last executing test programs: 2h26m36.346077494s ago: executing program 32 (id=98): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r4 = ioctl$KVM_CREATE_VM(r3, 0x400454ca, 0x110c230008) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) r9 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r9, 0x1}) (async) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r9, 0x3}) (async) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x1, r9, 0xf}) (async) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f00000001c0)={0xffffffffffffffff, 0x8, 0x3, r9}) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async, rerun: 32) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r11, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x19) (async) r12 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x0, {0x1, 0x85}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) (async) ioctl$KVM_SET_VCPU_EVENTS(r12, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) 2h26m30.34392841s ago: executing program 33 (id=99): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x14}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xb2) 2h10m47.452570294s ago: executing program 34 (id=183): munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x7f) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@other={0xa02, &(0x7f00000000c0)=0xe5}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2e) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000240)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x8005}) r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x32) ioctl$KVM_CLEAR_DIRTY_LOG(r12, 0xc018aec0, &(0x7f0000000180)={0x3, 0x80, 0x180, &(0x7f0000000380)=[0x7, 0xb, 0x7, 0xbef, 0x7, 0x2, 0x6, 0x6, 0x8001, 0x5, 0xfffffffffffffff7, 0xf, 0xf, 0x7, 0x3, 0x5, 0x1ff, 0x2, 0x7, 0x10001, 0x1000, 0xffffffffffffffff, 0x0, 0x3, 0x8, 0x0, 0x4, 0x9, 0xe8d, 0x9, 0x8000000000000000, 0x7f, 0x2, 0x81, 0x529, 0x0, 0x5, 0x3, 0x4, 0x1000, 0x6, 0x2, 0xdd, 0x800000000000000, 0x80000001, 0x5, 0x80000000, 0x7ff, 0x1, 0x5, 0xc, 0x6, 0xffffffffffff8000, 0x7fffffffffffffff, 0x4, 0x100000001, 0x5, 0xd6, 0x4, 0x1000, 0x7, 0x1000, 0x6, 0x2, 0x2, 0x6, 0x9, 0x62f, 0x5, 0x5c0, 0x2, 0x7, 0x3, 0x8, 0x8000, 0x799, 0xb1, 0x3, 0x7fffffff, 0x6, 0x6, 0x1, 0x0, 0x7, 0x6, 0x0, 0x0, 0x3, 0x8000, 0x32755bb2, 0x100000000, 0x2, 0x3, 0x8, 0x7, 0x8, 0x80000000, 0x2, 0x80, 0x9b2, 0x5, 0x8, 0x0, 0x80, 0x8000000000000004, 0xc783, 0x9, 0x19, 0x7, 0x9, 0xb, 0x1, 0xfff, 0x2, 0x0, 0x3682, 0x43, 0x8, 0x200, 0x2, 0x100000001, 0x5, 0x101, 0x9, 0x4, 0xfffffffffffffffc, 0x29b5df22, 0x9]}) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r16, 0x4010aeab, &(0x7f0000000000)=@arm64_sys={0x603000000013c661, &(0x7f00000001c0)=0x7fffffff}) r17 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x21) r18 = ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x800003, 0x11, r16, 0x0) ioctl$KVM_ARM_PREFERRED_TARGET(r18, 0x8020aeaf, &(0x7f0000000000)) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r18, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r0, 0x0, 0x7d7b465c1d30afba, r18, 0x0) 2h10m34.513394363s ago: executing program 35 (id=185): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0x2, 0x20000013) (async) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000fe5000/0x3000)=nil, r1, 0x2, 0x10, r4, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r6, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 1h52m36.466578533s ago: executing program 4 (id=273): r0 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000840)=[@featur1={0x1, 0xc7}], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x4000, 0x13000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f00000003c0)={0x4, 0xa7e9ea20e9018807, 0x1}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r0, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 1h52m23.255545538s ago: executing program 4 (id=274): mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0xc, 0x100010, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f00000a7000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0xfffffffffffffdd4}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11}) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x400000)=nil, r0, 0x0, 0x10, r3, 0x0) (async) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8000ae83, &(0x7f0000000340)) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r9 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) (async) r14 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r15, 0x3, 0x11, r14, 0x0) (async) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) 1h52m17.613990613s ago: executing program 5 (id=275): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x2000) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200800, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x3) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r2, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r8, 0x1, 0x2012, r7, 0x0) mmap$KVM_VCPU(&(0x7f0000e2c000/0x4000)=nil, r8, 0x2000000, 0x100010, r7, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x0, 0x40000, 0x1000, &(0x7f0000e31000/0x1000)=nil}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) r9 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece) mmap$KVM_VCPU(&(0x7f0000010000/0x3000)=nil, r2, 0x8, 0x4000010, r9, 0x0) 1h51m59.368469484s ago: executing program 5 (id=276): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0xc018ae85, &(0x7f00000003c0)=@arm64_bitmap={0x6030000000160001, 0x0}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000000c0)={0x5, 0x340, 0x1, 0x0}) 1h51m58.65452419s ago: executing program 4 (id=277): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r6, 0x4018aee3, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xb}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x0, 0x20010, r6, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000004, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000834000/0x3000)=nil, 0x930, 0x100000a, 0x8032, 0xffffffffffffffff, 0x0) 1h51m46.67551289s ago: executing program 5 (id=278): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000000)={0x76dc8650, 0x4}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0xe0000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x0, &(0x7f00000002c0)=0x2c172c22}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f0000000240)={0xfffffffd, 0x4}) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000080)={0x5, 0x2}) ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x8}) ioctl$KVM_CREATE_VM(r1, 0x40086602, 0x20000000) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000001c0)={0xa, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000340)=0xfffffffffffffffc}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x33) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb1cc94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r12, &(0x7f00000001c0)=0x7ffffff, 0xe80) 1h51m45.305930576s ago: executing program 4 (id=279): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) (rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x401054d5, 0x800000110c230021) (async, rerun: 32) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async, rerun: 32) r5 = syz_kvm_vgic_v3_setup(r4, 0x2, 0x1c0) (rerun: 32) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f00000001c0)=0x9}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async, rerun: 32) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x5d6d}) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async, rerun: 32) r13 = eventfd2(0x8, 0x80800) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f00000000c0)={r13, 0x3}) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000000)={r13, 0x9, 0x3, r13}) r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xb) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r14, r15, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x602000000011000c, &(0x7f00000000c0)=0x294}) 1h51m0.258274939s ago: executing program 36 (id=278): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000000)={0x76dc8650, 0x4}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0xe0000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x0, &(0x7f00000002c0)=0x2c172c22}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f0000000240)={0xfffffffd, 0x4}) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000080)={0x5, 0x2}) ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x8}) ioctl$KVM_CREATE_VM(r1, 0x40086602, 0x20000000) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000001c0)={0xa, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000340)=0xfffffffffffffffc}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x33) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb1cc94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r12, &(0x7f00000001c0)=0x7ffffff, 0xe80) 1h50m56.36855214s ago: executing program 37 (id=279): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) (rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x401054d5, 0x800000110c230021) (async, rerun: 32) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async, rerun: 32) r5 = syz_kvm_vgic_v3_setup(r4, 0x2, 0x1c0) (rerun: 32) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f00000001c0)=0x9}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async, rerun: 32) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x5d6d}) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async, rerun: 32) r13 = eventfd2(0x8, 0x80800) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f00000000c0)={r13, 0x3}) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000000)={r13, 0x9, 0x3, r13}) r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xb) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r14, r15, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x602000000011000c, &(0x7f00000000c0)=0x294}) 1h38m53.67034281s ago: executing program 6 (id=306): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (rerun: 64) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) (async) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async, rerun: 64) munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000) (rerun: 64) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) (async, rerun: 32) munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) (rerun: 32) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000d47000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 32) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x12, 0xffffffffffffffff, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) 1h38m38.192920067s ago: executing program 6 (id=307): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000761000/0x2000)=nil, 0x0, 0x0, 0x12, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x40010, 0xffffffffffffffff, 0x0) 1h38m18.062261547s ago: executing program 6 (id=309): r0 = eventfd2(0x0, 0x80000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0) eventfd2(0x6, 0x800) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000280)={r0, 0x6}) ioctl$KVM_IRQFD(r3, 0x4020ae76, 0x0) close(r3) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x7f) syz_kvm_vgic_v3_setup(r4, 0x2, 0x100) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r0, 0x3}) 1h37m55.122944988s ago: executing program 6 (id=312): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25) ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000000c0)={0xf5}) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0xd0}], 0x1) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x300, &(0x7f0000000080)=0x4}) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x4}], 0x1) r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000003, [0x6, 0x100000003, 0x4, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1h37m30.060180082s ago: executing program 6 (id=314): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000baa000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x100, 0x0) close(0x3) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xab) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) r7 = eventfd2(0x0, 0x0) close(r7) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r7, &(0x7f00000001c0)=0x87, 0xffea) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r8, &(0x7f0000e8a000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2) r12 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x300, &(0x7f0000000080)=0x4}) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x6, 0xffffffffffffffff, 0x1}) 1h37m5.943255645s ago: executing program 6 (id=316): r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0x8, 0x9}) write$eventfd(r0, &(0x7f0000000040)=0xd, 0x8) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000000c0)={0x3, 0x4, 0xddde3000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x5, r0}) close(r3) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000180)={0x7, 0x1, 0xfff9}) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0xca000, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000280)) r4 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000740)=[{0x0, &(0x7f0000000300)=[@uexit={0x0, 0x18, 0xfffffffffffffffc}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0x2, 0x3, 0x6, 0x4}}, @hvc={0x32, 0x40, {0x84000011, [0x4, 0x6, 0x75d0, 0x9, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013c018}}, @svc={0x122, 0x40, {0x200, [0x8, 0x3, 0xffff, 0x9, 0x6]}}, @svc={0x122, 0x40, {0x84000008, [0x100000001, 0x3, 0xce, 0x0, 0x8000]}}, @code={0xa, 0x84, {"60439bd200c0b0f2010080d2020080d2430080d2a40080d2020000d400000071c0f982d20040b8f2610080d2820080d2c30080d2240180d2020000d40060c00d007008d5008008d500b8215ec09b99d20080b0f2810180d2e20080d2030180d2840080d2020000d4008008d5008008d5"}}, @uexit={0x0, 0x18, 0x7fffffff}, @eret={0xe6, 0x18}, @smc={0x1e, 0x40, {0xc400000e, [0xffffffffffffffff, 0x6, 0x3, 