859.780:103): avc: denied { ioctl } for pid=3498 comm="syz.1.9" path="net:[4026532615]" dev="nsfs" ino=4026532615 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 976.448463][ T3507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 976.651339][ T3507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 983.261088][ T3511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 983.460806][ T3511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 999.971893][ T3507] hsr_slave_0: entered promiscuous mode [ 1000.021531][ T3507] hsr_slave_1: entered promiscuous mode [ 1000.086912][ T3507] debugfs: 'hsr0' already exists in 'hsr' [ 1000.098533][ T3507] Cannot create hsr debugfs directory [ 1010.940149][ T3511] hsr_slave_0: entered promiscuous mode [ 1010.991159][ T3511] hsr_slave_1: entered promiscuous mode [ 1011.049184][ T3511] debugfs: 'hsr0' already exists in 'hsr' [ 1011.058099][ T3511] Cannot create hsr debugfs directory [ 1021.321039][ T3507] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1022.816768][ T3507] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1023.094514][ T3507] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1023.947602][ T3507] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1030.390544][ T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1031.142485][ T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1032.130747][ T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1033.149783][ T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.842536][ T3511] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1036.587889][ T3511] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1036.917042][ T3511] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1037.717360][ T3511] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1047.370880][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1047.451553][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1047.541960][ T35] bond0 (unregistering): Released all slaves [ 1049.649400][ T35] hsr_slave_0: left promiscuous mode [ 1049.820016][ T35] hsr_slave_1: left promiscuous mode [ 1050.578988][ T35] veth1_macvtap: left promiscuous mode [ 1050.583629][ T35] veth0_macvtap: left promiscuous mode [ 1050.599149][ T35] veth1_vlan: left promiscuous mode [ 1050.628145][ T35] veth0_vlan: left promiscuous mode [ 1072.282182][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1073.733524][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1074.984738][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1076.001993][ T3507] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1076.784186][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1096.373375][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1096.617966][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1096.761612][ T35] bond0 (unregistering): Released all slaves [ 1098.709058][ T35] hsr_slave_0: left promiscuous mode [ 1098.918112][ T35] hsr_slave_1: left promiscuous mode [ 1099.420644][ T35] veth1_macvtap: left promiscuous mode [ 1099.424788][ T35] veth0_macvtap: left promiscuous mode [ 1099.443134][ T35] veth1_vlan: left promiscuous mode [ 1099.469086][ T35] veth0_vlan: left promiscuous mode [ 1116.750784][ T3511] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1189.916186][ T3507] veth0_vlan: entered promiscuous mode [ 1190.763187][ T3507] veth1_vlan: entered promiscuous mode [ 1193.583880][ T3507] veth0_macvtap: entered promiscuous mode [ 1194.114035][ T3507] veth1_macvtap: entered promiscuous mode [ 1197.237856][ T3359] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.258542][ T3359] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.273080][ T3359] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.326941][ T3359] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1210.929353][ T3511] veth0_vlan: entered promiscuous mode [ 1211.959760][ T3511] veth1_vlan: entered promiscuous mode [ 1215.538618][ T3511] veth0_macvtap: entered promiscuous mode [ 1216.290431][ T3511] veth1_macvtap: entered promiscuous mode [ 1218.791137][ T42] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1218.809590][ T42] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1218.861380][ T42] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1218.883259][ T42] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.720825][ T3355] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1310.297174][ T3355] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1311.651013][ T3355] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1313.148267][ T3355] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1336.500867][ T3355] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1336.669267][ T3355] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1336.822569][ T3355] bond0 (unregistering): Released all slaves [ 1339.936197][ T3355] hsr_slave_0: left promiscuous mode [ 1340.016107][ T3355] hsr_slave_1: left promiscuous mode [ 1340.677568][ T3355] veth1_macvtap: left promiscuous mode [ 1340.678876][ T3355] veth0_macvtap: left promiscuous mode [ 1340.694051][ T3355] veth1_vlan: left promiscuous mode [ 1340.751038][ T3355] veth0_vlan: left promiscuous mode [ 1359.903320][ T3355] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1360.899055][ T3355] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1361.757399][ T3355] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1363.123978][ T3355] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1386.794311][ T3355] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1387.088209][ T3355] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1387.241601][ T3355] bond0 (unregistering): Released all slaves [ 1388.868797][ T3355] hsr_slave_0: left promiscuous mode [ 1388.968560][ T3355] hsr_slave_1: left promiscuous mode [ 1389.468052][ T3355] veth1_macvtap: left promiscuous mode [ 1389.471439][ T3355] veth0_macvtap: left promiscuous mode [ 1389.511740][ T3355] veth1_vlan: left promiscuous mode [ 1389.523553][ T3355] veth0_vlan: left promiscuous mode [ 1404.248757][ T3725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1404.640253][ T3725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1423.087974][ T3740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1423.441124][ T3740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1430.757570][ T3725] hsr_slave_0: entered promiscuous mode [ 1430.844000][ T3725] hsr_slave_1: entered promiscuous mode [ 1449.050492][ T3725] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1449.419267][ T3725] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1449.654002][ T3725] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1449.921998][ T3725] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1454.642716][ T3740] hsr_slave_0: entered promiscuous mode [ 1454.722968][ T3740] hsr_slave_1: entered promiscuous mode [ 1454.798664][ T3740] debugfs: 'hsr0' already exists in 'hsr' [ 1454.806695][ T3740] Cannot create hsr debugfs directory [ 1469.604878][ T3740] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1470.004388][ T3740] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1470.418025][ T3740] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1470.728827][ T3740] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1476.301320][ T3725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1501.901753][ T3740] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1608.120378][ T3725] veth0_vlan: entered promiscuous mode [ 1609.742100][ T3725] veth1_vlan: entered promiscuous mode [ 1613.869778][ T3725] veth0_macvtap: entered promiscuous mode [ 1614.329460][ T3725] veth1_macvtap: entered promiscuous mode [ 1617.892285][ T3359] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1617.913512][ T3359] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1618.062746][ T3359] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1618.098988][ T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1640.374120][ T3740] veth0_vlan: entered promiscuous mode [ 1641.411567][ T3740] veth1_vlan: entered promiscuous mode [ 1645.858892][ T3740] veth0_macvtap: entered promiscuous mode [ 1646.484349][ T3740] veth1_macvtap: entered promiscuous mode [ 1650.509753][ T3422] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1650.546783][ T51] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1650.573219][ T51] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1650.844722][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1944.229925][ T4131] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1947.663089][ T4131] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1950.078130][ T4131] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1952.373856][ T4131] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1979.082636][ T4131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1979.527666][ T4131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1979.738817][ T4131] bond0 (unregistering): Released all slaves [ 1982.388487][ T4131] hsr_slave_0: left promiscuous mode [ 1982.478461][ T4131] hsr_slave_1: left promiscuous mode [ 1983.313876][ T4131] veth1_macvtap: left promiscuous mode [ 1983.360213][ T4131] veth0_macvtap: left promiscuous mode [ 1983.408301][ T4131] veth1_vlan: left promiscuous mode [ 1983.457638][ T4131] veth0_vlan: left promiscuous mode [ 2030.563033][ T25] audit: type=1400 audit(2029.710:104): avc: denied { setattr } for pid=4175 comm="syz.4.48" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2090.920331][ T4132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2091.251465][ T4132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2132.044557][ T4132] hsr_slave_0: entered promiscuous mode [ 2132.171559][ T4132] hsr_slave_1: entered promiscuous mode [ 2132.227677][ T4132] debugfs: 'hsr0' already exists in 'hsr' [ 2132.247540][ T4132] Cannot create hsr debugfs directory [ 2147.268413][ T3417] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2150.257987][ T3417] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2152.473925][ T3417] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2154.561476][ T3417] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2176.578542][ T3417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2176.911496][ T3417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2177.160622][ T3417] bond0 (unregistering): Released all slaves [ 2179.217176][ T3417] hsr_slave_0: left promiscuous mode [ 2179.309154][ T3417] hsr_slave_1: left promiscuous mode [ 2179.959686][ T3417] veth1_macvtap: left promiscuous mode [ 2179.971960][ T3417] veth0_macvtap: left promiscuous mode [ 2179.990895][ T3417] veth1_vlan: left promiscuous mode [ 2180.047480][ T3417] veth0_vlan: left promiscuous mode [ 2198.749640][ T4132] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2199.479541][ T4132] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2199.894903][ T4132] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2200.390210][ T4132] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2232.372271][ T4132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2260.309766][ T4243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2260.843809][ T4243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2300.491760][ T4243] hsr_slave_0: entered promiscuous mode [ 2300.572931][ T4243] hsr_slave_1: entered promiscuous mode [ 2318.701902][ T4243] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 2319.183388][ T4243] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 2319.725047][ T4243] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 2320.234384][ T4243] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 2356.723802][ T4243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2377.094042][ T4132] veth0_vlan: entered promiscuous mode [ 2378.010790][ T4132] veth1_vlan: entered promiscuous mode [ 2381.291204][ T4132] veth0_macvtap: entered promiscuous mode [ 2382.022990][ T4132] veth1_macvtap: entered promiscuous mode [ 2388.124201][ T3876] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2388.139933][ T3876] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2388.154105][ T3876] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2388.201173][ T3876] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2548.418981][ T4243] veth0_vlan: entered promiscuous mode [ 2550.283788][ T4243] veth1_vlan: entered promiscuous mode [ 2554.899201][ T4243] veth0_macvtap: entered promiscuous mode [ 2555.809073][ T4243] veth1_macvtap: entered promiscuous mode [ 2560.571888][ T4131] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2560.591010][ T4131] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2560.624353][ T4131] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2560.657551][ T4131] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2786.601870][ T3333] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2789.611846][ T3333] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2792.054381][ T3333] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2794.615029][ T3333] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2828.664439][ T3333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2829.532402][ T3333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2829.885207][ T3333] bond0 (unregistering): Released all slaves [ 2833.841264][ T3333] hsr_slave_0: left promiscuous mode [ 2834.041096][ T3333] hsr_slave_1: left promiscuous mode [ 2834.922911][ T3333] veth1_macvtap: left promiscuous mode [ 2834.979905][ T3333] veth0_macvtap: left promiscuous mode [ 2835.010313][ T3333] veth1_vlan: left promiscuous mode [ 2835.029461][ T3333] veth0_vlan: left promiscuous mode [ 2954.234693][ T4568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2954.691012][ T4568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3003.401719][ T4568] hsr_slave_0: entered promiscuous mode [ 3003.570839][ T4568] hsr_slave_1: entered promiscuous mode [ 3003.707401][ T4568] debugfs: 'hsr0' already exists in 'hsr' [ 3003.739569][ T4568] Cannot create hsr debugfs directory [ 3032.234228][ T4568] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3032.820093][ T4568] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3033.399701][ T4568] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3033.920872][ T4568] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3075.152289][ T4568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3124.781336][ T4741] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3128.492554][ T4741] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3131.112959][ T4741] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3133.861936][ T4741] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3160.772553][ T4741] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3161.742968][ T4741] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3162.421062][ T4741] bond0 (unregistering): Released all slaves [ 3165.312361][ T4741] hsr_slave_0: left promiscuous mode [ 3165.457324][ T4741] hsr_slave_1: left promiscuous mode [ 3166.359894][ T4741] veth1_macvtap: left promiscuous mode [ 3166.363215][ T4741] veth0_macvtap: left promiscuous mode [ 3166.383411][ T4741] veth1_vlan: left promiscuous mode [ 3166.418629][ T4741] veth0_vlan: left promiscuous mode [ 3249.484977][ T4737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3249.990609][ T4737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3288.312080][ T4568] veth0_vlan: entered promiscuous mode [ 3290.418073][ T4737] hsr_slave_0: entered promiscuous mode [ 3290.492178][ T4737] hsr_slave_1: entered promiscuous mode [ 3292.588696][ T4568] veth1_vlan: entered promiscuous mode [ 3296.147869][ T4568] veth0_macvtap: entered promiscuous mode [ 3296.920079][ T4568] veth1_macvtap: entered promiscuous mode [ 3310.148160][ T4741] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3310.198446][ T4749] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3310.261277][ T4749] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3310.297585][ T4749] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3321.053008][ T4737] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3322.091270][ T4737] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3322.857980][ T4737] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3323.501477][ T4737] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3368.010548][ T4737] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3395.007075][ T25] audit: type=1400 audit(3394.190:105): avc: denied { map } for pid=4889 comm="syz.8.91" path="pipe:[12080]" dev="pipefs" ino=12080 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 3584.248156][ T4737] veth0_vlan: entered promiscuous mode [ 3585.521252][ T4737] veth1_vlan: entered promiscuous mode [ 3589.974215][ T4737] veth0_macvtap: entered promiscuous mode [ 3591.024659][ T4737] veth1_macvtap: entered promiscuous mode [ 3596.397753][ T3914] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3596.419571][ T3914] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3596.569499][ T3914] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3596.619019][ T4741] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3742.990320][ T4741] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3745.601655][ T4741] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3748.060851][ T4741] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3750.428312][ T4741] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3779.213596][ T4741] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3779.607022][ T4741] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3779.840545][ T4741] bond0 (unregistering): Released all slaves [ 3782.337434][ T4741] hsr_slave_0: left promiscuous mode [ 3782.577390][ T4741] hsr_slave_1: left promiscuous mode [ 3783.306027][ T4741] veth1_macvtap: left promiscuous mode [ 3783.359324][ T4741] veth0_macvtap: left promiscuous mode [ 3783.394846][ T4741] veth1_vlan: left promiscuous mode [ 3783.440328][ T4741] veth0_vlan: left promiscuous mode [ 3818.851186][ T4741] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3820.272450][ T4741] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3821.409586][ T4741] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3823.028963][ T4741] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3853.404134][ T4741] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3853.633996][ T4741] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3853.717808][ T4741] bond0 (unregistering): Released all slaves [ 3856.577229][ T4741] hsr_slave_0: left promiscuous mode [ 3856.756272][ T4741] hsr_slave_1: left promiscuous mode [ 3857.728097][ T4741] veth1_macvtap: left promiscuous mode [ 3857.729451][ T4741] veth0_macvtap: left promiscuous mode [ 3857.763304][ T4741] veth1_vlan: left promiscuous mode [ 3857.809656][ T4741] veth0_vlan: left promiscuous mode [ 3904.764764][ T5035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3905.173353][ T5035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3919.944969][ T5045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3920.342382][ T5045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3942.633890][ T5035] hsr_slave_0: entered promiscuous mode [ 3942.740275][ T5035] hsr_slave_1: entered promiscuous mode [ 3958.100544][ T5045] hsr_slave_0: entered promiscuous mode [ 3958.221645][ T5045] hsr_slave_1: entered promiscuous mode [ 3958.307467][ T5045] debugfs: 'hsr0' already exists in 'hsr' [ 3958.323630][ T5045] Cannot create hsr debugfs directory [ 3985.010133][ T5035] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 3987.050799][ T5035] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 3989.094475][ T5035] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 3990.981176][ T5035] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 3999.093364][ T5045] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 3999.533972][ T5045] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 3999.954073][ T5045] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 4000.444956][ T5045] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 4024.521800][ T5035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4035.040776][ T5045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4153.862942][ T5035] veth0_vlan: entered promiscuous mode [ 4155.173311][ T5035] veth1_vlan: entered promiscuous mode [ 4158.842225][ T5035] veth0_macvtap: entered promiscuous mode [ 4159.500210][ T5035] veth1_macvtap: entered promiscuous mode [ 4163.447890][ T4749] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4163.469347][ T4749] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4163.519093][ T4749] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4163.562269][ T4749] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4168.708797][ T5045] veth0_vlan: entered promiscuous mode [ 4170.896062][ T5045] veth1_vlan: entered promiscuous mode [ 4175.489562][ T5045] veth0_macvtap: entered promiscuous mode [ 4176.160320][ T5045] veth1_macvtap: entered promiscuous mode [ 4180.768697][ T4165] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4180.871333][ T4165] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4180.899472][ T4165] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4180.918651][ T4165] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4355.578295][ T4136] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4358.253779][ T4136] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4360.509560][ T4136] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4363.020974][ T4136] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4395.292431][ T4136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4395.768580][ T4136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4396.190062][ T4136] bond0 (unregistering): Released all slaves [ 4399.150586][ T4136] hsr_slave_0: left promiscuous mode [ 4399.377751][ T4136] hsr_slave_1: left promiscuous mode [ 4400.390033][ T4136] veth1_macvtap: left promiscuous mode [ 4400.401244][ T4136] veth0_macvtap: left promiscuous mode [ 4400.403185][ T4136] veth1_vlan: left promiscuous mode [ 4400.404628][ T4136] veth0_vlan: left promiscuous mode [ 4434.122190][ T4136] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4436.613334][ T4136] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4438.784032][ T4136] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4441.352682][ T4136] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4470.961473][ T4136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4471.180690][ T4136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4471.350608][ T4136] bond0 (unregistering): Released all slaves [ 4472.801891][ T4136] hsr_slave_0: left promiscuous mode [ 4472.891429][ T4136] hsr_slave_1: left promiscuous mode [ 4473.091677][ T4136] veth1_macvtap: left promiscuous mode [ 4473.094938][ T4136] veth0_macvtap: left promiscuous mode [ 4473.101544][ T4136] veth1_vlan: left promiscuous mode [ 4473.113582][ T4136] veth0_vlan: left promiscuous mode [ 4539.141044][ T5332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4539.381853][ T5332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4541.249479][ T5337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4542.344378][ T5337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4578.514339][ T5332] hsr_slave_0: entered promiscuous mode [ 4578.678651][ T5332] hsr_slave_1: entered promiscuous mode [ 4582.537030][ T5337] hsr_slave_0: entered promiscuous mode [ 4582.611929][ T5337] hsr_slave_1: entered promiscuous mode [ 4582.717616][ T5337] debugfs: 'hsr0' already exists in 'hsr' [ 4582.748962][ T5337] Cannot create hsr debugfs directory [ 4612.934635][ T5332] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 4613.650718][ T5332] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 4614.332344][ T5332] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 4615.500495][ T5332] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 4620.915055][ T5337] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 4621.500407][ T5337] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 4622.021978][ T5337] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 4622.609306][ T5337] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 4651.422709][ T5332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4656.768771][ T5337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4773.595176][ T5332] veth0_vlan: entered promiscuous mode [ 4774.790679][ T5332] veth1_vlan: entered promiscuous mode [ 4778.004295][ T5332] veth0_macvtap: entered promiscuous mode [ 4779.171119][ T5332] veth1_macvtap: entered promiscuous mode [ 4780.868818][ T5337] veth0_vlan: entered promiscuous mode [ 4782.452368][ T5337] veth1_vlan: entered promiscuous mode [ 4783.759020][ T5358] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4783.763573][ T5358] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4783.951363][ T5358] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4783.964506][ T5358] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4788.202699][ T5337] veth0_macvtap: entered promiscuous mode [ 4789.179692][ T5337] veth1_macvtap: entered promiscuous mode [ 4793.813429][ T5044] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4793.883418][ T4749] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4793.911007][ T4131] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4793.927906][ T5358] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5043.174761][ T3914] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5046.544726][ T3914] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5048.740375][ T3914] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5050.669633][ T3914] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5077.197718][ T3914] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5077.434438][ T3914] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5077.570887][ T3914] bond0 (unregistering): Released all slaves [ 5080.929524][ T3914] hsr_slave_0: left promiscuous mode [ 5081.498208][ T3914] hsr_slave_1: left promiscuous mode [ 5082.548359][ T3914] veth1_macvtap: left promiscuous mode [ 5082.557282][ T3914] veth0_macvtap: left promiscuous mode [ 5082.578946][ T3914] veth1_vlan: left promiscuous mode [ 5082.614999][ T3914] veth0_vlan: left promiscuous mode [ 5118.963781][ T3914] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5120.593555][ T3914] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5121.872308][ T3914] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5123.104151][ T3914] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5143.623609][ T3914] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5144.220238][ T3914] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5144.863237][ T3914] bond0 (unregistering): Released all slaves [ 5147.234374][ T3914] hsr_slave_0: left promiscuous mode [ 5147.294175][ T3914] hsr_slave_1: left promiscuous mode [ 5147.738165][ T3914] veth1_macvtap: left promiscuous mode [ 5147.758586][ T3914] veth0_macvtap: left promiscuous mode [ 5147.767808][ T3914] veth1_vlan: left promiscuous mode [ 5147.789412][ T3914] veth0_vlan: left promiscuous mode [ 5210.358888][ T5695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5210.590488][ T5695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5217.721398][ T5702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5218.123108][ T5702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5245.116918][ T5695] hsr_slave_0: entered promiscuous mode [ 5245.190279][ T5695] hsr_slave_1: entered promiscuous mode [ 5252.872632][ T5702] hsr_slave_0: entered promiscuous mode [ 5252.940492][ T5702] hsr_slave_1: entered promiscuous mode [ 5252.972608][ T5702] debugfs: 'hsr0' already exists in 'hsr' [ 5252.976470][ T5702] Cannot create hsr debugfs directory [ 5274.521443][ T5695] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 5276.594002][ T5695] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 5277.361155][ T5695] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 5279.627239][ T5695] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 5289.404145][ T5702] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 5289.883663][ T5702] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 5290.533722][ T5702] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 5291.082568][ T5702] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 5311.441936][ T5695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5319.379457][ T5702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5434.161893][ T5695] veth0_vlan: entered promiscuous mode [ 5434.958028][ T5695] veth1_vlan: entered promiscuous mode [ 5437.681057][ T5695] veth0_macvtap: entered promiscuous mode [ 5438.152819][ T5695] veth1_macvtap: entered promiscuous mode [ 5441.086410][ T4741] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5441.095064][ T4741] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5441.131902][ T4165] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5441.134568][ T4165] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5444.892352][ T5702] veth0_vlan: entered promiscuous mode [ 5446.034356][ T5702] veth1_vlan: entered promiscuous mode [ 5449.493220][ T5702] veth0_macvtap: entered promiscuous mode [ 5450.152055][ T5702] veth1_macvtap: entered promiscuous mode [ 5453.712604][ T3417] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5453.737017][ T51] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5453.756680][ T51] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5453.780989][ T51] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5569.044515][ T4131] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5570.631214][ T4131] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5572.263110][ T4131] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5574.093112][ T4131] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5603.067959][ T4131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5603.864238][ T4131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5604.144952][ T4131] bond0 (unregistering): Released all slaves [ 5606.862222][ T4131] hsr_slave_0: left promiscuous mode [ 5607.008398][ T4131] hsr_slave_1: left promiscuous mode [ 5607.661906][ T4131] veth1_macvtap: left promiscuous mode [ 5607.678406][ T4131] veth0_macvtap: left promiscuous mode [ 5607.698960][ T4131] veth1_vlan: left promiscuous mode [ 5607.718564][ T4131] veth0_vlan: left promiscuous mode [ 5633.130682][ T4131] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5634.820037][ T4131] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5636.474448][ T4131] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5637.904699][ T4131] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5658.923688][ T4131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5659.234251][ T4131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5659.439171][ T4131] bond0 (unregistering): Released all slaves [ 5661.998058][ T4131] hsr_slave_0: left promiscuous mode [ 5662.064170][ T4131] hsr_slave_1: left promiscuous mode [ 5662.614751][ T4131] veth1_macvtap: left promiscuous mode [ 5662.639641][ T4131] veth0_macvtap: left promiscuous mode [ 5662.649700][ T4131] veth1_vlan: left promiscuous mode [ 5662.680361][ T4131] veth0_vlan: left promiscuous mode [ 5714.147725][ T6021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5714.402173][ T6021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5717.578941][ T6025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5717.810499][ T6025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5739.871692][ T6021] hsr_slave_0: entered promiscuous mode [ 5739.921236][ T6021] hsr_slave_1: entered promiscuous mode [ 5743.033227][ T6025] hsr_slave_0: entered promiscuous mode [ 5743.111294][ T6025] hsr_slave_1: entered promiscuous mode [ 5743.178979][ T6025] debugfs: 'hsr0' already exists in 'hsr' [ 5743.186934][ T6025] Cannot create hsr debugfs directory [ 5771.395084][ T6021] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 5772.180013][ T6021] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 5772.573037][ T6021] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 5772.954134][ T6021] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 5778.509211][ T6025] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 5778.848279][ T6025] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 5779.179647][ T6025] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 5779.538623][ T6025] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 5799.111172][ T6021] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5803.757954][ T6025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5920.764641][ T6021] veth0_vlan: entered promiscuous mode [ 5921.528320][ T6021] veth1_vlan: entered promiscuous mode [ 5924.724257][ T6021] veth0_macvtap: entered promiscuous mode [ 5925.584306][ T6021] veth1_macvtap: entered promiscuous mode [ 5926.061116][ T6025] veth0_vlan: entered promiscuous mode [ 5927.569067][ T6025] veth1_vlan: entered promiscuous mode [ 5929.472692][ T4131] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5929.478504][ T4131] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5929.490206][ T4131] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5929.500312][ T4131] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5932.442459][ T6025] veth0_macvtap: entered promiscuous mode [ 5933.309818][ T6025] veth1_macvtap: entered promiscuous mode [ 5937.448668][ T5358] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5937.454457][ T5358] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5937.601008][ T5358] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5937.623074][ T5358] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6368.384606][ T5358] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6371.379237][ T5358] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6374.397381][ T5358] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6376.926346][ T5358] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6399.307432][ T5358] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6399.858451][ T5358] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6400.133595][ T5358] bond0 (unregistering): Released all slaves [ 6402.732333][ T5358] hsr_slave_0: left promiscuous mode [ 6402.793623][ T5358] hsr_slave_1: left promiscuous mode [ 6403.212711][ T5358] veth1_macvtap: left promiscuous mode [ 6403.264821][ T5358] veth0_macvtap: left promiscuous mode [ 6403.268139][ T5358] veth1_vlan: left promiscuous mode [ 6403.297465][ T5358] veth0_vlan: left promiscuous mode [ 6429.533073][ T5358] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6431.234511][ T5358] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6432.769279][ T5358] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6434.289492][ T5358] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6452.374367][ T5358] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6452.494054][ T5358] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6452.561253][ T5358] bond0 (unregistering): Released all slaves [ 6456.063231][ T5358] hsr_slave_0: left promiscuous mode [ 6456.167890][ T5358] hsr_slave_1: left promiscuous mode [ 6456.729733][ T5358] veth1_macvtap: left promiscuous mode [ 6456.733239][ T5358] veth0_macvtap: left promiscuous mode [ 6456.759051][ T5358] veth1_vlan: left promiscuous mode [ 6456.774603][ T5358] veth0_vlan: left promiscuous mode [ 6487.409863][ T6503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6487.683718][ T6503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6498.530272][ T6515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6498.880756][ T6515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6514.533225][ T6503] hsr_slave_0: entered promiscuous mode [ 6514.610923][ T6503] hsr_slave_1: entered promiscuous mode [ 6523.399274][ T6515] hsr_slave_0: entered promiscuous mode [ 6523.450006][ T6515] hsr_slave_1: entered promiscuous mode [ 6523.508903][ T6515] debugfs: 'hsr0' already exists in 'hsr' [ 6523.513536][ T6515] Cannot create hsr debugfs directory [ 6538.098184][ T6503] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 6539.820571][ T6503] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 6541.252485][ T6503] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 6543.308027][ T6503] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 6550.260460][ T6515] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 6550.717314][ T6515] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 6551.166762][ T6515] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 6551.574444][ T6515] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 6569.100701][ T6503] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6575.483310][ T6515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6671.708875][ T6503] veth0_vlan: entered promiscuous mode [ 6672.508024][ T6503] veth1_vlan: entered promiscuous mode [ 6675.319317][ T6503] veth0_macvtap: entered promiscuous mode [ 6675.778463][ T6503] veth1_macvtap: entered promiscuous mode [ 6678.834298][ T4749] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6678.848710][ T4749] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6678.993845][ T4749] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6679.007044][ T4749] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6681.441943][ T6515] veth0_vlan: entered promiscuous mode [ 6683.529658][ T6515] veth1_vlan: entered promiscuous mode [ 6686.576013][ T6515] veth0_macvtap: entered promiscuous mode [ 6687.037876][ T6515] veth1_macvtap: entered promiscuous mode [ 6690.158046][ T3914] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6690.203427][ T6519] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6690.272270][ T6519] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6690.279747][ T6519] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7006.050467][ T6949] KVM: debugfs: duplicate directory 6949-5 [ 7248.640476][ T6519] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7250.341150][ T6519] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7252.178647][ T6519] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7254.363589][ T6519] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7280.859874][ T6519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7281.138901][ T6519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7281.309746][ T6519] bond0 (unregistering): Released all slaves [ 7284.250781][ T6519] hsr_slave_0: left promiscuous