0x0, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013df7d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x400, 0x7}}, @irq_setup={0x46, 0x18, {0x0, 0x1dc}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x2b7}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x31000000, [0x7, 0x8000, 0x6, 0x9, 0x7fff]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x48}}, @smc={0x1e, 0x40, {0xc4000003, [0xfffffffffffffffd, 0x0, 0x7, 0x1976, 0x49ed]}}, @code={0xa, 0x84, {"007008d50000299e405b96d200a0b8f2a10080d2020180d2830180d2440180d2020000d4000080130078284e0008203c000583d200c0b8f2810180d2c20180d2230180d2840180d2020000d4e003bfd6e03f86d200e0b0f2210080d2620080d2830180d2640080d2020000d4007008d5"}}, @svc={0x122, 0x40, {0xc4002005, [0x4, 0x0, 0x9, 0x4]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x239}}], 0x440}], 0x1, 0x0, &(0x7f0000000780)=[@featur2={0x1, 0xed}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000007c0)={0x3, 0x1, 0x41000, 0x2000, &(0x7f0000da5000/0x2000)=nil, 0xc, r0}) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x30) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000880)={0x9, 0x2}) ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000000900)=@attr_other={0x0, 0x7, 0x1, &(0x7f00000008c0)=0x6}) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000f71000/0x2000)=nil, r7, 0x4000000, 0x10010, r0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000940)={0x2, 0x8}) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x2) close(r2) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000980)) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000a00)={0xd0, 0x8}) write$eventfd(r4, &(0x7f0000000a40)=0x6, 0x8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) 1h36m17.180579748s ago: executing program 38 (id=316): r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0x8, 0x9}) write$eventfd(r0, &(0x7f0000000040)=0xd, 0x8) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000000c0)={0x3, 0x4, 0xddde3000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x5, r0}) close(r3) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000180)={0x7, 0x1, 0xfff9}) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0xca000, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000280)) r4 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000740)=[{0x0, &(0x7f0000000300)=[@uexit={0x0, 0x18, 0xfffffffffffffffc}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0x2, 0x3, 0x6, 0x4}}, @hvc={0x32, 0x40, {0x84000011, [0x4, 0x6, 0x75d0, 0x9, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013c018}}, @svc={0x122, 0x40, {0x200, [0x8, 0x3, 0xffff, 0x9, 0x6]}}, @svc={0x122, 0x40, {0x84000008, [0x100000001, 0x3, 0xce, 0x0, 0x8000]}}, @code={0xa, 0x84, {"60439bd200c0b0f2010080d2020080d2430080d2a40080d2020000d400000071c0f982d20040b8f2610080d2820080d2c30080d2240180d2020000d40060c00d007008d5008008d500b8215ec09b99d20080b0f2810180d2e20080d2030180d2840080d2020000d4008008d5008008d5"}}, @uexit={0x0, 0x18, 0x7fffffff}, @eret={0xe6, 0x18}, @smc={0x1e, 0x40, {0xc400000e, [0xffffffffffffffff, 0x6, 0x3, 0x0, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013df7d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x400, 0x7}}, @irq_setup={0x46, 0x18, {0x0, 0x1dc}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x2b7}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x31000000, [0x7, 0x8000, 0x6, 0x9, 0x7fff]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x48}}, @smc={0x1e, 0x40, {0xc4000003, [0xfffffffffffffffd, 0x0, 0x7, 0x1976, 0x49ed]}}, @code={0xa, 0x84, {"007008d50000299e405b96d200a0b8f2a10080d2020180d2830180d2440180d2020000d4000080130078284e0008203c000583d200c0b8f2810180d2c20180d2230180d2840180d2020000d4e003bfd6e03f86d200e0b0f2210080d2620080d2830180d2640080d2020000d4007008d5"}}, @svc={0x122, 0x40, {0xc4002005, [0x4, 0x0, 0x9, 0x4]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x239}}], 0x440}], 0x1, 0x0, &(0x7f0000000780)=[@featur2={0x1, 0xed}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000007c0)={0x3, 0x1, 0x41000, 0x2000, &(0x7f0000da5000/0x2000)=nil, 0xc, r0}) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x30) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000880)={0x9, 0x2}) ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000000900)=@attr_other={0x0, 0x7, 0x1, &(0x7f00000008c0)=0x6}) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000f71000/0x2000)=nil, r7, 0x4000000, 0x10010, r0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000940)={0x2, 0x8}) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x2) close(r2) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000980)) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000a00)={0xd0, 0x8}) write$eventfd(r4, &(0x7f0000000a40)=0x6, 0x8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) 1h31m47.870872755s ago: executing program 7 (id=335): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x4000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) syz_kvm_vgic_v3_setup(r1, 0x5, 0x1c0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000180)=@arm64_core={0x603000000010000e, &(0x7f0000000000)=0x3}) r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000140)=0x800001d}) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x3, 0xa0) r13 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x27) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x2000000000001}}], 0x28}, 0x0, 0x0) 1h31m24.844539508s ago: executing program 7 (id=336): mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000180)=@attr_arm64={0x0, 0x4, 0x2, &(0x7f0000000080)=0xd450}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28) (async) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x8000}) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r7, 0x40000) (async) mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r7, 0x40000) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000240)=0xfffffffffffffffe}) eventfd2(0x0, 0x800) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) 1h31m9.932276247s ago: executing program 7 (id=337): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0x40049409, 0x9) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xfffffffffffffffb) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10}) 1h30m46.354769656s ago: executing program 7 (id=338): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) r4 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x24202, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000d9c000/0x1000)=nil, 0x0, 0x3000004, 0x20010, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="71f160f45496d5a20af0015b1272e0529066d5bcd401afe54b846cdeedf76178633d4fd119372af2bc30e3ab16494990fbaa205e58985190cbc5c222f69cf05baecb23cb9ed15e97", 0x0, 0x48) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x1, 0x200000, 0x1000, &(0x7f0000f88000/0x1000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1h30m22.412216463s ago: executing program 7 (id=339): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil}) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r11, 0x3, 0xa0) (async) r12 = eventfd2(0x6, 0x800) ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f0000000280)={r12, 0x9}) (async, rerun: 32) write$eventfd(r12, &(0x7f0000000240)=0xd, 0x8) (rerun: 32) ioctl$KVM_IRQFD(r11, 0x4020ae76, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20) (async) close(r11) (async) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1h30m2.290628327s ago: executing program 7 (id=340): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000340)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x6030000000139808}}, @its_setup={0x82, 0x28, {0x1, 0xffffffffffffffff, 0x1}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) eventfd2(0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) 1h29m13.330510293s ago: executing program 39 (id=340): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000340)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x6030000000139808}}, @its_setup={0x82, 0x28, {0x1, 0xffffffffffffffff, 0x1}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) eventfd2(0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) 1h15m2.442576309s ago: executing program 8 (id=356): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000000)={0x10, 0xb3}) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0xffffffffffffffff) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x500, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0xc, 0x2, &(0x7f0000000080)=0x9}) 1h14m40.164483538s ago: executing program 9 (id=357): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, 0xfffffffffffffffe) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000000)={0x3, 0x380, 0x340, &(0x7f00000000c0)=[0x0, 0xffffffffffffffff, 0x5, 0xd46c, 0x100000000, 0x0, 0x70, 0x4, 0x8, 0xdc77847, 0x1, 0x5, 0x3, 0x5, 0x15400000, 0x4f, 0x4, 0xffffffffffffffff, 0xf, 0x9, 0x0, 0x29, 0x7f, 0x80, 0x0, 0x7fff, 0x4, 0x4952, 0x100000000, 0x8000000000000001, 0x74, 0x9, 0xe3c, 0x4, 0x87, 0x4, 0xeae, 0x795e, 0x0, 0xb5c8, 0x1, 0x2d4cb33, 0x8, 0x8, 0x4, 0x1ff, 0xc, 0x40, 0xfffffffffffffff8, 0x5, 0x100000001, 0x6, 0xff, 0x1, 0x200, 0x1, 0x5, 0x0, 0x7, 0xaa, 0x8, 0x7, 0x400, 0x9, 0x10, 0x8, 0x1ce, 0x0, 0x40, 0x67, 0x4, 0xb6, 0x0, 0x1, 0x29, 0x4223, 0x1, 0x3, 0x0, 0x8, 0x70f5, 0xfffffffffffffe0b, 0x1baa, 0x0, 0x0, 0x10000, 0x1, 0x7, 0xffffffffffffffff, 0x3, 0x8000, 0xfffffffffffffff8, 0xffffffff7fffffff, 0x0, 0xff, 0xf6, 0x8000000000000000, 0x8, 0x2, 0x1, 0x0, 0x24, 0x4, 0x2, 0x401, 0x3, 0xfffffffffffffa88, 0x6, 0x7, 0x7, 0x8, 0x7, 0x8, 0x4, 0x7, 0x0, 0xfffffffffffffffb, 0x7f, 0x0, 0xfffffffffffff54e, 0x7, 0x5, 0x4, 0xffff, 0xffffffff, 0x6, 0x7, 0x5]}) 1h14m33.310634456s ago: executing program 8 (id=358): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r11 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r11, 0x2}) (async) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000200)={0x4, 0xd000, 0x8, r11, 0xa}) (async) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r11, 0x3}) (async) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f00000001c0)={r11, 0x3, 0x2}) (async) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x1}) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0xfffffffffffffffc}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r13 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000361000/0x1000)=nil, 0x930, 0x280000b, 0x11, r13, 0x0) (async) syz_kvm_setup_cpu$arm64(r3, r13, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async, rerun: 64) r14 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x5, 0xfffffffffffffff1, &(0x7f0000000080)=0x5}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000000)={0x67945cfd84e9f082, 0x0, 0x1}) 1h14m13.372664034s ago: executing program 9 (id=359): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffeffffffffffffd) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r3, 0x603000000013c4f1, 0x8000) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000000)) 1h14m7.033108186s ago: executing program 8 (id=360): mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x30, 0xffffffffffffffff, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1h13m58.482598985s ago: executing program 9 (id=361): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async, rerun: 32) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0x8000}) r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r11}) (async, rerun: 32) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async, rerun: 64) r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (rerun: 64) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000003c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve={0x6080000000150008, 0x0}) (async) r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x3550, 0x3}}], 0x30}, 0x0, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3f) (async) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x6, 0x1, &(0x7f0000000100)=0x9}) (async) ioctl$KVM_RUN(r15, 0xae80, 0x0) eventfd2(0x7f000, 0x80800) (async) r17 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r17, 0xae04) 1h13m52.21837497s ago: executing program 8 (id=362): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x101300, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000240)={0x0, 0x5ded}) (async) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000180)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000140)=0x1f}) (async) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async) ioctl$KVM_GET_REG_LIST(r9, 0xc008aeb0, 0x0) (async) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000080)={0xe4, 0x0, 0x800}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffff801}) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7e) 1h13m39.916577882s ago: executing program 9 (id=363): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x40005) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000000)={0x30000, 0x108000, 0x1}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, 0x0) 1h13m34.230044095s ago: executing program 8 (id=364): openat$kvm(0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000000), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f00009aa000/0x400000)=nil, &(0x7f0000000600)=[{0x0, &(0x7f0000000440)=[@hvc={0x32, 0x40, {0x84000007, [0x1, 0x0, 0xf, 0xfa17, 0xeb6]}}, @smc={0x1e, 0x40, {0x4, [0x72c, 0xd, 0xe]}}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x84000012, [0x8000000000000001, 0x232, 0x95a, 0x4, 0x9]}}, @msr={0x14, 0x20, {0x603000000013c02d, 0x3}}, @smc={0x1e, 0x40, {0xc4000001, [0x3, 0xa, 0x8, 0x3, 0x1]}}, @svc={0x122, 0x40, {0x6000000, [0x7, 0x8, 0x800, 0x2, 0x287]}}, @mrs={0xbe, 0x18, {0x603000000013e6c7}}, @uexit={0x0, 0x18, 0x5}], 0x1a8}], 0x1, 0x0, &(0x7f0000000640)=[@featur1={0x1, 0xc}], 0x1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000040)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x2000, [0x2, 0x99, 