mode [ 7284.482311][ T6519] hsr_slave_1: left promiscuous mode [ 7285.727034][ T6519] veth1_macvtap: left promiscuous mode [ 7285.728377][ T6519] veth0_macvtap: left promiscuous mode [ 7285.738351][ T6519] veth1_vlan: left promiscuous mode [ 7285.779321][ T6519] veth0_vlan: left promiscuous mode [ 7388.779643][ T7104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7389.150580][ T7104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7428.220605][ T7104] hsr_slave_0: entered promiscuous mode [ 7428.370803][ T7104] hsr_slave_1: entered promiscuous mode [ 7458.260748][ T7104] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 7458.613768][ T7104] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 7459.141307][ T7104] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 7459.777770][ T7104] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 7490.261431][ T7104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7580.503945][ T7112] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7582.828410][ T7112] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7586.032133][ T7112] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7587.463823][ T7112] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7608.469970][ T7112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7608.893486][ T7112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7609.458644][ T7112] bond0 (unregistering): Released all slaves [ 7612.069752][ T7112] hsr_slave_0: left promiscuous mode [ 7612.160403][ T7112] hsr_slave_1: left promiscuous mode [ 7612.754817][ T7112] veth1_macvtap: left promiscuous mode [ 7612.807530][ T7112] veth0_macvtap: left promiscuous mode [ 7612.833190][ T7112] veth1_vlan: left promiscuous mode [ 7612.865071][ T7112] veth0_vlan: left promiscuous mode [ 7659.871305][ T7282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7660.208479][ T7282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7662.928337][ T7104] veth0_vlan: entered promiscuous mode [ 7663.628201][ T7104] veth1_vlan: entered promiscuous mode [ 7666.345029][ T7104] veth0_macvtap: entered promiscuous mode [ 7666.728903][ T7104] veth1_macvtap: entered promiscuous mode [ 7669.371344][ T6519] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7669.387378][ T6519] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7669.403133][ T6519] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7669.426394][ T6519] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7697.032724][ T7282] hsr_slave_0: entered promiscuous mode [ 7697.190650][ T7282] hsr_slave_1: entered promiscuous mode [ 7697.304166][ T7282] debugfs: 'hsr0' already exists in 'hsr' [ 7697.336302][ T7282] Cannot create hsr debugfs directory [ 7725.549483][ T7282] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 7726.099878][ T7282] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 7726.500095][ T7282] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 7727.010820][ T7282] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 7762.952424][ T7282] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7896.749272][ T7282] veth0_vlan: entered promiscuous mode [ 7897.922746][ T7282] veth1_vlan: entered promiscuous mode [ 7901.830175][ T7282] veth0_macvtap: entered promiscuous mode [ 7902.343555][ T7282] veth1_macvtap: entered promiscuous mode [ 7906.587412][ T7134] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7906.588504][ T7134] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7906.610412][ T7134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7906.626674][ T7134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8042.078702][ T25] audit: type=1400 audit(8041.290:106): avc: denied { map } for pid=7584 comm="syz.0.288" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 8197.243200][ T6519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8199.702905][ T6519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8201.934799][ T6519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8203.541835][ T6519] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8225.767014][ T6519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8225.912106][ T6519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8226.129906][ T6519] bond0 (unregistering): Released all slaves [ 8229.527736][ T6519] hsr_slave_0: left promiscuous mode [ 8229.648668][ T6519] hsr_slave_1: left promiscuous mode [ 8230.578834][ T6519] veth1_macvtap: left promiscuous mode [ 8230.590850][ T6519] veth0_macvtap: left promiscuous mode [ 8230.593029][ T6519] veth1_vlan: left promiscuous mode [ 8230.594508][ T6519] veth0_vlan: left promiscuous mode [ 8257.816805][ T6519] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8259.091574][ T6519] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8260.320487][ T6519] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8262.311560][ T6519] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8276.278684][ T6519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8276.666920][ T6519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8276.828435][ T6519] bond0 (unregistering): Released all slaves [ 8279.098202][ T6519] hsr_slave_0: left promiscuous mode [ 8279.197906][ T6519] hsr_slave_1: left promiscuous mode [ 8279.584691][ T6519] veth1_macvtap: left promiscuous mode [ 8279.649739][ T6519] veth0_macvtap: left promiscuous mode [ 8279.651953][ T6519] veth1_vlan: left promiscuous mode [ 8279.664743][ T6519] veth0_vlan: left promiscuous mode [ 8319.923333][ T7664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8320.507825][ T7664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8332.129803][ T7674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8332.823384][ T7674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8347.160459][ T7664] hsr_slave_0: entered promiscuous mode [ 8347.251478][ T7664] hsr_slave_1: entered promiscuous mode [ 8365.134906][ T7674] hsr_slave_0: entered promiscuous mode [ 8365.231233][ T7674] hsr_slave_1: entered promiscuous mode [ 8365.307578][ T7674] debugfs: 'hsr0' already exists in 'hsr' [ 8365.317340][ T7674] Cannot create hsr debugfs directory [ 8376.398456][ T7664] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 8377.019956][ T7664] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 8377.607875][ T7664] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 8378.797495][ T7664] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 8387.849931][ T7674] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 8388.162004][ T7674] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 8388.418926][ T7674] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 8388.662462][ T7674] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 8404.307353][ T7664] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8412.934125][ T7674] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8498.554276][ T7664] veth0_vlan: entered promiscuous mode [ 8499.248373][ T7664] veth1_vlan: entered promiscuous mode [ 8501.599493][ T7664] veth0_macvtap: entered promiscuous mode [ 8501.980123][ T7664] veth1_macvtap: entered promiscuous mode [ 8504.489937][ T6519] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8504.502141][ T6519] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8504.503002][ T6519] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8504.503700][ T6519] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8507.222615][ T7674] veth0_vlan: entered promiscuous mode [ 8508.559783][ T7674] veth1_vlan: entered promiscuous mode [ 8511.549215][ T7674] veth0_macvtap: entered promiscuous mode [ 8512.139881][ T7674] veth1_macvtap: entered promiscuous mode [ 8515.363602][ T6519] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 