0x7, 0x4, 0x8]}}, @code={0xa, 0x84, {"007008d500788fd20080b8f2810080d2420080d2e30180d2a40080d2020000d4000994d20000b0f2a10180d2a20080d2230080d2c40180d2020000d4000028d5008040c80000291e000008d5e04e85d20040b0f2c10080d2820080d2c30180d2840080d2020000d4000008d500fca09b"}}, @eret={0xe6, 0x18, 0x46c06367}, @irq_setup={0x46, 0x18, {0x4, 0x17}}, @mrs={0xbe, 0x18, {0x603000000013deb3}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x3ef}}, @memwrite={0x6e, 0x30, @generic={0x80a0000, 0x6b1, 0x7, 0x2}}, @msr={0x14, 0x20, {0x6030000000138034, 0x10001}}, @svc={0x122, 0x40, {0x86000001, [0x40, 0x2, 0x1, 0x28b, 0x7]}}, @uexit={0x0, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013c648, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x7, 0x3, 0x1000, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013df00}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x3b}}, @mrs={0xbe, 0x18, {0x603000000013dce1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x2, 0x1}}, @smc={0x1e, 0x40, {0x8400000f, [0xd, 0x6, 0xe, 0x3, 0xe7]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x7, 0x37, 0x2, 0x3}}, @uexit={0x0, 0x18, 0x9}], 0x32c}, &(0x7f0000000400), 0x1) r5 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40) syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000b40)=[{0x0, &(0x7f0000000680)=[@uexit={0x0, 0x18, 0xcbd}, @mrs={0xbe, 0x18, {0x603000000013e658}}, @eret={0xe6, 0x18, 0x10}, @its_send_cmd={0xaa, 0x28, {0xc, 0x19, 0x0, 0xf, 0x7, 0x457, 0x4}}, @msr={0x14, 0x20, {0x603000000013deb9, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x34a}}, @uexit={0x0, 0x18, 0x9}, @hvc={0x32, 0x40, {0x31000000, [0x3, 0x10000, 0x6, 0xfffffffffffffff1, 0x2bc3]}}, @mrs={0xbe, 0x18, {0x6030000000138036}}, @msr={0x14, 0x20, {0x603000000013dc8b, 0xffff}}, @svc={0x122, 0x40, {0xc4000001, [0x7, 0x2, 0x84, 0x2, 0x1]}}, @uexit={0x0, 0x18, 0x60800000}, @eret={0xe6, 0x18, 0x93}, @uexit={0x0, 0x18, 0xffffffffffffffe8}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x2, 0x3, 0x4, 0xfffff6f9}}, @eret={0xe6, 0x18, 0x40}, @hvc={0x32, 0x40, {0x100, [0x6, 0xffffffffffffffff, 0x8, 0x400, 0x12]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x143}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x10, 0xc}}, @code={0xa, 0x6c, {"00c0231e0000609e0090800f008008d50020400d007008d5007008d580c287d200a0b8f2210180d2c20080d2630080d2040080d2020000d4007008d5001d87d200c0b0f2410180d2620080d2a30080d2c40180d2020000d4"}}, @svc={0x122, 0x40, {0x80008000, [0x2022, 0xffffffff80000001, 0x573d, 0x4, 0x67]}}, @svc={0x122, 0x40, {0x400, [0x4, 0x8, 0x8001, 0x100000000, 0x4]}}, @code={0xa, 0x84, {"e07787d20060b0f2010080d2420080d2c30180d2040180d2020000d4804a97d200e0b8f2010180d2420180d2430180d2440180d2020000d4e0d789d200a0b8f2c10080d2e20180d2a30080d2e40080d2020000d40088205e00c0204e007008d5007008d5000008d5007008d5000028d5"}}, @code={0xa, 0x6c, {"00b8215e000028d50044002f0040601ee05c9ad200c0b0f2010180d2820080d2030180d2640180d2020000d40084e00d003c200e40f39dd20020b8f2610080d2820080d2430080d2a40080d2020000d400000012000020aa"}}, @mrs={0xbe, 0x18, {0x603000000013deee}}], 0x48c}], 0x1, 0x0, &(0x7f0000000b80)=[@featur1={0x1, 0x48}], 0x1) syz_kvm_vgic_v3_setup(r2, 0x3, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x3, 0x5, 0xffffffffffffffff}) 1h13m24.976186763s ago: executing program 9 (id=365): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x1, 0xffffffffffffffff}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x1, 0x2, &(0x7f0000000240)=0x8}) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000000)={0xfffff968, 0x5}) 1h13m12.057872255s ago: executing program 8 (id=366): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1c) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r8, 0x3, 0x40b2811, r7, 0x0) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r9, 0x4010ae68, &(0x7f0000000000)={0x54000, 0x1000}) ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000000180)={0x1e, "6260184e0a645c52480297aa95dde12f29bf6f1b442ae96ded4032072767"}) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 1h13m4.45628985s ago: executing program 9 (id=367): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x2df}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xfa, 0xd}}, @hvc={0x32, 0x40, {0xc400000d, [0xbb6d, 0x4af3, 0x96, 0x3]}}, @uexit={0x0, 0x18, 0x60000}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x6, 0xd, 0x80, 0x4}}, @smc={0x1e, 0x40, {0xe6000814, [0x6da, 0x7, 0x6, 0x6, 0x8]}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000050, [0x250a80, 0x2, 0x0, 0x0, 0xd3a]}}, @code={0xa, 0x9c, {"007008d5007008d5e0b998d20080b8f2610080d2820080d2830180d2440180d2020000d460ce95d200a0b8f2010080d2220180d2a30080d2e40080d2020000d400f4a02e801796d200c0b8f2610080d2620080d2430080d2440180d2020000d40000402c0098202e40338dd20040b0f2210080d2c20180d2a30080d2c40080d2020000d4e0039f5a"}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffffb, 0xffffffffffffffe4, 0xf7, 0xf05, 0xfffffffffffffff7]}}], 0x24c}, &(0x7f0000000100)=[@featur1={0x1, 0x21}], 0x1) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1}) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000040)=0x3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x2df}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xfa, 0xd}}, @hvc={0x32, 0x40, {0xc400000d, [0xbb6d, 0x4af3, 0x96, 0x3]}}, @uexit={0x0, 0x18, 0x60000}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x6, 0xd, 0x80, 0x4}}, @smc={0x1e, 0x40, {0xe6000814, [0x6da, 0x7, 0x6, 0x6, 0x8]}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000050, [0x250a80, 0x2, 0x0, 0x0, 0xd3a]}}, @code={0xa, 0x9c, {"007008d5007008d5e0b998d20080b8f2610080d2820080d2830180d2440180d2020000d460ce95d200a0b8f2010080d2220180d2a30080d2e40080d2020000d400f4a02e801796d200c0b8f2610080d2620080d2430080d2440180d2020000d40000402c0098202e40338dd20040b0f2210080d2c20180d2a30080d2c40080d2020000d4e0039f5a"}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffffb, 0xffffffffffffffe4, 0xf7, 0xf05, 0xfffffffffffffff7]}}], 0x24c}, &(0x7f0000000100)=[@featur1={0x1, 0x21}], 0x1) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000040)=0x3}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) 1h12m24.413642783s ago: executing program 40 (id=366): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1c) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r8, 0x3, 0x40b2811, r7, 0x0) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r9, 0x4010ae68, &(0x7f0000000000)={0x54000, 0x1000}) ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000000180)={0x1e, "6260184e0a645c52480297aa95dde12f29bf6f1b442ae96ded4032072767"}) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 1h12m14.094455957s ago: executing program 41 (id=367): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x2df}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xfa, 0xd}}, @hvc={0x32, 0x40, {0xc400000d, [0xbb6d, 0x4af3, 0x96, 0x3]}}, @uexit={0x0, 0x18, 0x60000}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x6, 0xd, 0x80, 0x4}}, @smc={0x1e, 0x40, {0xe6000814, [0x6da, 0x7, 0x6, 0x6, 0x8]}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000050, [0x250a80, 0x2, 0x0, 0x0, 0xd3a]}}, @code={0xa, 0x9c, {"007008d5007008d5e0b998d20080b8f2610080d2820080d2830180d2440180d2020000d460ce95d200a0b8f2010080d2220180d2a30080d2e40080d2020000d400f4a02e801796d200c0b8f2610080d2620080d2430080d2440180d2020000d40000402c0098202e40338dd20040b0f2210080d2c20180d2a30080d2c40080d2020000d4e0039f5a"}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffffb, 0xffffffffffffffe4, 0xf7, 0xf05, 0xfffffffffffffff7]}}], 0x24c}, &(0x7f0000000100)=[@featur1={0x1, 0x21}], 0x1) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1}) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000040)=0x3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x2df}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xfa, 0xd}}, @hvc={0x32, 0x40, {0xc400000d, [0xbb6d, 0x4af3, 0x96, 0x3]}}, @uexit={0x0, 0x18, 0x60000}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x6, 0xd, 0x80, 0x4}}, @smc={0x1e, 0x40, {0xe6000814, [0x6da, 0x7, 0x6, 0x6, 0x8]}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000050, [0x250a80, 0x2, 0x0, 0x0, 0xd3a]}}, @code={0xa, 0x9c, {"007008d5007008d5e0b998d20080b8f2610080d2820080d2830180d2440180d2020000d460ce95d200a0b8f2010080d2220180d2a30080d2e40080d2020000d400f4a02e801796d200c0b8f2610080d2620080d2430080d2440180d2020000d40000402c0098202e40338dd20040b0f2210080d2c20180d2a30080d2c40080d2020000d4e0039f5a"}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffffb, 0xffffffffffffffe4, 0xf7, 0xf05, 0xfffffffffffffff7]}}], 0x24c}, &(0x7f0000000100)=[@featur1={0x1, 0x21}], 0x1) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000040)=0x3}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) 32m7.405297277s ago: executing program 1 (id=520): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x109880, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x2000, [0x49, 0xa, 0xcf, 0xe, 0x4fae]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x10000, 0x0, 0x0, 0x2}}], 0x68}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x4, 0x0}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r4, 0x4010aeab, &(0x7f0000000040)={0xffffffffffffff81, 0x80a0000}) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) 31m51.406981834s ago: executing program 0 (id=521): ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(0xffffffffffffffff, 0x4010ae74, &(0x7f0000000000)={0x0, 0x7, 0x7}) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x13) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000040)) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x10001, 0x1, 0xf000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000000100)=0x3) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r0, 0x3, 0x2a0) syz_kvm_setup_cpu$arm64(r0, 0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000640)=[{0x0, &(0x7f0000000140)=[@uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0xc4000012, [0x7fffffffffffffff, 0x0, 0x4, 0xfffffffffffffff9, 0x700]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x175}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x8}, @msr={0x14, 0x20, {0x603000000013800c, 0xfffffffffffffffa}}, @smc={0x1e, 0x40, {0x10, [0x7, 0x80000001, 0x6, 0x9, 0x5]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x3, 0x8, 0x80000001, 0x2}}, @mrs={0xbe, 0x18, {0x2596}}, @code={0xa, 0x3c, {"0020e00d007008d5007008d5007008d50060400c0000711e003c000e0080c008008008d5007008d5"}}, @smc={0x1e, 0x40, {0x80008000, [0x3b18, 0x8, 0x7f, 0x2524, 0x6]}}, @svc={0x122, 0x40, {0x84000013, [0x8, 0x4, 0x6, 0x8000, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x48, 0x30b1, 0xa}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x391, 0x8, 0x6}}, @uexit={0x0, 0x18, 0x5}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x1009c, 0x9, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0xfffffffffffffc54, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e667}}, @msr={0x14, 0x20, {0x603000000013c029, 0x2}}, @uexit={0x0, 0x18, 0xc27}, @smc={0x1e, 0x40, {0x400, [0xfffffffffffff8e9, 0x7fff, 0x3, 0x7f, 0x10000]}}, @eret={0xe6, 0x18, 0x2}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xd14, 0xfffffffffffffffd, 0x3}}, @irq_setup={0x46, 0x18, {0x3, 0x12e}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x24e}}, @code={0xa, 0x6c, {"00008013004e80d20040b8f2210180d2420080d2c30180d2c40180d2020000d4000028d5003c000e008c004f0084207e0004002f009c002f00eca07ea06782d200c0b0f2e10180d2e20180d2830180d2c40080d2020000d4"}}, @smc={0x1e, 0x40, {0xc5000021, [0x100000001, 0x7, 0x4, 0x8000000000000000]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013e081}}], 0x4e8}], 0x1, 0x0, &(0x7f0000000680)=[@featur2={0x1, 0xc2}], 0x1) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x5) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000006c0)={0x1fe, 0x1, 0x1000, 0x2000, &(0x7f0000d0f000/0x2000)=nil}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4000ae84, &(0x7f0000000700)={{0x4000, 0x5000, 0xc, 0x7f, 0x0, 0xc6, 0x8, 0x6, 0x1, 0x4, 0x7, 0x1}, {0x1, 0x54000, 0x8, 0xc, 0x6, 0x2, 0x1, 0x7, 0x1, 0x7, 0x8, 0x2}, {0x231d0000, 0x26000, 0x7, 0xf6, 0xc, 0xb, 0xcb, 0x4, 0x64, 0xd3, 0x9, 0x3}, {0xc000, 0xd000, 0x3, 0xb, 0x2, 0xea, 0x9, 0x7, 0xd3, 0x78, 0x10, 0x40}, {0x2, 0xeeee8000, 0x10, 0x4, 0x5, 0x0, 0x1, 0xff, 0x4, 0x6, 0x2, 0x4}, {0x14000, 0x4000, 0x3, 0xf7, 0xe, 0x5, 0x1, 0x6d, 0x1e, 0x81, 0x81, 0x6}, {0xf7fc5fff, 0xdddd0000, 0xf, 0x98, 0x1c, 0x7, 0x5, 0x2, 0x9, 0x80, 0xf9, 0x3}, {0x0, 0xeeef0000, 0xe, 0x7f, 0x0, 0xd, 0x5, 0x2, 0x5, 0x5, 0x2, 0x7}, {0x25000, 0x401}, {0x1, 0xa0bc}, 0x10000, 0x0, 0x18000, 0xb0404, 0x1, 0x500, 0xeeef0000, [0x9, 0x2, 0x5, 0x40]}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000840)={0x6, 0x1}) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000880)) r2 = mmap$KVM_VCPU(&(0x7f0000c25000/0x1000)=nil, 0x0, 0x2000008, 0x10, r1, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000008c0)="f6b807384c886421f39dcfa48ae1b82183e25d5d3e16abc1fa12d8631fdd5db7bd2c04bc0a01a5f4c5e8a73dcdebd7ca673f884618e23b6bc226c32746c63fe1906669f87a390fd4", 0x0, 0x48) ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f0000000980)=@attr_other={0x0, 0x1698f4a7, 0x3, &(0x7f0000000940)=0x5}) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f00000009c0)={0x9, 0x7}) ioctl$KVM_SET_REGS(r1, 0x4360ae82, &(0x7f0000000a00)={[0x6d7, 0x7, 0x4, 0xd31, 0x0, 0xf0f, 0x9, 0xd, 0x9, 0xff, 0x78b, 0x4, 0x1, 0x7, 0x7, 0x5], 0x8080000}) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000b00)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000ac0)=0x2}) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000b80)=@arm64_fw={0x6030000000140001, &(0x7f0000000b40)=0x1}) close(r3) r4 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r5 = eventfd2(0x0, 0x803) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000bc0)={0x8, 0xa000, 0x8, r5}) r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000001240)={0x0, &(0x7f0000000c00)=[@code={0xa, 0x9c, {"00809f0dc02e9ad20020b0f2e10080d2220180d2a30180d2e40080d2020000d4c0a390d20060b0f2810180d2820080d2030180d2a40180d2020000d4000028d580188fd20000b0f2a10080d2a20080d2630180d2e40080d2020000d4007008d5c05480d20000b8f2810080d2020080d2830180d2c40180d2020000d4000028d500a0400c0040c00d"}}, @hvc={0x32, 0x40, {0xc5000021, [0x2, 0x8, 0x80, 0x7fff, 0xffffffffffffffff]}}, @svc={0x122, 0x40, {0x40000000, [0x8000000000000000, 0x100000001, 0x80, 0xa7]}}, @svc={0x122, 0x40, {0x8, [0x8000000000000000, 0x0, 0x7, 0x100, 0x3]}}, @svc={0x122, 0x40, {0xc5000020, [0x3, 0x2, 0x6, 0x54da]}}, @memwrite={0x6e, 0x30, @generic={0x54000, 0x5eb, 0x0, 0xc}}, @smc={0x1e, 0x40, {0x84000000, [0x5, 0x8000, 0xfffffffffffffff9, 0xf, 0x6f2]}}, @msr={0x14, 0x20, {0x603000000013c4d3, 0x3}}, @code={0xa, 0xb4, {"000008d5000028d50000581ec02985d20000b0f2010180d2220080d2030180d2640080d2020000d4c0d396d20020b0f2810180d2820180d2830080d2a40080d2020000d4407288d20060b8f2410180d2420080d2830180d2c40080d2020000d400088078604a99d20060b8f2a10080d2220080d2c30180d2240080d2020000d4e09693d20000b8f2610180d2e20180d2e30180d2040180d2020000d40000681e"}}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xc0, 0x200, 0xc}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x16}}, @smc={0x1e, 0x40, {0x800, [0xad, 0x3, 0x5a4, 0x2, 0x3]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x50}}, @code={0xa, 0x6c, {"007008d5000008d500c0000f00b4207e406398d20060b8f2a10180d2c20180d2630180d2440180d2020000d400005fd60040ff0d000440bc40568ad20000b8f2c10180d2220180d2830180d2040180d2020000d4000028d5"}}, @eret={0xe6, 0x18, 0x81}, @mrs={0xbe, 0x18, {0x603000000013defb}}, @hvc={0x32, 0x40, {0xc4000007, [0x5, 0x400, 0x0, 0xfffffffffffffc01, 0x7]}}, @smc={0x1e, 0x40, {0x4000008, [0x62, 0x7fffffffffffffff, 0x6, 0x8000, 0x4]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x359}}, @hvc={0x32, 0x40, {0x84000050, [0x7, 0x6, 0x6, 0x6, 0x6]}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x2, 0x354}}, @hvc={0x32, 0x40, {0x3f000000, [0xfffffffffffffb5f, 0x10001, 0xffffffff, 0x3bd, 0x24af]}}, @uexit={0x0, 0x18, 0x80}, @smc={0x1e, 0x40, {0x200, [0xc5, 0x0, 0x0, 0x7dc, 0x8]}}, @mrs={0xbe, 0x18, {0x6030000000138034}}, @mrs={0xbe, 0x18, {0x603000000013e666}}], 0x634}, &(0x7f0000001280)=[@featur1={0x1, 0x41}], 0x1) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) ioctl$KVM_GET_REGS(r6, 0x8360ae81, &(0x7f00000012c0)) 31m35.990261368s ago: executing program 1 (id=522): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@its_setup={0x82, 0x28, {0x4, 0x0, 0x179}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x7, 0xb}}], 0x58}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000240)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000100)=0x19}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0x18, {0x603000000013df61}}], 0x18}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x1000002, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r7, 0x2, 0x4000010, r6, 0x0) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000000c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000100)=0x4}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) 31m34.254071434s ago: executing program 0 (id=523): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) syz_kvm_setup_cpu$arm64(r4, 0xffffffffffffffff, &(0x7f0000b60000/0x400000)=nil, &(0x7f0000000100)=[{0x0, &(0x7f0000000240)=[@mrs={0xbe, 0x18, {0x6030000000138034}}], 0x18}], 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013df57, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x531ed5e978be0a0d}], 0x1) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000}) close(r9) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r7, 0xae80, 0x0) 31m7.644865442s ago: executing program 0 (id=524): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20) ioctl$KVM_IOEVENTFD(r1, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xe3) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x11) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) close(r5) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r5, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000000)={0x9, 0x8, 0x5}) 31m7.132865657s ago: executing program 1 (id=525): r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_PRE_FAULT_MEMORY(r1, 0xc040aed5, &(0x7f0000000000)={0xa000, 0x100000}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000040)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) 30m47.870572396s ago: executing program 1 (id=526): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$KVM_CREATE_VM(r2, 0x401054d5, 0x110c230020) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0) 30m39.037866139s ago: executing program 0 (id=527): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, 0x0}) (async) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r4, 0x1, 0x180) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3a) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000240)={0x40000, 0x19000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c99000/0x1000)=nil, r9, 0x7, 0x10, r6, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df62, 0xc00000}}], 0x20}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) 30m27.874441211s ago: executing program 1 (id=528): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x24) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x603000000010002c, &(0x7f0000000000)=0x80000000}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r7, 0x40a0ae49, &(0x7f0000000140)={0x10002, 0x4, 0xeeee0000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r8, &(0x7f00000001c0), 0xe80) 30m18.69394867s ago: executing program 0 (id=529): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x1, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) r5 = mmap$KVM_VCPU(&(0x7f0000ff3000/0xb000)=nil, 0x930, 0x80000f, 0x10, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869dd2627e700", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x21) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r9, 0x0) ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000001) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x21) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2) r13 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r12, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r16, 0xc018aec0, &(0x7f0000000000)={0x10001, 0x400, 0xc0, 0x0}) close(r14) 30m1.354478838s ago: executing program 1 (id=530): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7f) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) r7 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160003, &(0x7f00000000c0)=0xf}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3}) 29m47.684580133s ago: executing program 0 (id=531): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x204000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f00000000c0)={0x1}) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r2], 0x80}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) 29m12.628231581s ago: executing program 42 (id=530): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7f) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) r7 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160003, &(0x7f00000000c0)=0xf}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3}) 28m57.147835945s ago: executing program 43 (id=531): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x204000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f00000000c0)={0x1}) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r2], 0x80}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) 13m12.06203217s ago: executing program 2 (id=565): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) r8 = eventfd2(0xd, 0x1) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) write$eventfd(r8, 0x0, 0x500) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r9, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x86000001, [0x1, 0x401, 0x5, 0x1, 0x2]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r2, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MP_STATE(r13, 0x4004ae99, 0x0) 12m55.520541497s ago: executing program 3 (id=566): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f00004dc000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138015, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_assert_reg(r7, 0x6030000000138015, 0x8000) (async) syz_kvm_assert_reg(r7, 0x6030000000138015, 0x8000) 12m47.522386783s ago: executing program 2 (id=567): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x9) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r2 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x5, 0x5, &(0x7f0000000040)=0x5}) close(r2) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f00000000c0)={0x60000, 0x70000, 0xd2d5, 0x0, 0x8}) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x7) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x6}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3c) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000180)={0x0, 0x103000, 0x1}) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f00000001c0)={0x3c758133, 0x8, 0x4}) ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000200)={0x7000, 0x4000}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000240)) ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x7) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2b) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r5, 0x4068aea3, &(0x7f00000002c0)) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x200000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1b) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3e) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000380)={0x4, 0xebd}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000003c0)={0x2, 0x1, 0xc000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) r10 = ioctl$KVM_GET_STATS_FD_vm(r8, 0xaece) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000006c0)={0x0, &(0x7f0000000400)=[@svc={0x122, 0x40, {0x3000000, [0x4, 0x6, 0x474, 0x6, 0x100]}}, @msr={0x14, 0x20, {0x603000000013e2b0, 0x3}}, @smc={0x1e, 0x40, {0x84000050, [0x1, 0xbc, 0x80, 0x8, 0x8001]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x17f}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xe, 0x0, 0xe}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x14, 0x81, 0xc}}, @uexit={0x0, 0x18, 0x3}, @hvc={0x32, 0x40, {0x8400000e, [0x4, 0xffffffffffffff73, 0x7ff, 0x81, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x7, 0x8}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x3c8}}, @smc={0x1e, 0x40, {0x8400000d, [0x80000000, 0x8, 0x4, 0x7, 0x80000001]}}, @mrs={0xbe, 0x18, {0x603000000013800c}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0xfb}}, @irq_setup={0x46, 0x18, {0x3, 0x268}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0xd, 0x0, 0x2, 0x3}}], 0x290}, &(0x7f0000000700)=[@featur1={0x1, 0x32}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f0000000740)={0x2710, 0x6, 0x54000, 0x2000, &(0x7f0000c7a000/0x2000)=nil, 0x2, r1}) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000800)={0x2079, 0x1, 0x81}) 12m34.263122297s ago: executing program 3 (id=568): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000180)=@arm64_ccsidr={0x6020000000111086, 0x0}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f00009d5000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0x8100000001, 0x51a8) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x8090000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000}) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000100)={0x9, [0x4, 0x6, 0x0, 0x2, 0x2, 0xdf, 0x43, 0x453, 0x6]}) 12m31.53056588s ago: executing program 2 (id=569): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r5 = syz_kvm_vgic_v3_setup(r4, 0x3, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000240)=0x80000001}) (async) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000240)=0x80000001}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000280)="fb4149dd033be3ac2cc4a22332a77b23b00986814d7bb14cb15580270c7995082f00000000010000005a9610fbff67521ce16f8f1f449b7a835673312b7fc869d22627e700", 0x0, 0x4f) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000280)="fb4149dd033be3ac2cc4a22332a77b23b00986814d7bb14cb15580270c7995082f00000000010000005a9610fbff67521ce16f8f1f449b7a835673312b7fc869d22627e700", 0x0, 0x4f) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x3, 0x11, r2, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x8600, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x90, &(0x7f0000000000)=0x10001}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x90, &(0x7f0000000000)=0x10001}) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x1}) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r14, 0x400454d8, 0x110c23000a) (async) ioctl$KVM_CREATE_VM(r14, 0x400454d8, 0x110c23000a) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x2}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000000c0)={0x5038, 0x3}) openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0) 12m10.239816501s ago: executing program 2 (id=570): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@its_setup={0x82, 0x28, {0x4, 0x0, 0x179}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0xffffffffffffffff, 0xb}}], 0x58}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12m6.942591812s ago: executing program 3 (id=571): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000040)={0x3, 0x3, 0x7}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x8, 0x2, 0x1}}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_vgic_v3_setup(r6, 0x2, 0x100) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd8e9, 0x0, 0x0}) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000300)=@attr_other={0x0, 0x0, 