8515.391741][ T6519] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 8515.406983][ T6519] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 8515.430202][ T6519] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8536.174232][ T7911] kvm [7911]: Failed to find VMA for hva 0x20c01000 [ 9075.162801][ T7277] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9078.160693][ T7277] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9080.582190][ T7277] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9082.274568][ T7277] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9109.142961][ T7277] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9109.421092][ T7277] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9109.664477][ T7277] bond0 (unregistering): Released all slaves [ 9111.971521][ T7277] hsr_slave_0: left promiscuous mode [ 9112.039035][ T7277] hsr_slave_1: left promiscuous mode [ 9112.571458][ T7277] veth1_macvtap: left promiscuous mode [ 9112.580980][ T7277] veth0_macvtap: left promiscuous mode [ 9112.607489][ T7277] veth1_vlan: left promiscuous mode [ 9112.611326][ T7277] veth0_vlan: left promiscuous mode [ 9198.543844][ T8260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9198.981407][ T8260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9235.506480][ T8260] hsr_slave_0: entered promiscuous mode [ 9235.604407][ T8260] hsr_slave_1: entered promiscuous mode [ 9235.711510][ T8260] debugfs: 'hsr0' already exists in 'hsr' [ 9235.736419][ T8260] Cannot create hsr debugfs directory [ 9260.392372][ T8260] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 9260.983441][ T8260] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 9261.563917][ T8260] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 9262.200667][ T8260] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 9294.019156][ T8260] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9295.032592][ T8404] kvm [8404]: Failed to find VMA for hva 0x21016000 [ 9438.326133][ T8260] veth0_vlan: entered promiscuous mode [ 9439.273907][ T8260] veth1_vlan: entered promiscuous mode [ 9442.393621][ T8260] veth0_macvtap: entered promiscuous mode [ 9442.859394][ T8260] veth1_macvtap: entered promiscuous mode [ 9446.167194][ T8125] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9446.183438][ T35] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9446.184455][ T35] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9446.250428][ T35] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9525.652937][ T3417] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9526.863268][ T3417] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9528.380575][ T3417] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9530.031517][ T3417] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9553.312565][ T3417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9553.552475][ T3417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9553.748386][ T3417] bond0 (unregistering): Released all slaves [ 9556.150927][ T3417] hsr_slave_0: left promiscuous mode [ 9556.277583][ T3417] hsr_slave_1: left promiscuous mode [ 9557.146776][ T3417] veth1_macvtap: left promiscuous mode [ 9557.150523][ T3417] veth0_macvtap: left promiscuous mode [ 9557.179247][ T3417] veth1_vlan: left promiscuous mode [ 9557.216953][ T3417] veth0_vlan: left promiscuous mode [ 9589.203476][ T3417] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9590.568169][ T3417] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9591.790861][ T3417] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9593.055005][ T3417] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9614.839534][ T3417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9615.091445][ T3417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9615.383914][ T3417] bond0 (unregistering): Released all slaves [ 9617.430613][ T3417] hsr_slave_0: left promiscuous mode [ 9617.538643][ T3417] hsr_slave_1: left promiscuous mode [ 9618.158514][ T3417] veth1_macvtap: left promiscuous mode [ 9618.159898][ T3417] veth0_macvtap: left promiscuous mode [ 9618.180607][ T3417] veth1_vlan: left promiscuous mode [ 9618.187655][ T3417] veth0_vlan: left promiscuous mode [ 9643.928834][ T8528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9644.732245][ T8528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9669.143912][ T8528] hsr_slave_0: entered promiscuous mode [ 9669.242291][ T8528] hsr_slave_1: entered promiscuous mode [ 9676.031425][ T8552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9676.691955][ T8552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9695.527290][ T8528] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 9695.880072][ T8528] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 9696.163120][ T8528] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 9696.509298][ T8528] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 9709.028062][ T8552] hsr_slave_0: entered promiscuous mode [ 9709.121718][ T8552] hsr_slave_1: entered promiscuous mode [ 9709.171598][ T8552] debugfs: 'hsr0' already exists in 'hsr' [ 9709.174612][ T8552] Cannot create hsr debugfs directory [ 9726.671567][ T8528] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9731.857614][ T8552] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 9732.332332][ T8552] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 9732.829647][ T8552] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 9733.267623][ T8552] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 9762.161776][ T8552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9842.726066][ T8528] veth0_vlan: entered promiscuous mode [ 9843.441701][ T8528] veth1_vlan: entered promiscuous mode [ 9846.201267][ T8528] veth0_macvtap: entered promiscuous mode [ 9846.670500][ T8528] veth1_macvtap: entered promiscuous mode [ 9849.807084][ T7667] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9849.813460][ T7667] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9850.018398][ T7667] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9850.024375][ T7667] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9884.219942][ T8552] veth0_vlan: entered promiscuous mode [ 9885.044756][ T8552] veth1_vlan: entered promiscuous mode [ 9888.961804][ T8552] veth0_macvtap: entered promiscuous mode [ 9889.479821][ T8552] veth1_macvtap: entered promiscuous mode [ 9893.216943][ T7112] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9893.239686][ T7277] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9893.277352][ T7277] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9893.302638][ T7277] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10161.512698][ T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10164.611029][ T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10166.459474][ T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10168.379188][ T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10193.244010][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [10193.487481][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [10193.819741][ T35] bond0 (unregistering): Released all slaves [10196.596951][ T35] hsr_slave_0: left promiscuous mode [10196.939567][ T35] hsr_slave_1: left promiscuous mode [10197.823355][ T35] veth1_macvtap: left promiscuous mode [10197.838244][ T35] veth0_macvtap: left promiscuous mode [10197.869461][ T35] veth1_vlan: left promiscuous mode [10197.887481][ T35] veth0_vlan: left promiscuous mode [10234.224813][ T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10235.993040][ T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10237.897261][ T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10239.798728][ T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [10260.647093][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [10260.911638][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [10261.058911][ T35] bond0 (unregistering): Released all slaves [10262.894001][ T35] hsr_slave_0: left promiscuous mode [10262.922709][ T35] hsr_slave_1: left promiscuous mode [10263.115070][ T35] veth1_macvtap: left promiscuous mode [10263.122374][ T35] veth0_macvtap: left promiscuous mode [10263.150936][ T35] veth1_vlan: left promiscuous mode [10263.154667][ T35] veth0_vlan: left promiscuous mode [10312.438545][ T8963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10312.689254][ T8963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10315.288603][ T8969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10315.570995][ T8969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10340.910987][ T8963] hsr_slave_0: entered promiscuous mode [10341.004040][ T8963] hsr_slave_1: entered promiscuous mode [10345.065040][ T8969] hsr_slave_0: entered promiscuous mode [10345.134861][ T8969] hsr_slave_1: entered promiscuous mode [10345.237146][ T8969] debugfs: 'hsr0' already exists in 'hsr' [10345.260678][ T8969] Cannot create hsr debugfs directory [10370.632193][ T8963] netdevsim netdevsim7 netdevsim0: renamed from eth0 [10371.120070][ T8963] netdevsim netdevsim7 netdevsim1: renamed from eth1 [10371.469889][ T8963] netdevsim netdevsim7 netdevsim2: renamed from eth2 [10372.227846][ T8963] netdevsim netdevsim7 netdevsim3: renamed from eth3 [10375.983334][ T8969] netdevsim netdevsim8 netdevsim0: renamed from eth0 [10376.419666][ T8969] netdevsim netdevsim8 netdevsim1: renamed from eth1 [10376.747843][ T8969] netdevsim netdevsim8 netdevsim2: renamed from eth2 [10377.118597][ T8969] netdevsim netdevsim8 netdevsim3: renamed from eth3 [10400.038091][ T8963] 8021q: adding VLAN 0 to HW filter on device bond0 [10405.221132][ T8969] 8021q: adding VLAN 0 to HW filter on device bond0 [10519.999668][ T8963] veth0_vlan: entered promiscuous mode [10520.961835][ T8963] veth1_vlan: entered promiscuous mode [10524.311785][ T8963] veth0_macvtap: entered promiscuous mode [10525.427945][ T8963] veth1_macvtap: entered promiscuous mode [10526.972503][ T8969] veth0_vlan: entered promiscuous mode [10528.732726][ T8969] veth1_vlan: entered promiscuous mode [10531.192755][ T6519] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10531.197350][ T6519] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10531.271494][ T6519] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10531.287917][ T6519] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10534.975074][ T8969] veth0_macvtap: entered promiscuous mode [10536.032021][ T8969] veth1_macvtap: entered promiscuous mode [10540.054181][ T8958] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10540.058591][ T8958] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10540.090067][ T8958] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10540.149620][ T8986] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10609.411036][ T9265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x63f0000000000000 pfn:0x5a5ba [10609.521988][ T9265] flags: 0x1ffe04000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x81) [10609.563885][ T9265] raw: 01ffe04000000000 ffffc1ffc07eb748 ffffc1ffc0715a08 0000000000000000 [10609.609875][ T9265] raw: 63f0000000000000 0000000000000000 00000000ffffffff 0000000000000000 [10609.651093][ T9265] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0) [10609.681749][ T9265] ------------[ cut here ]------------ [10609.681995][ T9265] kernel BUG at ./include/linux/mm.h:1036! [10609.683715][ T9265] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [10609.688378][ T9265] Modules linked in: [10609.690473][ T9265] CPU: 0 UID: 0 PID: 9265 Comm: syz.8.424 Not tainted syzkaller #0 PREEMPT [10609.691915][ T9265] Hardware name: linux,dummy-virt (DT) [10609.693081][ T9265] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [10609.694323][ T9265] pc : kvm_s2_put_page+0x374/0x3a0 [10609.696458][ T9265] lr : kvm_s2_put_page+0x374/0x3a0 [10609.697347][ T9265] sp : ffff80008eb77830 [10609.698018][ T9265] x29: ffff80008eb77830 x28: c4f000001c568000 x27: c4f000001c568000 [10609.699502][ T9265] x26: 00000000000000ff x25: ffff80008734e000 x24: ffffc1ffc0000000 [10609.700672][ T9265] x23: ffffc1ffc0696e88 x22: 0000000000000000 x21: ffffc1ffc0696eb4 [10609.701943][ T9265] x20: 0000000000000000 x19: ffffc1ffc0696e80 x18: 0000000099bd1cd1 [10609.703181][ T9265] x17: 00000000046a6fb1 x16: 0000000099bcf4f9 x15: 00000000f4efb139 [10609.704456][ T9265] x14: ffffffffffffffff x13: fff0000022213b08 x12: 0000000000000001 [10609.705659][ T9265] x11: 0000000000000000 x10: 0000000000ff0100 x9 : 572f945d06cd1e00 [10609.707028][ T9265] x8 : 572f945d06cd1e00 x7 : ffff80008039fbc8 x6 : 0000000000000000 [10609.708276][ T9265] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800080390dd0 [10609.709504][ T9265] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e [10609.710955][ T9265] Call trace: [10609.711782][ T9265] kvm_s2_put_page+0x374/0x3a0 (P) [10609.712996][ T9265] stage2_free_walker+0x1b0/0x264 [10609.714014][ T9265] __kvm_pgtable_walk+0x7d8/0xa68 [10609.714964][ T9265] kvm_pgtable_walk+0x294/0x468 [10609.715875][ T9265] kvm_pgtable_stage2_destroy_range+0x60/0xb4 [10609.716892][ T9265] kvm_free_stage2_pgd+0x198/0x28c [10609.717863][ T9265] kvm_uninit_stage2_mmu+0x20/0x38 [10609.718794][ T9265] kvm_arch_flush_shadow_all+0x1a8/0x1e0 [10609.719800][ T9265] kvm_mmu_notifier_release+0x48/0xa8 [10609.720749][ T9265] mmu_notifier_unregister+0x128/0x42c [10609.721737][ T9265] kvm_put_kvm+0x6a0/0xfa8 [10609.722540][ T9265] kvm_vm_release+0x58/0x78 [10609.723367][ T9265] __fput+0x4ac/0x980 [10609.724126][ T9265] ____fput+0x20/0x58 [10609.724901][ T9265] task_work_run+0x1bc/0x254 [10609.725733][ T9265] do_notify_resume+0x1bc/0x270 [10609.726633][ T9265] el0_svc+0xb8/0x164 [10609.727410][ T9265] el0t_64_sync_handler+0x84/0x12c [10609.728292][ T9265] el0t_64_sync+0x198/0x19c [10609.729751][ T9265] Code: f00375a1 912d8c21 aa1303e0 97f9c9f2 (d4210000) [10609.731586][ T9265] ---[ end trace 0000000000000000 ]--- [10609.733097][ T9265] Kernel panic - not syncing: Oops - BUG: Fatal exception [10609.734995][ T9265] Kernel Offset: disabled [10609.735702][ T9265] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f [10609.736769][ T9265] Memory Limit: none [10609.738410][ T9265] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:22:53 Registers: info registers vcpu 0 CPU#0 PC=ffff8000821289c0 X00=0000000000000003 X01=0000000000000002 X02=000000000000002a X03=ffff8000821287b4 X04=0000000000000001 X05=0000000000000000 X06=ffff800081f0f8b4 X07=ffff800080015834 X08=d0ff80008c43b000 X09=0000000000000030 X10=0000000000000030 X11=00000000000000fe X12=0000000000000045 X13=0000000000000007 X14=0000000000000000 X15=ffff800087f69a20 X16=0000000000000000 X17=00000000046a6fb1 X18=0000000099bd1cd1 X19=efff800000000000 X20=45f000000dcb0880 X21=d0ff80008c43b018 X22=0000000000000002 X23=45f000000dcb097c X24=0000000000000045 X25=0000000000000000 X26=d0ff80008c43b000 X27=0000000000000045 X28=0000000000000045 X29=ffff80008eb77040 X30=ffff8000821289b4 SP=ffff80008eb77030 PSTATE=804023c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=2525252525252525:2525252525252525 Z01=000000756c6c2570:6f6f6c2f7665642f Z02=0000000000000000:f0000000ffffffff Z03=ffffff000000ff00:0000000000000000 Z04=0000000000000000:fff000f000000000 Z05=bb448243222c92da:e3914ed4e87380b0 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffeab9be80:0000ffffeab9be80 Z17=ffffff80ffffffd0:0000ffffeab9be50 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000