0x8c3, &(0x7f0000000280)=0x3}) r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10000) ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x77) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x191301, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0x80111500, 0x20000000) write$eventfd(r10, &(0x7f0000000000), 0xfffffdef) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$KVM_CREATE_VM(r11, 0x5452, 0x2000fdfd) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x4) ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000340)={0x101fe, 0x1c0, 0xc0, &(0x7f0000000400)=[0x6, 0x6, 0x9, 0x4, 0xfffffffffffffffb, 0x80000001, 0xa38, 0x7fffffff, 0x2, 0x0, 0x3, 0x1000, 0x15, 0x5, 0x4, 0x2, 0x8, 0x3, 0x80, 0xffffffffffffd637, 0x5, 0x2, 0xe494, 0x1000000007, 0x6, 0x6, 0x5, 0xafa, 0x3, 0x6, 0x4, 0xfffffffffffffffa, 0x4, 0x3, 0x52a, 0x10001, 0x5, 0x10, 0x0, 0x7ff, 0x6, 0x7f800000000, 0x9, 0x3, 0xb, 0x289d, 0x2, 0x40000000000, 0x7fffffff, 0x101, 0x5, 0x1, 0x1, 0x9, 0x6, 0x0, 0xd, 0x3, 0x6, 0x9, 0x84, 0xdb9, 0xffffffffffffffff, 0x5, 0x9, 0x8001, 0x5, 0x400, 0xf, 0x8, 0x2ca, 0xff, 0x2, 0xfffffffffffffff9, 0x8000000000000001, 0x9, 0x60000000000000, 0xff8, 0xb, 0x9, 0x1002, 0x8, 0x20000000000, 0x6, 0x0, 0xe60, 0x9, 0xfffffffffffffffa, 0x7, 0x7ffffffe, 0x8, 0x67, 0x2, 0xa, 0x9b8, 0x4, 0x118d, 0x7, 0x305, 0xffffffff, 0x5, 0x4, 0x2, 0x1, 0x2, 0x0, 0x2, 0x3, 0x10001, 0x8, 0x2, 0x400, 0x1, 0x7, 0x800, 0xc22, 0x8001, 0xfffffffffffffffb, 0x401, 0x4, 0x8, 0x7f, 0x3, 0x0, 0x3, 0x0, 0x7fffffff]}) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r12 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x6c, &(0x7f00000002c0)=0x2c172c22}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x2735, 0x6, &(0x7f00000003c0)=0x5}) ioctl$KVM_RUN(r13, 0xae80, 0x0) 11m45.635017693s ago: executing program 2 (id=572): r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3a) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000de5000/0x4000)=nil, 0x930, 0x1000008, 0x4000010, 0xffffffffffffffff, 0x0) (async) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async) r6 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x3, 0x4, &(0x7f0000000000)=0x2000000000000000}) (async) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xffffffffffffffff) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000440)=[@msr={0x14, 0x20, {0x6030000000138017, 0x8004}}, @irq_setup={0x46, 0x18, {0x0, 0x2e5}}, @msr={0x14, 0x20, {0x6014, 0x8000}}, @msr={0x14, 0x20, {0x603000000013e081, 0x8000}}, @msr={0x14, 0x20, {0x60300000001383c6, 0x8000}}, @smc={0x1e, 0x40, {0x8, [0xc5, 0x6d48fa41, 0x6, 0x14c6b6f7, 0x8]}}, @msr={0x14, 0x20, {0x603000000013c011, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c2a5, 0x8001}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xf2c, 0x10001, 0xf5789832e84ae660}}, @eret={0xe6, 0x18, 0x3}], 0x160}, 0x0, 0x0) (async) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r12 = mmap$KVM_VCPU(&(0x7f0000fd9000/0x1000)=nil, r11, 0x3, 0x8010, r10, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r12, 0xffffffffffffffff) (async) syz_kvm_assert_reg(r10, 0x6030000000138017, 0x7ffe) (async) syz_kvm_assert_reg(r10, 0x603000000013801f, 0x8000) syz_kvm_assert_reg(r10, 0x6030000000138084, 0x8000) syz_kvm_assert_reg(r10, 0x603000000013809c, 0x8000) (async) syz_kvm_assert_reg(r10, 0x60300000001383c6, 0x8000) (async) syz_kvm_assert_reg(r10, 0x60300000001383ce, 0x8000) syz_kvm_assert_reg(r10, 0x6030000000139828, 0x8000) syz_kvm_assert_reg(r10, 0x6030000000139828, 0x8000) syz_kvm_assert_reg(r10, 0x603000000013c083, 0x800000008000) syz_kvm_assert_reg(r5, 0x9, 0x8000) (async) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000180)=@arm64_fp={0x60400000001000b2, &(0x7f0000000140)=0x3}) 11m39.264920662s ago: executing program 3 (id=573): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a00ed}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) 11m28.385423129s ago: executing program 2 (id=574): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) (async) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r2 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000140)={0x0, 0xb}) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x8001, 0x4}}], 0x28}, 0x0, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c201, &(0x7f00000000c0)=0x2000000006db}) (async, rerun: 32) r11 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (rerun: 32) r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x17) ioctl$KVM_RESET_DIRTY_RINGS(r12, 0xaec7) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x10, 0x5, &(0x7f0000000000)=0x10001}) (async, rerun: 64) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000280)=@arm64_sys={0x603000000013de99, &(0x7f0000000240)}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) r14 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async) r16 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) 11m20.302530205s ago: executing program 3 (id=575): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x1c801, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1}) 11m5.898169016s ago: executing program 3 (id=576): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x5c700, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) (async) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) 10m40.287498983s ago: executing program 44 (id=574): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) (async) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r2 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000140)={0x0, 0xb}) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x8001, 0x4}}], 0x28}, 0x0, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c201, &(0x7f00000000c0)=0x2000000006db}) (async, rerun: 32) r11 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (rerun: 32) r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x17) ioctl$KVM_RESET_DIRTY_RINGS(r12, 0xaec7) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x10, 0x5, &(0x7f0000000000)=0x10001}) (async, rerun: 64) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000280)=@arm64_sys={0x603000000013de99, &(0x7f0000000240)}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) r14 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async) r16 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10m17.366962339s ago: executing program 45 (id=576): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x5c700, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) (async) ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) 1m25.872778625s ago: executing program 5 (id=577): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r2, &(0x7f00000001c0)=0xffffff7f, 0xff25) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) 1m13.17416155s ago: executing program 4 (id=578): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x0, 0x2000000, 0x8010, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000065b000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x1000000, 0x20010, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x0, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x3000007, 0x11, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x10c010, 0xffffffffffffffff, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r5, 0x5760, 0x2000001c) (async) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r3, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000d56000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 1m4.448809499s ago: executing program 5 (id=579): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x28240, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x1, 0x0, &(0x7f0000db9000/0x3000)=nil}) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=[@featur1={0x1, 0x4}], 0x1) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=[@featur1={0x1, 0x4}], 0x1) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}, &(0x7f0000000000)=[@featur2={0x1, 0x2}], 0x1) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x12) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x3, 0xa0) ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f00000002c0)={0x0, 0x0, {[0x3, 0x1ff, 0xfb, 0x6c45, 0x2, 0xfffffffffffffffb, 0x4, 0x100000000, 0x8001, 0x5, 0x4, 0x6, 0x6, 0x7ff, 0xd, 0x100], [0x800, 0x6, 0x8, 0x101, 0x1, 0x5, 0x8000, 0x80000000, 0x3, 0x1, 0x1, 0x26e96535, 0x101, 0x7ffffffb, 0x4, 0x800], [0x5, 0x1, 0x9, 0x3, 0x80000000, 0xfffffffffffffc01, 0x327, 0x6, 0xff, 0x4, 0x3, 0x8, 0x0, 0x2, 0x224, 0x802], [0xdc31, 0x1, 0xfffffffffffffffd, 0x1, 0x3, 0x7, 0xfd7, 0x8, 0xd, 0x1, 0x5, 0x7fff, 0x1ff, 0x2, 0x7fff, 0x3]}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x500, 0x0}) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) 57.403891888s ago: executing program 4 (id=580): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = eventfd2(0x8, 0x80800) r7 = eventfd2(0x8, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x4, 0x25000, 0x0, r7, 0x2}) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x8000000000000002, 0x0, 0x2, r6, 0x2}) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0xc000, 0x2, r7, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000001c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000100)=0x7}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, r11, 0x0) 50.304763603s ago: executing program 5 (id=581): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x5421, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000180)) 9.850012659s ago: executing program 46 (id=580): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = eventfd2(0x8, 0x80800) r7 = eventfd2(0x8, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x4, 0x25000, 0x0, r7, 0x2}) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x8000000000000002, 0x0, 0x2, r6, 0x2}) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0xc000, 0x2, r7, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000001c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000100)=0x7}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, r11, 0x0) 0s ago: executing program 47 (id=581): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x5421, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000180)) kernel console output (not intermixed with test programs): [ 389.705736][ T3166] 8021q: adding VLAN 0 to HW filter on device bond0 [ 424.636240][ T3166] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:32498' (ED25519) to the list of known hosts. [ 604.261605][ T25] audit: type=1400 audit(603.440:61): avc: denied { name_bind } for pid=3319 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 606.742627][ T25] audit: type=1400 audit(605.920:62): avc: denied { execute } for pid=3320 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 606.793976][ T25] audit: type=1400 audit(605.980:63): avc: denied { execute_no_trans } for pid=3320 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 631.301845][ T25] audit: type=1400 audit(630.480:64): avc: denied { mounton } for pid=3320 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 631.351783][ T25] audit: type=1400 audit(630.530:65): avc: denied { mount } for pid=3320 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 631.436681][ T3320] cgroup: Unknown subsys name 'net' [ 631.514779][ T25] audit: type=1400 audit(630.700:66): avc: denied { unmount } for pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 631.999413][ T3320] cgroup: Unknown subsys name 'cpuset' [ 632.143069][ T3320] cgroup: Unknown subsys name 'rlimit' [ 633.119667][ T25] audit: type=1400 audit(632.300:67): avc: denied { setattr } for pid=3320 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 633.149454][ T25] audit: type=1400 audit(632.330:68): avc: denied { mounton } for pid=3320 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 633.162008][ T25] audit: type=1400 audit(632.340:69): avc: denied { mount } for pid=3320 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 634.825290][ T3329] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 634.843860][ T25] audit: type=1400 audit(634.020:70): avc: denied { relabelto } for pid=3329 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 634.885459][ T25] audit: type=1400 audit(634.070:71): avc: denied { write } for pid=3329 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 635.196567][ T25] audit: type=1400 audit(634.380:72): avc: denied { read } for pid=3320 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 635.235141][ T25] audit: type=1400 audit(634.400:73): avc: denied { open } for pid=3320 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 635.295718][ T3320] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 687.992924][ T25] audit: type=1400 audit(687.140:74): avc: denied { execmem } for pid=3330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 692.285818][ T25] audit: type=1400 audit(691.470:75): avc: denied { read } for pid=3332 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 692.309109][ T25] audit: type=1400 audit(691.490:76): avc: denied { open } for pid=3332 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 692.391795][ T25] audit: type=1400 audit(691.560:77): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 692.677529][ T25] audit: type=1400 audit(691.860:78): avc: denied { module_request } for pid=3333 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 693.647999][ T25] audit: type=1400 audit(692.820:79): avc: denied { sys_module } for pid=3332 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 720.159208][ T3332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 720.242303][ T3333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 720.316655][ T3332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 720.373893][ T3333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 732.346067][ T3332] hsr_slave_0: entered promiscuous mode [ 732.374796][ T3332] hsr_slave_1: entered promiscuous mode [ 733.338125][ T3333] hsr_slave_0: entered promiscuous mode [ 733.377224][ T3333] hsr_slave_1: entered promiscuous mode [ 733.411894][ T3333] debugfs: 'hsr0' already exists in 'hsr' [ 733.416163][ T3333] Cannot create hsr debugfs directory [ 739.101445][ T25] audit: type=1400 audit(738.270:80): avc: denied { create } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 739.131684][ T25] audit: type=1400 audit(738.300:81): avc: denied { write } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 739.181457][ T25] audit: type=1400 audit(738.360:82): avc: denied { read } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 739.351470][ T3332] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 739.752257][ T3332] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 740.084651][ T3332] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 740.373149][ T3332] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 741.955687][ T3333] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 742.131582][ T3333] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 742.259430][ T3333] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 742.428972][ T3333] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 754.506827][ T3332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 756.457474][ T3333] 8021q: adding VLAN 0 to HW filter on device bond0 [ 808.533450][ T3332] veth0_vlan: entered promiscuous mode [ 809.134906][ T3332] veth1_vlan: entered promiscuous mode [ 810.927566][ T3333] veth0_vlan: entered promiscuous mode [ 811.524586][ T3332] veth0_macvtap: entered promiscuous mode [ 811.765501][ T3333] veth1_vlan: entered promiscuous mode [ 811.992312][ T3332] veth1_macvtap: entered promiscuous mode [ 814.537186][ T2130] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.546328][ T2130] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.572765][ T2130] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.626691][ T2130] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.676583][ T3333] veth0_macvtap: entered promiscuous mode [ 815.115114][ T3333] veth1_macvtap: entered promiscuous mode [ 817.282062][ T25] audit: type=1400 audit(816.450:83): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 817.692344][ T25] audit: type=1400 audit(816.870:84): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/syzkaller.pHq2gE/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 817.889212][ T25] audit: type=1400 audit(817.070:85): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 818.434387][ T25] audit: type=1400 audit(817.620:86): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/syzkaller.pHq2gE/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 818.594487][ T25] audit: type=1400 audit(817.740:87): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/syzkaller.pHq2gE/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3788 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 818.687093][ T3350] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.705513][ T3350] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.732559][ T3350] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.750698][ T3350] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 819.745618][ T25] audit: type=1400 audit(818.840:88): avc: denied { unmount } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 820.076206][ T25] audit: type=1400 audit(819.260:89): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 820.241535][ T25] audit: type=1400 audit(819.420:90): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="gadgetfs" ino=3799 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 820.786338][ T25] audit: type=1400 audit(819.970:91): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 820.966931][ T25] audit: type=1400 audit(820.150:92): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 822.655506][ T3332] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 824.173492][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 824.203403][ T25] audit: type=1400 audit(823.270:94): avc: denied { read write } for pid=3332 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 824.228391][ T25] audit: type=1400 audit(823.350:95): avc: denied { open } for pid=3332 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 824.322119][ T25] audit: type=1400 audit(823.440:96): avc: denied { ioctl } for pid=3332 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 836.581652][ T25] audit: type=1400 audit(835.750:97): avc: denied { read append } for pid=3485 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 836.606407][ T25] audit: type=1400 audit(835.790:98): avc: denied { open } for pid=3485 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 836.946368][ T25] audit: type=1400 audit(836.130:99): avc: denied { ioctl } for pid=3485 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 840.858693][ T25] audit: type=1400 audit(840.040:100): avc: denied { write } for pid=3487 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 903.742828][ T25] audit: type=1400 audit(902.880:101): avc: denied { execute } for pid=3527 comm="syz.0.12" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4421 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 926.021729][ T25] audit: type=1400 audit(925.170:102): avc: denied { ioctl } for pid=3545 comm="syz.0.18" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1104.577464][ T3655] kvm [3654]: Unsupported guest access at: eeef0000 [ 1104.577464][ T3655] { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1446.264863][ T3809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1446.503534][ T3809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1454.461970][ T3815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1454.675369][ T3815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1468.497783][ T3809] hsr_slave_0: entered promiscuous mode [ 1468.578591][ T3809] hsr_slave_1: entered promiscuous mode [ 1468.653075][ T3809] debugfs: 'hsr0' already exists in 'hsr' [ 1468.656350][ T3809] Cannot create hsr debugfs directory [ 1477.173922][ T3815] hsr_slave_0: entered promiscuous mode [ 1477.207390][ T3815] hsr_slave_1: entered promiscuous mode [ 1477.229489][ T3815] debugfs: 'hsr0' already exists in 'hsr' [ 1477.248527][ T3815] Cannot create hsr debugfs directory [ 1488.064107][ T3809] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1489.641211][ T3809] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1490.743728][ T3809] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1491.655391][ T3809] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1499.247347][ T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1501.076026][ T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1502.716151][ T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1504.605642][ T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1506.052964][ T3815] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1506.463583][ T3815] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1506.909391][ T3815] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1507.484129][ T3815] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1520.458933][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1520.555651][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1520.704056][ T35] bond0 (unregistering): Released all slaves [ 1522.722975][ T35] hsr_slave_0: left promiscuous mode [ 1522.831353][ T35] hsr_slave_1: left promiscuous mode [ 1523.722017][ T35] veth1_macvtap: left promiscuous mode [ 1523.724090][ T35] veth0_macvtap: left promiscuous mode [ 1523.763520][ T35] veth1_vlan: left promiscuous mode [ 1523.782865][ T35] veth0_vlan: left promiscuous mode [ 1546.954190][ T3809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1548.413936][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1549.708793][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1551.105426][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1552.745065][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1573.516711][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1573.623239][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1573.704485][ T35] bond0 (unregistering): Released all slaves [ 1575.082895][ T35] hsr_slave_0: left promiscuous mode [ 1575.159599][ T35] hsr_slave_1: left promiscuous mode [ 1575.911402][ T35] veth1_macvtap: left promiscuous mode [ 1575.914952][ T35] veth0_macvtap: left promiscuous mode [ 1575.954684][ T35] veth1_vlan: left promiscuous mode [ 1575.961672][ T35] veth0_vlan: left promiscuous mode [ 1592.032844][ T3815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1659.804901][ T3809] veth0_vlan: entered promiscuous mode [ 1660.647566][ T3809] veth1_vlan: entered promiscuous mode [ 1663.502662][ T3809] veth0_macvtap: entered promiscuous mode [ 1664.095193][ T3809] veth1_macvtap: entered promiscuous mode [ 1667.278956][ T35] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1667.414850][ T35] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1667.445194][ T3350] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1667.484475][ T3350] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1683.383308][ T3815] veth0_vlan: entered promiscuous mode [ 1684.642519][ T3815] veth1_vlan: entered promiscuous mode [ 1688.173251][ T3815] veth0_macvtap: entered promiscuous mode [ 1688.795646][ T3815] veth1_macvtap: entered promiscuous mode [ 1693.084666][ T35] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1693.088716][ T35] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1693.111922][ T35] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1693.162264][ T35] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1709.613635][ T25] audit: type=1400 audit(1708.770:103): avc: denied { setattr } for pid=4013 comm="syz.3.101" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1931.351461][ T25] audit: type=1400 audit(1930.520:104): avc: denied { map } for pid=4158 comm="syz.3.133" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 1943.201878][ T25] audit: type=1400 audit(1942.370:105): avc: denied { map } for pid=4165 comm="syz.2.134" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1943.281458][ T25] audit: type=1400 audit(1942.430:106): avc: denied { execute } for pid=4165 comm="syz.2.134" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2381.178768][ T3425] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2382.608886][ T3425] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2383.909557][ T3425] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2385.674061][ T3425] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2404.981162][ T3425] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2405.607501][ T3425] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2405.942897][ T3425] bond0 (unregistering): Released all slaves [ 2408.074006][ T3425] hsr_slave_0: left promiscuous mode [ 2408.167938][ T3425] hsr_slave_1: left promiscuous mode [ 2408.740904][ T3425] veth1_macvtap: left promiscuous mode [ 2408.742177][ T3425] veth0_macvtap: left promiscuous mode [ 2408.787230][ T3425] veth1_vlan: left promiscuous mode [ 2408.792764][ T3425] veth0_vlan: left promiscuous mode [ 2430.535707][ T3425] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2431.654825][ T3425] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2432.396793][ T3425] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2434.039197][ T3425] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2453.322985][ T3425] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2453.474515][ T3425] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2453.591377][ T3425] bond0 (unregistering): Released all slaves [ 2455.390832][ T3425] hsr_slave_0: left promiscuous mode [ 2455.500776][ T3425] hsr_slave_1: left promiscuous mode [ 2456.051969][ T3425] veth1_macvtap: left promiscuous mode [ 2456.055416][ T3425] veth0_macvtap: left promiscuous mode [ 2456.111937][ T3425] veth1_vlan: left promiscuous mode [ 2456.115888][ T3425] veth0_vlan: left promiscuous mode [ 2484.752405][ T4407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2484.956490][ T4407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2490.508515][ T4416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2490.743818][ T4416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2509.293978][ T4407] hsr_slave_0: entered promiscuous mode [ 2509.385878][ T4407] hsr_slave_1: entered promiscuous mode [ 2517.518989][ T4416] hsr_slave_0: entered promiscuous mode [ 2517.566697][ T4416] hsr_slave_1: entered promiscuous mode [ 2517.610659][ T4416] debugfs: 'hsr0' already exists in 'hsr' [ 2517.613921][ T4416] Cannot create hsr debugfs directory [ 2532.931592][ T4407] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2533.458667][ T4407] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2533.948965][ T4407] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2534.219584][ T4407] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2539.298911][ T4416] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2539.667953][ T4416] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2540.108917][ T4416] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2540.623886][ T4416] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2561.767158][ T4407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2566.769360][ T4416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2691.537981][ T4407] veth0_vlan: entered promiscuous mode [ 2692.744375][ T4407] veth1_vlan: entered promiscuous mode [ 2696.955798][ T4416] veth0_vlan: entered promiscuous mode [ 2698.793214][ T4407] veth0_macvtap: entered promiscuous mode [ 2699.443599][ T4416] veth1_vlan: entered promiscuous mode [ 2700.032684][ T4407] veth1_macvtap: entered promiscuous mode [ 2705.842578][ T4416] veth0_macvtap: entered promiscuous mode [ 2706.513834][ T50] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2706.522270][ T50] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2706.627405][ T4418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2706.753320][ T4418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2707.205819][ T4416] veth1_macvtap: entered promiscuous mode [ 2714.288632][ T3886] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2714.342064][ T3886] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2714.351245][ T3886] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2714.352195][ T3886] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2814.048246][ T25] audit: type=1400 audit(2813.200:107): avc: denied { create } for pid=4708 comm="syz.4.196" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 3543.177276][ T4418] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3545.107302][ T4418] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3547.445396][ T4418] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3549.593733][ T4418] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3575.248108][ T4418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3575.436754][ T4418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3575.595048][ T4418] bond0 (unregistering): Released all slaves [ 3577.733384][ T4418] hsr_slave_0: left promiscuous mode [ 3578.252937][ T4418] hsr_slave_1: left promiscuous mode [ 3579.773094][ T4418] veth1_macvtap: left promiscuous mode [ 3579.816137][ T4418] veth0_macvtap: left promiscuous mode [ 3579.852270][ T4418] veth1_vlan: left promiscuous mode [ 3579.857323][ T4418] veth0_vlan: left promiscuous mode [ 3623.236547][ T4418] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3624.883494][ T4418] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3626.365070][ T4418] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3627.347855][ T4418] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3647.289182][ T4418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3647.585296][ T4418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3647.892825][ T4418] bond0 (unregistering): Released all slaves [ 3649.463858][ T4418] hsr_slave_0: left promiscuous mode [ 3649.546201][ T4418] hsr_slave_1: left promiscuous mode [ 3650.200791][ T4418] veth1_macvtap: left promiscuous mode [ 3650.204339][ T4418] veth0_macvtap: left promiscuous mode [ 3650.236831][ T4418] veth1_vlan: left promiscuous mode [ 3650.256426][ T4418] veth0_vlan: left promiscuous mode [ 3709.887261][ T5078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3710.833682][ T5078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3712.018718][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3713.318058][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3744.708853][ T5078] hsr_slave_0: entered promiscuous mode [ 3744.774603][ T5078] hsr_slave_1: entered promiscuous mode [ 3747.198047][ T5082] hsr_slave_0: entered promiscuous mode [ 3747.287338][ T5082] hsr_slave_1: entered promiscuous mode [ 3747.349453][ T5082] debugfs: 'hsr0' already exists in 'hsr' [ 3747.353617][ T5082] Cannot create hsr debugfs directory [ 3765.022666][ T5078] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 3765.716477][ T5078] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 3766.185768][ T5078] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 3766.588189][ T5078] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 3772.259310][ T5082] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3772.951971][ T5082] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3773.467832][ T5082] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3774.126518][ T5082] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3804.815355][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3811.886704][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3957.884780][ T5078] veth0_vlan: entered promiscuous mode [ 3959.471400][ T5078] veth1_vlan: entered promiscuous mode [ 3965.055803][ T5082] veth0_vlan: entered promiscuous mode [ 3965.785478][ T5078] veth0_macvtap: entered promiscuous mode [ 3966.997637][ T5078] veth1_macvtap: entered promiscuous mode [ 3968.184407][ T5082] veth1_vlan: entered promiscuous mode [ 3974.862243][ T5080] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3974.892987][ T2130] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3974.893975][ T2130] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3974.894822][ T2130] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3976.083933][ T5082] veth0_macvtap: entered promiscuous mode [ 3977.558003][ T5082] veth1_macvtap: entered promiscuous mode [ 3984.873077][ T3886] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3985.071094][ T3886] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3985.072289][ T3886] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3985.085377][ T3886] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4435.764344][ T50] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4439.948462][ T50] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4442.656480][ T50] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4445.468768][ T50] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4480.741446][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4481.842454][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4482.244768][ T50] bond0 (unregistering): Released all slaves [ 4485.066078][ T50] hsr_slave_0: left promiscuous mode [ 4485.251102][ T50] hsr_slave_1: left promiscuous mode [ 4487.061704][ T50] veth1_macvtap: left promiscuous mode [ 4487.075225][ T50] veth0_macvtap: left promiscuous mode [ 4487.077442][ T50] veth1_vlan: left promiscuous mode [ 4487.079076][ T50] veth0_vlan: left promiscuous mode [ 4605.781319][ T25] audit: type=1400 audit(4604.960:108): avc: denied { map } for pid=5609 comm="syz.7.330" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=24968 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 4605.881691][ T25] audit: type=1400 audit(4605.040:109): avc: denied { read } for pid=5609 comm="syz.7.330" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=24968 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 4623.378346][ T5541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4623.904108][ T5541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4675.757720][ T5541] hsr_slave_0: entered promiscuous mode [ 4676.005152][ T5541] hsr_slave_1: entered promiscuous mode [ 4708.495239][ T5541] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 4709.394784][ T5541] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 4710.032687][ T5541] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 4710.732462][ T5541] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 4757.408708][ T5541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4886.085744][ T3784] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4888.495033][ T3784] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4891.033854][ T3784] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4893.264349][ T3784] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4925.537579][ T3784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4926.183038][ T3784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4926.509330][ T3784] bond0 (unregistering): Released all slaves [ 4929.435010][ T3784] hsr_slave_0: left promiscuous mode [ 4929.612536][ T3784] hsr_slave_1: left promiscuous mode [ 4930.662710][ T3784] veth1_macvtap: left promiscuous mode [ 4930.706282][ T3784] veth0_macvtap: left promiscuous mode [ 4930.708531][ T3784] veth1_vlan: left promiscuous mode [ 4930.763745][ T3784] veth0_vlan: left promiscuous mode [ 5030.848932][ T5739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5031.841986][ T5739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5084.466909][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5084.727656][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5084.916194][ T4564] bond0 (unregistering): Released all slaves [ 5088.193255][ T4564] hsr_slave_0: left promiscuous mode [ 5088.535732][ T4564] hsr_slave_1: left promiscuous mode [ 5133.408942][ T5739] hsr_slave_0: entered promiscuous mode [ 5133.532737][ T5739] hsr_slave_1: entered promiscuous mode [ 5157.376504][ T5739] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 5158.059406][ T5739] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 5159.317993][ T5739] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 5159.955584][ T5739] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 5200.371719][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5200.599604][ T5739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5200.864090][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5248.087828][ T5820] hsr_slave_0: entered promiscuous mode [ 5248.265413][ T5820] hsr_slave_1: entered promiscuous mode [ 5248.364015][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 5248.384246][ T5820] Cannot create hsr debugfs directory [ 5286.412704][ T5820] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 5287.147947][ T5820] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 5287.816481][ T5820] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 5288.542597][ T5820] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 5332.044313][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5393.212803][ T5739] veth0_vlan: entered promiscuous mode [ 5394.838257][ T5739] veth1_vlan: entered promiscuous mode [ 5400.517444][ T5739] veth0_macvtap: entered promiscuous mode [ 5401.766242][ T5739] veth1_macvtap: entered promiscuous mode [ 5407.246185][ T5084] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5407.282638][ T3381] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5407.316741][ T3381] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5407.647561][ T3381] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5553.788778][ T5820] veth0_vlan: entered promiscuous mode [ 5555.718711][ T5820] veth1_vlan: entered promiscuous mode [ 5561.474466][ T5820] veth0_macvtap: entered promiscuous mode [ 5562.633086][ T5820] veth1_macvtap: entered promiscuous mode [ 5570.002589][ T5747] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5570.043694][ T5747] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5570.094880][ T5545] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5570.136439][ T2130] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5874.968948][ T5545] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5879.036965][ T5545] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5881.222016][ T5545] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5883.343426][ T5545] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5911.574491][ T5545] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5912.084882][ T5545] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5912.496821][ T5545] bond0 (unregistering): Released all slaves [ 5914.932668][ T5545] hsr_slave_0: left promiscuous mode [ 5915.112933][ T5545] hsr_slave_1: left promiscuous mode [ 5916.362836][ T5545] veth1_macvtap: left promiscuous mode [ 5916.372236][ T5545] veth0_macvtap: left promiscuous mode [ 5916.374450][ T5545] veth1_vlan: left promiscuous mode [ 5916.375980][ T5545] veth0_vlan: left promiscuous mode [ 5961.367801][ T5080] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5963.426352][ T5080] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5965.972986][ T5080] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5967.754451][ T5080] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6005.247254][ T5080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6005.557555][ T5080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6005.772939][ T5080] bond0 (unregistering): Released all slaves [ 6008.082291][ T5080] hsr_slave_0: left promiscuous mode [ 6008.149203][ T5080] hsr_slave_1: left promiscuous mode [ 6008.992007][ T5080] veth1_macvtap: left promiscuous mode [ 6008.993408][ T5080] veth0_macvtap: left promiscuous mode [ 6009.007054][ T5080] veth1_vlan: left promiscuous mode [ 6009.014263][ T5080] veth0_vlan: left promiscuous mode [ 6094.562542][ T6180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6096.396860][ T6180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6098.046040][ T6185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6099.786015][ T6185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6140.442377][ T6180] hsr_slave_0: entered promiscuous mode [ 6140.553002][ T6180] hsr_slave_1: entered promiscuous mode [ 6145.851458][ T6185] hsr_slave_0: entered promiscuous mode [ 6145.945042][ T6185] hsr_slave_1: entered promiscuous mode [ 6146.063069][ T6185] debugfs: 'hsr0' already exists in 'hsr' [ 6146.094207][ T6185] Cannot create hsr debugfs directory [ 6190.758561][ T6180] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 6191.566912][ T6180] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 6192.013975][ T6180] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 6192.422954][ T6180] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 6199.627831][ T6185] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 6200.178853][ T6185] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 6200.648801][ T6185] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 6201.262294][ T6185] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 6235.518497][ T6180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6244.456192][ T6185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6390.499487][ T6180] veth0_vlan: entered promiscuous mode [ 6392.276426][ T6180] veth1_vlan: entered promiscuous mode [ 6398.663025][ T6180] veth0_macvtap: entered promiscuous mode [ 6399.943254][ T6185] veth0_vlan: entered promiscuous mode [ 6400.235150][ T6180] veth1_macvtap: entered promiscuous mode [ 6403.018042][ T6185] veth1_vlan: entered promiscuous mode [ 6408.462165][ T4418] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6408.682868][ T5084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6408.684696][ T5084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6408.695368][ T5084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6412.497694][ T6185] veth0_macvtap: entered promiscuous mode [ 6414.646302][ T6185] veth1_macvtap: entered promiscuous mode [ 6422.301512][ T6397] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6422.464394][ T3381] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6422.666252][ T5284] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6422.701481][ T6397] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 8496.227230][ T5084] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8498.862437][ T5084] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8501.528199][ T5084] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8504.657846][ T5084] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8539.276453][ T5084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8539.627345][ T5084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8540.096799][ T5084] bond0 (unregistering): Released all slaves [ 8545.243191][ T5084] hsr_slave_0: left promiscuous mode [ 8545.433466][ T5084] hsr_slave_1: left promiscuous mode [ 8546.932682][ T5084] veth1_macvtap: left promiscuous mode [ 8546.951980][ T5084] veth0_macvtap: left promiscuous mode [ 8546.954164][ T5084] veth1_vlan: left promiscuous mode [ 8546.955702][ T5084] veth0_vlan: left promiscuous mode [ 8607.213006][ T5284] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8609.488806][ T5284] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8611.448199][ T5284] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8614.312381][ T5284] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8648.878592][ T5284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8649.445397][ T5284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8649.624835][ T5284] bond0 (unregistering): Released all slaves [ 8652.492825][ T5284] hsr_slave_0: left promiscuous mode [ 8652.641282][ T5284] hsr_slave_1: left promiscuous mode [ 8653.821148][ T5284] veth1_macvtap: left promiscuous mode [ 8653.822526][ T5284] veth0_macvtap: left promiscuous mode [ 8653.847301][ T5284] veth1_vlan: left promiscuous mode [ 8653.924085][ T5284] veth0_vlan: left promiscuous mode [ 8718.886690][ T7263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8719.286617][ T7263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8726.024199][ T7270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8726.543918][ T7270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8762.089340][ T7263] hsr_slave_0: entered promiscuous mode [ 8762.265619][ T7263] hsr_slave_1: entered promiscuous mode [ 8768.742493][ T7270] hsr_slave_0: entered promiscuous mode [ 8768.767795][ T7270] hsr_slave_1: entered promiscuous mode [ 8768.832973][ T7270] debugfs: 'hsr0' already exists in 'hsr' [ 8768.851101][ T7270] Cannot create hsr debugfs directory [ 8815.391751][ T7263] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 8816.095381][ T7263] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 8816.526127][ T7263] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 8817.842757][ T7263] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 8823.652869][ T7270] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 8824.163083][ T7270] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 8824.673849][ T7270] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 8825.236391][ T7270] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 8856.103079][ T7263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8864.205961][ T7270] 8021q: adding VLAN 0 to HW filter on device bond0 [ 8999.365022][ T7263] veth0_vlan: entered promiscuous mode [ 9001.232970][ T7263] veth1_vlan: entered promiscuous mode [ 9005.642965][ T7263] veth0_macvtap: entered promiscuous mode [ 9006.937017][ T7263] veth1_macvtap: entered promiscuous mode [ 9008.645322][ T7270] veth0_vlan: entered promiscuous mode [ 9011.136809][ T7270] veth1_vlan: entered promiscuous mode [ 9013.275543][ T7275] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9013.316747][ T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9013.339466][ T50] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9013.353543][ T50] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9019.043200][ T7270] veth0_macvtap: entered promiscuous mode [ 9020.702312][ T7270] veth1_macvtap: entered promiscuous mode [ 9026.734430][ T5284] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9026.808177][ T5284] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9026.867661][ T5284] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9026.887379][ T5284] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9599.212568][ T4564] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9602.156602][ T4564] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9604.892911][ T4564] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9607.292724][ T4564] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9643.619015][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9644.073778][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9644.313283][ T4564] bond0 (unregistering): Released all slaves [ 9646.663298][ T4564] hsr_slave_0: left promiscuous mode [ 9646.790627][ T4564] hsr_slave_1: left promiscuous mode [ 9648.015390][ T4564] veth1_macvtap: left promiscuous mode [ 9648.053453][ T4564] veth0_macvtap: left promiscuous mode [ 9648.083921][ T4564] veth1_vlan: left promiscuous mode [ 9648.116489][ T4564] veth0_vlan: left promiscuous mode [ 9701.504147][ T4564] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9703.883695][ T4564] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9706.839225][ T4564] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9708.818442][ T4564] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9738.744917][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 9739.037050][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 9739.312382][ T4564] bond0 (unregistering): Released all slaves [ 9743.228465][ T4564] hsr_slave_0: left promiscuous mode [ 9743.377257][ T4564] hsr_slave_1: left promiscuous mode [ 9744.908133][ T4564] veth1_macvtap: left promiscuous mode [ 9744.931469][ T4564] veth0_macvtap: left promiscuous mode [ 9744.943354][ T4564] veth1_vlan: left promiscuous mode [ 9744.957341][ T4564] veth0_vlan: left promiscuous mode [ 9803.258276][ T7759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9803.648009][ T7759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9813.072600][ T7770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 9813.526583][ T7770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 9843.075683][ T7759] hsr_slave_0: entered promiscuous mode [ 9843.226089][ T7759] hsr_slave_1: entered promiscuous mode [ 9854.514226][ T7770] hsr_slave_0: entered promiscuous mode [ 9854.625036][ T7770] hsr_slave_1: entered promiscuous mode [ 9854.699289][ T7770] debugfs: 'hsr0' already exists in 'hsr' [ 9854.704765][ T7770] Cannot create hsr debugfs directory [ 9883.127456][ T7759] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 9885.725157][ T7759] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 9888.411768][ T7759] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 9889.317603][ T7759] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 9901.955255][ T7770] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 9902.578783][ T7770] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 9903.196856][ T7770] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 9903.781025][ T7770] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 9925.914141][ T7759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9935.924838][ T7770] 8021q: adding VLAN 0 to HW filter on device bond0 [10070.914331][ T7759] veth0_vlan: entered promiscuous mode [10072.122931][ T7759] veth1_vlan: entered promiscuous mode [10076.043622][ T7759] veth0_macvtap: entered promiscuous mode [10077.065719][ T7759] veth1_macvtap: entered promiscuous mode [10082.414022][ T7002] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10082.443672][ T3381] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10082.509087][ T3381] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10082.522222][ T3381] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10084.204498][ T7770] veth0_vlan: entered promiscuous mode [10087.273033][ T7770] veth1_vlan: entered promiscuous mode [10093.504344][ T7770] veth0_macvtap: entered promiscuous mode [10094.219065][ T7770] veth1_macvtap: entered promiscuous mode [10099.505982][ T7275] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [10099.531545][ T7037] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [10099.532470][ T7037] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [10099.533179][ T7037] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [10326.673662][ T8069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10327.299574][ T8069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10336.727667][ T8074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [10337.444819][ T8074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [10385.344241][ T8069] hsr_slave_0: entered promiscuous mode [10385.497751][ T8069] hsr_slave_1: entered promiscuous mode [10385.644403][ T8069] debugfs: 'hsr0' already exists in 'hsr' [10385.670994][ T8069] Cannot create hsr debugfs directory [10396.031905][ T8074] hsr_slave_0: entered promiscuous mode [10396.108876][ T8074] hsr_slave_1: entered promiscuous mode [10396.316450][ T8074] debugfs: 'hsr0' already exists in 'hsr' [10396.364362][ T8074] Cannot create hsr debugfs directory [10456.237980][ T8069] netdevsim netdevsim6 netdevsim0: renamed from eth0 [10457.607138][ T8069] netdevsim netdevsim6 netdevsim1: renamed from eth1 [10458.652884][ T8069] netdevsim netdevsim6 netdevsim2: renamed from eth2 [10459.404665][ T8069] netdevsim netdevsim6 netdevsim3: renamed from eth3 [10468.635478][ T8074] netdevsim netdevsim7 netdevsim0: renamed from eth0 [10469.268913][ T8074] netdevsim netdevsim7 netdevsim1: renamed from eth1 [10469.973006][ T8074] netdevsim netdevsim7 netdevsim2: renamed from eth2 [10470.717569][ T8074] netdevsim netdevsim7 netdevsim3: renamed from eth3 [10510.199161][ T8069] 8021q: adding VLAN 0 to HW filter on device bond0 [10521.107589][ T8074] 8021q: adding VLAN 0 to HW filter on device bond0 [10584.348405][ T27] INFO: task syz.5.581:8052 blocked for more than 430 seconds. [10584.423852][ T27] Not tainted syzkaller #0 [10584.431294][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [10584.431895][ T27] task:syz.5.581 state:D stack:0 pid:8052 tgid:8052 ppid:7759 task_flags:0x400040 flags:0x00000019 [10584.433383][ T27] Call trace: [10584.433873][ T27] __switch_to+0x584/0xb20 (T) [10584.435986][ T27] __schedule+0x1eec/0x33a4 [10584.436561][ T27] schedule+0xac/0x27c [10584.437021][ T27] schedule_timeout+0x5c/0x1e4 [10584.437544][ T27] do_wait_for_common+0x28c/0x444 [10584.438002][ T27] wait_for_completion+0x44/0x5c [10584.438486][ T27] __synchronize_srcu+0x2a4/0x320 [10584.439004][ T27] synchronize_srcu+0x3cc/0x4f0 [10584.439511][ T27] mmu_notifier_unregister+0x320/0x42c [10584.612750][ T27] kvm_put_kvm+0x698/0xbe8 [10584.613351][ T27] kvm_vm_release+0x58/0x78 [10584.613821][ T27] __fput+0x4ac/0x980 [10584.614301][ T27] ____fput+0x20/0x58 [10584.614793][ T27] task_work_run+0x1bc/0x254 [10584.615254][ T27] exit_to_user_mode_loop+0xfc/0x178 [10584.615705][ T27] el0_svc+0x170/0x234 [10584.616196][ T27] el0t_64_sync_handler+0x84/0x12c [10584.616691][ T27] el0t_64_sync+0x198/0x19c [10584.618328][ T27] [10584.618328][ T27] Showing all locks held in the system: [10584.618839][ T27] 1 lock held by khungtaskd/27: [10584.619244][ T27] #0: ffff800087957348 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [10584.778284][ T27] 3 locks held by kworker/u4:4/50: [10584.778826][ T27] 2 locks held by getty/3195: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [10584.779195][ T27] #0: 96f00000120328a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [10584.863271][ T27] #1: 15ff80008c6db2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [10584.865010][ T27] 2 locks held by syz-executor/3320: [10584.865366][ T27] 2 locks held by kworker/u4:12/4564: [10584.865667][ T27] #0: e0f000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [10584.867317][ T27] #1: ffff80008e947c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [10584.868888][ T27] 2 locks held by kworker/u4:7/5080: [10584.869205][ T27] #0: e0f000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [10585.036422][ T27] #1: ffff80008cf77c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [10585.038094][ T27] 3 locks held by kworker/u4:10/6397: [10585.038459][ T27] 3 locks held by kworker/u4:5/6725: [10585.038796][ T27] 3 locks held by kworker/u4:9/7037: [10585.039134][ T27] 3 locks held by kworker/u4:15/7275: [10585.039488][ T27] 3 locks held by kworker/u4:0/7773: [10585.133105][ T27] 2 locks held by kworker/u4:11/7774: [10585.133580][ T27] #0: e0f000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [10585.135315][ T27] #1: ffff80008cfb7c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [10585.136969][ T27] 2 locks held by syz.4.580/8048: [10585.137341][ T27] 3 locks held by kworker/u4:1/8123: [10585.137684][ T27] 2 locks held by kworker/u4:13/8196: [10585.137992][ T27] 1 lock held by modprobe/8238: [10585.138302][ T27] 4 locks held by modprobe/8240: [10585.138854][ T27] [10585.139122][ T27] ============================================= [10585.139122][ T27]